head	1.2;
access;
symbols
	pkgsrc-2026Q1:1.2.0.52
	pkgsrc-2026Q1-base:1.2
	pkgsrc-2025Q4:1.2.0.50
	pkgsrc-2025Q4-base:1.2
	pkgsrc-2025Q3:1.2.0.48
	pkgsrc-2025Q3-base:1.2
	pkgsrc-2025Q2:1.2.0.46
	pkgsrc-2025Q2-base:1.2
	pkgsrc-2025Q1:1.2.0.44
	pkgsrc-2025Q1-base:1.2
	pkgsrc-2024Q4:1.2.0.42
	pkgsrc-2024Q4-base:1.2
	pkgsrc-2024Q3:1.2.0.40
	pkgsrc-2024Q3-base:1.2
	pkgsrc-2024Q2:1.2.0.38
	pkgsrc-2024Q2-base:1.2
	pkgsrc-2024Q1:1.2.0.36
	pkgsrc-2024Q1-base:1.2
	pkgsrc-2023Q4:1.2.0.34
	pkgsrc-2023Q4-base:1.2
	pkgsrc-2023Q3:1.2.0.32
	pkgsrc-2023Q3-base:1.2
	pkgsrc-2023Q2:1.2.0.30
	pkgsrc-2023Q2-base:1.2
	pkgsrc-2023Q1:1.2.0.28
	pkgsrc-2023Q1-base:1.2
	pkgsrc-2022Q4:1.2.0.26
	pkgsrc-2022Q4-base:1.2
	pkgsrc-2022Q3:1.2.0.24
	pkgsrc-2022Q3-base:1.2
	pkgsrc-2022Q2:1.2.0.22
	pkgsrc-2022Q2-base:1.2
	pkgsrc-2022Q1:1.2.0.20
	pkgsrc-2022Q1-base:1.2
	pkgsrc-2021Q4:1.2.0.18
	pkgsrc-2021Q4-base:1.2
	pkgsrc-2021Q3:1.2.0.16
	pkgsrc-2021Q3-base:1.2
	pkgsrc-2021Q2:1.2.0.14
	pkgsrc-2021Q2-base:1.2
	pkgsrc-2021Q1:1.2.0.12
	pkgsrc-2021Q1-base:1.2
	pkgsrc-2020Q4:1.2.0.10
	pkgsrc-2020Q4-base:1.2
	pkgsrc-2020Q3:1.2.0.8
	pkgsrc-2020Q3-base:1.2
	pkgsrc-2020Q2:1.2.0.6
	pkgsrc-2020Q2-base:1.2
	pkgsrc-2020Q1:1.2.0.2
	pkgsrc-2020Q1-base:1.2
	pkgsrc-2019Q4:1.2.0.4
	pkgsrc-2019Q4-base:1.2
	pkgsrc-2019Q3:1.1.0.4
	pkgsrc-2019Q3-base:1.1
	pkgsrc-2019Q2:1.1.0.2
	pkgsrc-2019Q2-base:1.1;
locks; strict;
comment	@# @;


1.2
date	2019.11.10.17.01.58;	author adam;	state Exp;
branches;
next	1.1;
commitid	RfZ7NLoOHs32jkKB;

1.1
date	2019.06.28.17.13.51;	author jperkin;	state Exp;
branches;
next	;
commitid	ipiCsvP09XMYIYsB;


desc
@@


1.2
log
@samba4: updated to 4.11.2

4.11.2:
This is a security release in order to address the following defects:
o CVE-2019-10218: Client code can return filenames containing path separators.
o CVE-2019-14833: Samba AD DC check password script does not receive the full
		  password.
o CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP server
		  via dirsync.

4.11.1:
This is the latest stable release of the Samba 4.11 release series.


