From unknown Sat Aug 16 18:43:26 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#43553] [PATCH] gnu: samba: Update to 4.12.7 [security fixes]. Resent-From: Pierre Langlois Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 21 Sep 2020 19:03:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 43553 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 43553@debbugs.gnu.org X-Debbugs-Original-To: Guix-patches Received: via spool by submit@debbugs.gnu.org id=B.160071493827932 (code B ref -1); Mon, 21 Sep 2020 19:03:02 +0000 Received: (at submit) by debbugs.gnu.org; 21 Sep 2020 19:02:18 +0000 Received: from localhost ([127.0.0.1]:56211 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kKR4n-0007Cf-GR for submit@debbugs.gnu.org; Mon, 21 Sep 2020 15:02:18 -0400 Received: from lists.gnu.org ([209.51.188.17]:53478) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kKR4l-0007B3-Ic for submit@debbugs.gnu.org; Mon, 21 Sep 2020 15:02:12 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36446) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kKR4l-00021R-9x for guix-patches@gnu.org; Mon, 21 Sep 2020 15:02:11 -0400 Received: from mout.gmx.net ([212.227.15.19]:59229) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kKR4i-00022S-Ef for guix-patches@gnu.org; Mon, 21 Sep 2020 15:02:10 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1600714924; bh=abguCsfgij8Fo0eDZpSkJUg10yuKL3NKqPTSKXz3tRc=; h=X-UI-Sender-Class:From:To:Subject:Date; b=afT3W0TV145cJ5CHQixqnfRFC0TnxpjcGbwaZZufrzvZJiQdTtAwc9euteAtvpFMf bNYWB5m6h0LDSO8Ob938mHdbKEoisPVJPAE8GBzlYbbnYEcETDhvQOTIYxL4/n5DUq 2848SaUxOb+HR5a0kR+obzJsFm0FkRi/dM3/pzkY= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from labiere ([82.69.64.142]) by mail.gmx.com (mrgmx005 [212.227.17.184]) with ESMTPSA (Nemesis) id 1N3siA-1kSzhE1pL6-00zrcw for ; Mon, 21 Sep 2020 21:02:04 +0200 User-agent: mu4e 1.4.13; emacs 27.1 From: Pierre Langlois Date: Mon, 21 Sep 2020 20:02:03 +0100 Message-ID: <87wo0nuf6c.fsf@gmx.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Provags-ID: V03:K1:Xn3o5kgV0nCNb9Y4g5N6x9zisdRoJNjfhfLVHdqLI2OIlH2OUkN cFydoa9topTopMpJcJ3ItglAwoxaINFaovsMRHr4JCPj+4nE+KqXl1snj1h/60o9E/Ybov2 PmYbobGMO0HhoI4IxBky9crtvUD/tURbDtMcHUq9jdha0najxMcgAHzx/2r3HRJr3YPUdne +2DYO8pXxCRNyVD/hipwA== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:cx+OEdGaK3A=:1nzj6Iq1erz0S2BxK5jNNk 6E47S6YguJ7uI/d06cEI8ro148PKq6N88uiap4RUo5kDcY61VvDl81qyt71qpqo/MlU9DSOof MhlFIhtHeKFZLX55ohd/8By9OYk6vHEgV9070gMLs9SkYkDnapkZsaSK37oCzBtZ9dJjKC3gO eGoCn3k5F0+vng7ANtmDc5/B0A/qHdAUI2XxJgZn1MP3yXIPD7EoYzuGLx92fzhLX8cNSKQwk hD+KLToxMv0Qxv2H5JcTuUsFldr8MS4O780n5aANqaiwuGbfaUxgvHJrkJuianKpVeQCtxAr3 4gjwMoFNONaxJKar4B7VIxgOBYqPTZRZaZ2wale/LKnQGJ/O6DqEwdrinKG/0yYhqSQc6H4Dd