samba4: security bump to version 4.4.8

Fixes:
CVE-2016-2123 - Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer
Overflow Remote Code Execution Vulnerability.
CVE-2016-2125 - Unconditional privilege delegation to Kerberos servers
in trusted realms.
CVE-2016-2126 - Flaws in Kerberos PAC validation can trigger privilege
elevation.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 80e0583a7046aa2178928d5481b6a22148a2d5e2)

diff --git a/package/samba4/samba4.hash b/package/samba4/samba4.hash
index d6433f74f045b5e019992ac72121115649d7cd12..1e36d73fb4d5bdd99f6640f8f5114015f298e721 100644 (file)
--- a/package/samba4/samba4.hash
+++ b/package/samba4/samba4.hash
@@ -1,2 +1,2 @@
 # Locally calculated
-sha256 a69d6612e4a421640242ca66c4dbb0e4c20281e77dc24970a332770814d45c7c        samba-4.4.7.tar.gz
+sha256 0e54de8a22b77f9712578029639331b51f818b70e194766c98475a5b99470fbf        samba-4.4.8.tar.gz

diff --git a/package/samba4/samba4.mk b/package/samba4/samba4.mk
index 71cb4261e3c88a002f2398de5d6f0a08c0597992..778902fd5f62b7c83c4d8ccf1e281c9a0c843b05 100644 (file)
--- a/package/samba4/samba4.mk
+++ b/package/samba4/samba4.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-SAMBA4_VERSION = 4.4.7
+SAMBA4_VERSION = 4.4.8
 SAMBA4_SITE = http://ftp.samba.org/pub/samba/stable
 SAMBA4_SOURCE = samba-$(SAMBA4_VERSION).tar.gz
 SAMBA4_INSTALL_STAGING = YES