Changes since 4.11.0:
* BUG 14141: getpwnam and getpwuid need to return data for ID_TYPE_BOTH
  group.
* BUG 14094: smbc_readdirplus() is incompatible with smbc_telldir() and
  smbc_lseekdir().
* BUG 14152: s3: smbclient: Stop an SMB2-connection from blundering into
  SMB1-specific calls.
* BUG 14137: Fix stale file handle error when using mkstemp on a share.
* BUG 14106: Fix spnego fallback from kerberos to ntlmssp in smbd server.
* BUG 14140: Overlinking libreplace against librt and pthread against every
  binary or library causes issues.
* BUG 14130: s3-winbindd: Fix forest trusts with additional trust attributes.
* BUG 14134: auth/gensec: Fix non-AES schannel seal.
* BUG 14147: Deleted records can be resurrected during recovery.
* BUG 14136: Fix uncaught exception in classicupgrade.
* BUG 14139: fault.c: Improve fault_report message text pointing to our wiki.
* BUG 14128: s3:client: Use DEVICE_URI, instead of argv[0], for Device URI.
* BUG 14124: pam_winbind with krb5_auth or wbinfo -K doesn't work for users
  of trusted domains/forests.
* BUG 14131: Remove 'pod2man' as it is no longer needed.
* BUG 13884: Joining Active Directory should not use SAMR to set the
  password.
* BUG 14140: Overlinking libreplace against librt and pthread against every
  binary or library causes issues.
* BUG 14155: 'kpasswd' fails when built with MIT Kerberos.
* BUG 14129: Exit code of ctdb nodestatus should not be influenced by deleted
  nodes.

4.11.0:
* BUG 14049: ldb: Don't try to save a value that isn't there.
* ldb_dn: Free dn components on explode failure.
* ldb: Do not allow adding a DN as a base to itself.
* ldb: Release ldb 2.0.7.
* BUG 13695: ldb: Correct Pigeonhole principle validation in
  ldb_filter_attrs().
* BUG 14049: Fix ldb dn crash.
* BUG 14117: Deprecate "lanman auth = yes" and "encrypt passwords = no".
* BUG 14038: Fix compiling ctdb on older systems lacking POSIX robust
  mutexes.
* BUG 14121: smbd returns bad File-ID on filehandle used to create a file or
  directory.
* BUG 14098: vfs_glusterfs: Use pthreadpool for scheduling aio operations.
* BUG 14055: Add the target server name of SMB 3.1.1 connections as a hint to
  load balancers or servers with "multi-tenancy" support.
* BUG 14113: Fix byte range locking bugs/regressions.
* ldb: Fix mem-leak if talloc_realloc fails.
* BUG 14007: Fix join with don't exists machine account.
* BUG 14085: ctdb-recoverd: Only check for LMASTER nodes in the VNN map.

CHANGES SINCE 4.11.0rc2
* BUG 13972: Different Device Id for GlusterFS FUSE mount is causing data
  loss in CTDB cluster.
* BUG 14035: CVE-2019-10197: Permissions check deny can allow user to escape
  from the share.
* BUG 14059: ldb: Release ldb 2.0.6 (log database repack so users know what
  is happening).
* BUG 14092: docs: Deprecate "rndc command" for Samba 4.11.
* BUG 14059: ldb: Free memory when repacking database.
* BUG 14089: vfs_default: Use correct flag in vfswrap_fs_file_id.
* BUG 14090: vfs_glusterfs: Initialize st_ex_file_id, st_ex_itime and
  st_ex_iflags.
* BUG 14093: vfs_glusterfs: Enable profiling for file system operations.
* BUG 14059: Backport sambadowngradedatabase for v4.11.
* BUG 14035: CVE-2019-10197: Permissions check deny can allow user to escape
  from the share.
* BUG 14032: vfs_gpfs: Implement special case for denying owner access to
  ACL.
* BUG 14084: Avoid marking a node as connected before it can receive packets.
* BUG 14086: Fix onnode test failure with ShellCheck >= 0.4.7.
* BUG 14087: ctdb-daemon: Stop "ctdb stop" from completing before freezing
  databases.
@
text
@$NetBSD: patch-libcli_dns_wscript__build,v 1.1 2019/06/28 17:13:51 jperkin Exp $

Don't build resolvconftest on SunOS (lacks fmemopen).

--- libcli/dns/wscript_build.orig	2019-07-09 10:08:41.000000000 +0000
+++ libcli/dns/wscript_build
@@@@ -1,11 +1,14 @@@@
 #!/usr/bin/env python
 
+import sys
+
 bld.SAMBA_LIBRARY('clidns',
         source='dns.c resolvconf.c',
         public_deps='LIBTSOCKET tevent-util ndr-standard',
         private_library=True)
 
-bld.SAMBA_BINARY('resolvconftest',
+if not sys.platform.startswith('sunos'):
+  bld.SAMBA_BINARY('resolvconftest',
                   source='resolvconftest.c',
                   deps='clidns',
                   enabled=bld.CONFIG_SET('HAVE_FMEMOPEN'),
@


1.1
log
@samba4: Build fixes for SunOS.
@
text
@d1 1
a1 1
$NetBSD$
d5 1
a5 1
--- libcli/dns/wscript_build.orig	2019-05-07 08:38:21.000000000 +0000
d22 1
a22 1
                   install=False)
@