cxmFQTjZ8hseOriecIKLDd1Wni8oVD7gXPxrebluvZ+abpw2PLRLZv0YFq4wsS93vtQ740Dgd eLlD0kc2nikoFEHfeJVyWWtlooFSJi5MDpvpYijL2P5m4QtAsTN6QFImAcRegBqPB2WTeZS8x 4clIzPk94zw6fi0pH/Lw7T65RYumPRmWknRF0QkiLpZgHNkI1WkPMh8N64l4Y0Cujxwl3kYkx PUc4F9djyo9imPK6Yi1ZiUeQsWoczKdYCy0TeUfgh5SquzfbuQimIw6A5V2OJfea7MY4FPttB KK359d4r2WAMx/ePO2kkqYHiPo+a+2aEqkuMRyDX2juK6GrmCwCfNRli3FujDs+Wwmsy5hc39 EQ23JZfV/ntz4ZmA0htIVMcyOqfgAFvquD5R+YvYFaaY8CAJjeoJlaaDnpzJ42+Gm+cuVCswt K2EMGqBMne65riwC8zcturrvyd1QXsbKw1O6k64gqcRJKOct15lngNgr4419jvfIoB7JgGzM7 iarjc42oEzOmC1fsxq7Z0ewvyzg1NQlnWLbNiAnKwApLRjE8k4QmF6IpGYa5ryOCqxpI75Ptz MMVECMPdNJhuNI+1WyswC2fyyLNNyVB1ztbxmtldu6lPbrNE/YCoKOewO3hfY1kkYvSA+tjBn pbNZQfZiZen9mJeY2erfe1yGSLD7UtG0VdardHkDBLqGeR00eXKFrLzwGbxmdTGXpSvKIoH0J nThc5zQhMvJq6jidtZY+X57JV84Sjz47kzOzJimaa3GjeA77wkTWJWK1lnMylQwcTZTy4C2Ee MAcKPPzJRgvV9OaTceYxUK8dp11E8TaQu5CzwhOpHDwWMC5katTHIL6otlTBGt9OA2hfswTc/ PqE2If3+Vi0h9DhgW6lgOwWV+3doeCSIZgBYF+Q== Received-SPF: pass client-ip=212.227.15.19; envelope-from=pierre.langlois@gmx.com; helo=mout.gmx.net X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/21 15:02:05 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] X-Spam_score_int: -25 X-Spam_score: -2.6 X-Spam_bar: -- X-Spam_report: (-2.6 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: 0.6 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.4 (--) --=-=-= Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" --==-=-= Content-Type: text/plain Hello Guix! I was just looking into fixing a Samba build issue for AArch64 (another patch incoming :-) ). But noticed the package was out-of-date and there were multiple CVEs fixes since then. OK to commit? I suppose this is trivial enough that I should be able to just push this without asking first, right? I wasn't yet feeling confident enough with my powers to do that just yet :-). Thanks, Pierre --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQFMBAEBCgA2FiEEctU9gYy29KFyWDdMqPyeRH9PfVQFAl9o+KsYHHBpZXJyZS5s YW5nbG9pc0BnbXguY29tAAoJEKj8nkR/T31UXzIH/3tMIsUajHSIB+G3NhHHN/Lu aUG5hpuRHf2zQPLMZSoYB4N9lA5fh5dpketD5UEqeXAVEsnFkV4YsoMzhamJZit0 yLfs4CzmCZ6zCXB6S1IRzR2kgIPdhCYm7JpQhgyXTN7nJ8ywz1OjQOvHEXqEvDlZ xUk+2xiRTqWVD3pojEm0adQ2U85eiGuGUpUXPXLRmdD9Kes0M2K7hX6KDJKneBfq joYj/z1n0kbHLvwP6JgQPw54oiq2tvVAptIHE3PD99lttH0/z/fqiQtK7R54yEsO i8PF+1rqG2ID7tN4CWjwhI4uyBqhUgbltVRBIWPzOGPxtPmEnU14qrYpSWAtaw8= =Wwm9 -----END PGP SIGNATURE----- --==-=-=-- --=-=-= Content-Type: text/x-patch; charset=utf-8 Content-Disposition: inline; filename=0001-gnu-samba-Update-to-4.12.7-security-fixes.patch Content-Transfer-Encoding: quoted-printable >From 8c61bd537da8f10c83e1e8e5718fbc2d3d874d1a Mon Sep 17 00:00:00 2001 From: Pierre Langlois Date: Mon, 21 Sep 2020 19:50:08 +0100 Subject: [PATCH] gnu: samba: Update to 4.12.7 [security fixes]. Fixes CVE-2020-1472 with 4.12.7. Fixes CVE-2020-10730, CVE-2020-10745, CVE-2020-10760 and CVE-2020-14303 with 4.12.4. * gnu/packages/samba.org (samba): Update to 4.12.7. --- gnu/packages/samba.scm | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/gnu/packages/samba.scm b/gnu/packages/samba.scm index 84e389340b..c04426c49c 100644 --- a/gnu/packages/samba.scm +++ b/gnu/packages/samba.scm @@ -8,6 +8,7 @@ ;;; Copyright =C2=A9 2018, 2019, 2020 Tobias Geerinckx-Rice ;;; Copyright =C2=A9 2018 Ricardo Wurmus ;;; Copyright =C2=A9 2019 Rutger Helling +;;; Copyright =C2=A9 2020 Pierre Langlois ;;; ;;; This file is part of GNU Guix. ;;; @@ -173,14 +174,14 @@ external dependencies.") (define-public samba (package (name "samba") - (version "4.12.3") + (version "4.12.7") (source (origin (method url-fetch) (uri (string-append "https://download.samba.org/pub/samba/stable/" "samba-" version ".tar.gz")) (sha256 - (base32 "09w7aap1cjc41ayhaksm1igc7p7gl40fad4a1l6q4ds9a2jbrb9z")) + (base32 "1lkgih0vrarf5zy6chspkwarqdylzwr63nxr3qjkpazrs86nlm9h")) (modules '((guix build utils))) (snippet '(begin --=20 2.28.0 --=-=-=-- From unknown Sat Aug 16 18:43:26 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#43553] [PATCH] gnu: samba: Update to 4.12.7 [security fixes]. Resent-From: Efraim Flashner Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 21 Sep 2020 19:38:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 43553 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Pierre Langlois Cc: 43553@debbugs.gnu.org Received: via spool by 43553-submit@debbugs.gnu.org id=B43553.16007170778828 (code B ref 43553); Mon, 21 Sep 2020 19:38:02 +0000 Received: (at 43553) by debbugs.gnu.org; 21 Sep 2020 19:37:57 +0000 Received: from localhost ([127.0.0.1]:56362 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kKRdM-0002IJ-Kr for submit@debbugs.gnu.org; Mon, 21 Sep 2020 15:37:56 -0400 Received: from flashner.co.il ([178.62.234.194]:47454) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kKRdK-0002I1-3o for 43553@debbugs.gnu.org; Mon, 21 Sep 2020 15:37:54 -0400 Received: from localhost (unknown [31.210.181.177]) by flashner.co.il (Postfix) with ESMTPSA id 9E9DF40045; Mon, 21 Sep 2020 19:37:47 +0000 (UTC) Date: Mon, 21 Sep 2020 22:37:14 +0300 From: Efraim Flashner Message-ID: <20200921193714.GC1007@E5400> References: <87wo0nuf6c.fsf@gmx.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="x4pBfXISqBoDm8sr" Content-Disposition: inline In-Reply-To: <87wo0nuf6c.fsf@gmx.com> X-PGP-Key-ID: 0x41AAE7DCCA3D8351 X-PGP-Key: https://flashner.co.il/~efraim/efraim_flashner.asc X-PGP-Fingerprint: A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 X-Spam-Score: -0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --x4pBfXISqBoDm8sr Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Sep 21, 2020 at 08:02:03PM +0100, Pierre Langlois wrote: > Hello Guix! >=20 > I was just looking into fixing a Samba build issue for AArch64 (another > patch incoming :-) ). But noticed the package was out-of-date and there > were multiple CVEs fixes since then. >=20 > OK to commit? >=20 > I suppose this is trivial enough that I should be able to just push this > without asking first, right? I wasn't yet feeling confident enough with > my powers to do that just yet :-). >=20 > Thanks, > Pierre >=20 Yeah, you can just go ahead and push it. Everything looks good. --=20 Efraim Flashner =D7=90=D7=A4=D7=A8=D7=99=D7=9D = =D7=A4=D7=9C=D7=A9=D7=A0=D7=A8 GPG key =3D A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 Confidentiality cannot be guaranteed on emails sent or received unencrypted --x4pBfXISqBoDm8sr Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEoov0DD5VE3JmLRT3Qarn3Mo9g1EFAl9pAOcACgkQQarn3Mo9 g1GZzBAAwH4Nnkhm7A5rj5za26YF3yX9cUza1VRn7DhtCTE1oqu5FRVhRsgj4mJX McGqmaiHBBlE5ITuX8w1snJ95164443+g0VwvQabdr3TP1tK8rUaC9PIPEEviRkL iPPgD+hNeeFvi+CbRVlpJPMGDl3d4XQLLgTIcpiwkjnU5Fb4A3qxsXQfhnhV3Ugo G+YWGyEIFVvkCNgdnuarh1tnCFqTWW6S/w6dGD+0dM8CeQRG/sxMgEgiQYlHqsxj C0PgyFSUxNEWAQeSwOhNhLaTEuhGiDVJhUTdNY+N/NuTwwRQ9xqleOyrSLRr2VWO KTEgqYIIZ3u6gaOeSrEPbTyFX7JoR822b8hHDTl4dPJNZ5HjqqgYxKOfnY2jzk9z +PCs8bBnILEqNpjWjchCwitWvLeNRJH03elust5J14MKrM8HPtJvAa9W65DpPtAZ C0QGtMbjvN1Ctzn/o3FG1c6xIzRV//w1l0GCvLcXofz1YA9/pNpEu/6ZGD2OKvS8 B2b0hs6TvpUlnru8ldQTRbfHPIoDVCx+n6Fju+LcDHGrnEnnOWaKuV1LV6nGHeGB krD4TAlvlzFUyoDM4REXA1aM2GZvjQHHdId8IzxL2fczjDJL1eNRMrbir7PefS9j seFZy58GY/o/hY1LkC3fv3kwcWntUcvJWSFVYEFDMlHsDjCxWPg= =HoHN -----END PGP SIGNATURE----- --x4pBfXISqBoDm8sr-- From unknown Sat Aug 16 18:43:26 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: Pierre Langlois Subject: bug#43553: closed (Re: [bug#43553] [PATCH] gnu: samba: Update to 4.12.7 [security fixes].) Message-ID: References: <87ft7avrnd.fsf@gmx.com> <87wo0nuf6c.fsf@gmx.com> X-Gnu-PR-Message: they-closed 43553 X-Gnu-PR-Package: guix-patches X-Gnu-PR-Keywords: patch Reply-To: 43553@debbugs.gnu.org Date: Mon, 21 Sep 2020 19:48:02 +0000 Content-Type: multipart/mixed; boundary="----------=_1600717682-18251-1" This is a multi-part message in MIME format... ------------=_1600717682-18251-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #43553: [PATCH] gnu: samba: Update to 4.12.7 [security fixes]. which was filed against the guix-patches package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 43553@debbugs.gnu.org. --=20 43553: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D43553 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1600717682-18251-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 43553-done) by debbugs.gnu.org; 21 Sep 2020 19:47:59 +0000 Received: from localhost ([127.0.0.1]:56404 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kKRn4-0004jt-Oy for submit@debbugs.gnu.org; Mon, 21 Sep 2020 15:47:58 -0400 Received: from mout.gmx.net ([212.227.15.15]:57623) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kKRn3-0004jf-Jx for 43553-done@debbugs.gnu.org; Mon, 21 Sep 2020 15:47:58 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1600717640; bh=yhobxS94obSMnolLk9nKDkLnl81iRPy6Cqcs+ZhSsOs=; h=X-UI-Sender-Class:References:From:To:Cc:Subject:In-reply-to:Date; b=O8IPqqWymZhRIfvsLolgPJZGsf5cgo3n+q26Ev6Efa1uM4hje7/S2X0Y/VSzEyYlQ nbOhbfrUJAGKL98o8CzH5GtaCkELKAI35Z9xh32tAOqBd51fQAcZVj4n7NB8eO2uwV IK0YZxHvcAouRud7E1/OZFJBjulALS8i7iE9Ngk4= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from labiere ([82.69.64.142]) by mail.gmx.com (mrgmx004 [212.227.17.184]) with ESMTPSA (Nemesis) id 1MmlT2-1kmfbK2jCQ-00jroT; Mon, 21 Sep 2020 21:47:20 +0200 References: <87wo0nuf6c.fsf@gmx.com> <20200921193714.GC1007@E5400> User-agent: mu4e 1.4.13; emacs 27.1 From: Pierre Langlois To: Efraim Flashner Subject: Re: [bug#43553] [PATCH] gnu: samba: Update to 4.12.7 [security fixes]. In-reply-to: <20200921193714.GC1007@E5400> Date: Mon, 21 Sep 2020 20:47:18 +0100 Message-ID: <87ft7avrnd.fsf@gmx.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Provags-ID: V03:K1:FuMFByjlQnN5gzTvT5QXeCY7WrYxDObnH+gbkrWtVT9c1TsTX7/ 8awcK5gX2QyGCyuy8A3GG3UHWf73tBhj2gla/HaXwr1mRw+nycAqeEziJGxoINK1kG8GNT0 jS3pCyN/HQcfPGwrK8ewm2Kx0gFwXWXftD6rkbMNCn2kWHOFj0mrYWWhwpwxn6oYBSlCY4L LS5FpSmmlOHnf5rj7T+HQ== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:kGxLItDyN28=:tiZo1jln/ivvLyx4L5RlRf cb2R2kLBNTN7pcP2AkupUi7xfKdc4ZwieTm6huqHAAKQneqm2QGwldEijIxFNtsvY++FSaJ52 N1Qr62bktvYKekxjy+iLr3mW5aecR3PvF9Hi7FPDMqmTRFToW8QPM0Ec6ochNB128fWd/2mwN vH7ShH96GxhE8Xr5q8UGAqBNv0cRMfBeAxe8NS1DMDHQrlejs+skNJDtSobbZ51Hmmxl+xFiq b9E9OO9IMxbwi1smzD4bmPFw8Ealmg6L5DUvcw0GzxkiQaWrFB2FV701oIT5uXU+7gcyeiCAW H452CT6q57rzc5K+O6ZoNJ7n+amv0ysR7I7jlV+qruw+qXx7ACnqKRJ/FantQesGaJsAcP4N2 3mOh7uGU4rA1OnqqvWa8+yGN46WQO8hDtb11z5p7QEmnkK9kj2erkn2Y3EN+n+gVJ2M/UcEHt TPmlLR5l3PJwe1f7Bnt4Wzim6+HqeEJtiKBOdsFOa1BZcfX+HNcHkQg2sZaEU85Z12znUlz1C sIIvB2MMY7nPKvyYf8T6FI8U8BQ4uWe4waOkwlmp0G+Xzuha+fkO6o71D1Zh8b4ozNl5pTwVQ VjrbLIBt8c+cQHcyLe9VHDM6CMYziRj6jdSlkyN1KgSJPmdw8iBPm8q1PyV6Vc3FdLwUxmfL7 HbgJcg0Sozq1vf5YB14VogaNSrdYZLBPPokrlUlJcVoX4mojJdrr8Dm++VbstnC27BmOIu0RG D83N0PJOwK6xZVWG/inXrxFuz8bZfxc6YvCq3TSVKZXKfipr4chUF6Jp3j2RiAzr1IMgIcfNR VowbvXJUI+/i6M98ngPVYYzeEL4oNeBTx4hF8bwssJZ/vrjcL7RUG2J7PTQy619WKmfxFpRJe Q/ZkfOOdy0g9lswKb/iJDrO+vizcNRKizrNJg+JV2+f+0/rROdBvI8A8y2a74GC7ozNj/6rOv ZYVwqH36WJUCo6d5sm/UnWLeORMtJoTsA9hUJLicNPa55Ko+v8/XJAW/wsdxE9UZT+XFE5PNX spt1VhhqddM9M798uxoGh95t/KiUq0BN48Z/aLcMyIGxKF37Ydstjd4TFAYITFtuLFXjpjKyh mm24QT7RSSIpH50I0pCI2t05BqnPO24mDBAf+ENDCL5GnXblRYt6H3ZM4ga9mPBf8mjLlihRK bfT4qlHOebYgh2/b9+Ur/nNifMs8/yI4VBjIZHaMF+NQIQqU6aJWidsamsoLDsCdt+tPpYnGn 1c3b1wo0QtS81L45eDWxtMSB6Cf3zNKE5OfO8iQ== X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 43553-done Cc: Pierre Langlois , 43553-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Efraim Flashner writes: > On Mon, Sep 21, 2020 at 08:02:03PM +0100, Pierre Langlois wrote: >> Hello Guix! >>=20 >> I was just looking into fixing a Samba build issue for AArch64 (another >> patch incoming :-) ). But noticed the package was out-of-date and there >> were multiple CVEs fixes since then. >>=20 >> OK to commit? >>=20 >> I suppose this is trivial enough that I should be able to just push this >> without asking first, right? I wasn't yet feeling confident enough with >> my powers to do that just yet :-). >>=20 >> Thanks, >> Pierre >>=20 > > Yeah, you can just go ahead and push it. Everything looks good. Awesome, pushed with a2b25890ee37c017bc77a6b923577f258fa3fba0 ! Thanks, Pierre --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQFMBAEBCgA2FiEEctU9gYy29KFyWDdMqPyeRH9PfVQFAl9pA0YYHHBpZXJyZS5s YW5nbG9pc0BnbXguY29tAAoJEKj8nkR/T31UzIsH/1VmyhGAQukcyVANxJJChH2Y ClTJIy5JcrWr3X6xuxN3lS9CzJ6727fB3UQiWgV3r971AKoTjsw0h6yKH/axYGE5 y+0gZap6WpH5V3C2yhW2JErzt1AwILeKoePePqRUmIdduM/WtMgtKnK85fBj89vq VgTbmDcucxg9DX3cYIdbePgPe5j9t5josiglc60VgqFp94YGloB9xKpTqzCmrhyu FPPJNIegvw6Ye5fa3veE8+TcYWBnCxQw6WdLcHu0RHy6PqL41WIkYIxlbwUbZ9rW 6JeqscHKFxwNiQndFkOAwZ+p+pCYQmZfeUh8GidE4TA+E9ROEXqjgBD9/qKCsKM= =VEeg -----END PGP SIGNATURE----- --=-=-=-- ------------=_1600717682-18251-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 21 Sep 2020 19:02:18 +0000 Received: from localhost ([127.0.0.1]:56211 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kKR4n-0007Cf-GR for submit@debbugs.gnu.org; Mon, 21 Sep 2020 15:02:18 -0400 Received: from lists.gnu.org ([209.51.188.17]:53478) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kKR4l-0007B3-Ic for submit@debbugs.gnu.org; Mon, 21 Sep 2020 15:02:12 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36446) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kKR4l-00021R-9x for guix-patches@gnu.org; Mon, 21 Sep 2020 15:02:11 -0400 Received: from mout.gmx.net ([212.227.15.19]:59229) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kKR4i-00022S-Ef for guix-patches@gnu.org; Mon, 21 Sep 2020 15:02:10 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1600714924; bh=abguCsfgij8Fo0eDZpSkJUg10yuKL3NKqPTSKXz3tRc=; h=X-UI-Sender-Class:From:To:Subject:Date; b=afT3W0TV145cJ5CHQixqnfRFC0TnxpjcGbwaZZufrzvZJiQdTtAwc9euteAtvpFMf bNYWB5m6h0LDSO8Ob938mHdbKEoisPVJPAE8GBzlYbbnYEcETDhvQOTIYxL4/n5DUq 2848SaUxOb+HR5a0kR+obzJsFm0FkRi/dM3/pzkY= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from labiere ([82.69.64.142]) by mail.gmx.com (mrgmx005 [212.227.17.184]) with ESMTPSA (Nemesis) id 1N3siA-1kSzhE1pL6-00zrcw for ; Mon, 21 Sep 2020 21:02:04 +0200 User-agent: mu4e 1.4.13; emacs 27.1 From: Pierre Langlois To: Guix-patches Subject: [PATCH] gnu: samba: Update to 4.12.7 [security fixes]. Date: Mon, 21 Sep 2020 20:02:03 +0100 Message-ID: <87wo0nuf6c.fsf@gmx.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Provags-ID: V03:K1:Xn3o5kgV0nCNb9Y4g5N6x9zisdRoJNjfhfLVHdqLI2OIlH2OUkN cFydoa9topTopMpJcJ3ItglAwoxaINFaovsMRHr4JCPj+4nE+KqXl1snj1h/60o9E/Ybov2 PmYbobGMO0HhoI4IxBky9crtvUD/tURbDtMcHUq9jdha0najxMcgAHzx/2r3HRJr3YPUdne +2DYO8pXxCRNyVD/hipwA== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:cx+OEdGaK3A=:1nzj6Iq1erz0S2BxK5jNNk 6E47S6YguJ7uI/d06cEI8ro148PKq6N88uiap4RUo5kDcY61VvDl81qyt71qpqo/MlU9DSOof MhlFIhtHeKFZLX55ohd/8By9OYk6vHEgV9070gMLs9SkYkDnapkZsaSK37oCzBtZ9dJjKC3gO eGoCn3k5F0+vng7ANtmDc5/B0A/qHdAUI2XxJgZn1MP3yXIPD7EoYzuGLx92fzhLX8cNSKQwk hD+KLToxMv0Qxv2H5JcTuUsFldr8MS4O780n5aANqaiwuGbfaUxgvHJrkJuianKpVeQCtxAr3 4gjwMoFNONaxJKar4B7VIxgOBYqPTZRZaZ2wale/LKnQGJ/O6DqEwdrinKG/0yYhqSQc6H4Dd cxmFQTjZ8hseOriecIKLDd1Wni8oVD7gXPxrebluvZ+abpw2PLRLZv0YFq4wsS93vtQ740Dgd eLlD0kc2nikoFEHfeJVyWWtlooFSJi5MDpvpYijL2P5m4QtAsTN6QFImAcRegBqPB2WTeZS8x 4clIzPk94zw6fi0pH/Lw7T65RYumPRmWknRF0QkiLpZgHNkI1WkPMh8N64l4Y0Cujxwl3kYkx PUc4F9djyo9imPK6Yi1ZiUeQsWoczKdYCy0TeUfgh5SquzfbuQimIw6A5V2OJfea7MY4FPttB KK359d4r2WAMx/ePO2kkqYHiPo+a+2aEqkuMRyDX2juK6GrmCwCfNRli3FujDs+Wwmsy5hc39 EQ23JZfV/ntz4ZmA0htIVMcyOqfgAFvquD5R+YvYFaaY8CAJjeoJlaaDnpzJ42+Gm+cuVCswt K2EMGqBMne65riwC8zcturrvyd1QXsbKw1O6k64gqcRJKOct15lngNgr4419jvfIoB7JgGzM7 iarjc42oEzOmC1fsxq7Z0ewvyzg1NQlnWLbNiAnKwApLRjE8k4QmF6IpGYa5ryOCqxpI75Ptz MMVECMPdNJhuNI+1WyswC2fyyLNNyVB1ztbxmtldu6lPbrNE/YCoKOewO3hfY1kkYvSA+tjBn pbNZQfZiZen9mJeY2erfe1yGSLD7UtG0VdardHkDBLqGeR00eXKFrLzwGbxmdTGXpSvKIoH0J nThc5zQhMvJq6jidtZY+X57JV84Sjz47kzOzJimaa3GjeA77wkTWJWK1lnMylQwcTZTy4C2Ee MAcKPPzJRgvV9OaTceYxUK8dp11E8TaQu5CzwhOpHDwWMC5katTHIL6otlTBGt9OA2hfswTc/ PqE2If3+Vi0h9DhgW6lgOwWV+3doeCSIZgBYF+Q== Received-SPF: pass client-ip=212.227.15.19; envelope-from=pierre.langlois@gmx.com; helo=mout.gmx.net X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/21 15:02:05 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] X-Spam_score_int: -25 X-Spam_score: -2.6 X-Spam_bar: -- X-Spam_report: (-2.6 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: 0.6 (/) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.4 (--) --=-=-= Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" --==-=-= Content-Type: text/plain Hello Guix! I was just looking into fixing a Samba build issue for AArch64 (another patch incoming :-) ). But noticed the package was out-of-date and there were multiple CVEs fixes since then. OK to commit? I suppose this is trivial enough that I should be able to just push this without asking first, right? I wasn't yet feeling confident enough with my powers to do that just yet :-). Thanks, Pierre --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQFMBAEBCgA2FiEEctU9gYy29KFyWDdMqPyeRH9PfVQFAl9o+KsYHHBpZXJyZS5s YW5nbG9pc0BnbXguY29tAAoJEKj8nkR/T31UXzIH/3tMIsUajHSIB+G3NhHHN/Lu aUG5hpuRHf2zQPLMZSoYB4N9lA5fh5dpketD5UEqeXAVEsnFkV4YsoMzhamJZit0 yLfs4CzmCZ6zCXB6S1IRzR2kgIPdhCYm7JpQhgyXTN7nJ8ywz1OjQOvHEXqEvDlZ xUk+2xiRTqWVD3pojEm0adQ2U85eiGuGUpUXPXLRmdD9Kes0M2K7hX6KDJKneBfq joYj/z1n0kbHLvwP6JgQPw54oiq2tvVAptIHE3PD99lttH0/z/fqiQtK7R54yEsO i8PF+1rqG2ID7tN4CWjwhI4uyBqhUgbltVRBIWPzOGPxtPmEnU14qrYpSWAtaw8= =Wwm9 -----END PGP SIGNATURE----- --==-=-=-- --=-=-= Content-Type: text/x-patch; charset=utf-8 Content-Disposition: inline; filename=0001-gnu-samba-Update-to-4.12.7-security-fixes.patch Content-Transfer-Encoding: quoted-printable >From 8c61bd537da8f10c83e1e8e5718fbc2d3d874d1a Mon Sep 17 00:00:00 2001 From: Pierre Langlois Date: Mon, 21 Sep 2020 19:50:08 +0100 Subject: [PATCH] gnu: samba: Update to 4.12.7 [security fixes]. Fixes CVE-2020-1472 with 4.12.7. Fixes CVE-2020-10730, CVE-2020-10745, CVE-2020-10760 and CVE-2020-14303 with 4.12.4. * gnu/packages/samba.org (samba): Update to 4.12.7. --- gnu/packages/samba.scm | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/gnu/packages/samba.scm b/gnu/packages/samba.scm index 84e389340b..c04426c49c 100644 --- a/gnu/packages/samba.scm +++ b/gnu/packages/samba.scm @@ -8,6 +8,7 @@ ;;; Copyright =C2=A9 2018, 2019, 2020 Tobias Geerinckx-Rice ;;; Copyright =C2=A9 2018 Ricardo Wurmus ;;; Copyright =C2=A9 2019 Rutger Helling +;;; Copyright =C2=A9 2020 Pierre Langlois ;;; ;;; This file is part of GNU Guix. ;;; @@ -173,14 +174,14 @@ external dependencies.") (define-public samba (package (name "samba") - (version "4.12.3") + (version "4.12.7") (source (origin (method url-fetch) (uri (string-append "https://download.samba.org/pub/samba/stable/" "samba-" version ".tar.gz")) (sha256 - (base32 "09w7aap1cjc41ayhaksm1igc7p7gl40fad4a1l6q4ds9a2jbrb9z")) + (base32 "1lkgih0vrarf5zy6chspkwarqdylzwr63nxr3qjkpazrs86nlm9h")) (modules '((guix build utils))) (snippet '(begin --=20 2.28.0 --=-=-=-- ------------=_1600717682-18251-1--