Update to Samba 4.6.15

Guenther
Update to Samba 4.6.14
2018-04-13 12:49:31 +02:00 · 2018-03-13 11:26:04 +01:00 · 2018-02-15 16:33:22 +01:00 · 2018-02-14 14:57:28 +01:00 · 2017-12-21 15:46:58 +01:00 · 2017-11-21 10:23:02 +01:00
3 changed files with 156 additions and 19 deletions
--- a/.gitignore
+++ b/.gitignore
@ -79,3 +79,35 @@ samba-3.6.0pre1.tar.gz
 /samba-4.6.0rc2.tar.asc
 /samba-4.6.0rc3.tar.asc
 /samba-4.6.0rc3.tar.xz
+/samba-4.6.0rc4.tar.xz
+/samba-4.6.0rc4.tar.asc
+/samba-4.6.0.tar.asc
+/samba-4.6.0.tar.xz
+/samba-4.6.1.tar.xz
+/samba-4.6.1.tar.asc
+/samba-4.6.2.tar.xz
+/samba-4.6.2.tar.asc
+/samba-4.6.3.tar.xz
+/samba-4.6.3.tar.asc
+/samba-4.6.4.tar.xz
+/samba-4.6.4.tar.asc
+/samba-4.6.5.tar.xz
+/samba-4.6.5.tar.asc
+/samba-4.6.7.tar.xz
+/samba-4.6.7.tar.asc
+/samba-4.6.8.tar.xz
+/samba-4.6.8.tar.asc
+/samba-4.6.9.tar.xz
+/samba-4.6.9.tar.asc
+/samba-4.6.10.tar.xz
+/samba-4.6.10.tar.asc
+/samba-4.6.11.tar.xz
+/samba-4.6.11.tar.asc
+/samba-4.6.12.tar.xz
+/samba-4.6.12.tar.asc
+/samba-4.6.13.tar.xz
+/samba-4.6.13.tar.asc
+/samba-4.6.14.tar.xz
+/samba-4.6.14.tar.asc
+/samba-4.6.15.tar.xz
+/samba-4.6.15.tar.asc
--- a/samba.spec
+++ b/samba.spec
@ -6,15 +6,15 @@
 # ctdb is enabled by default, you can disable it with: --without clustering
 %bcond_without clustering

-%define main_release 3
+%define main_release 0

-%define samba_version 4.6.0
-%define talloc_version 2.1.8
+%define samba_version 4.6.15
+%define talloc_version 2.1.9
 %define tdb_version 1.3.12
-%define tevent_version 0.9.31
+%define tevent_version 0.9.34
 %define ldb_version 1.1.29
 # This should be rc1 or nil
-%define pre_release rc3
+%define pre_release %nil

 %if "x%{?pre_release}" != "x"
 %define samba_release 0.%{main_release}.%{pre_release}%{?dist}
@ -65,6 +65,12 @@
 %global with_dc 1
 %endif

+%if %{with_dc}
+%global required_mit_krb5 1.15.1
+%else
+%global required_mit_krb5 1.10
+%endif
+
 %global with_clustering_support 0

 %if %{with clustering}
@ -93,8 +99,9 @@ Summary:        Server and Client software to interoperate with Windows machines
 License:        GPLv3+ and LGPLv3+
 URL:            http://www.samba.org/

+# This is a xz recompressed file of https://ftp.samba.org/pub/samba/samba-%{version}%{pre_release}.tar.gz
 Source0:        samba-%{version}%{pre_release}.tar.xz
-Source1:        samba-%{version}%{pre_release}.tar.asc
+Source1:        https://ftp.samba.org/pub/samba/samba-%{version}%{pre_release}.tar.asc
 Source2:        gpgkey-52FBC0B86D954B0843324CDC6F33915B6568B7EA.gpg

 # Red Hat specific replacement-files
@ -148,13 +155,12 @@ BuildRequires: docbook-style-xsl
 BuildRequires: e2fsprogs-devel
 BuildRequires: gawk
 BuildRequires: gnupg2
-BuildRequires: krb5-devel >= 1.14
+BuildRequires: krb5-devel >= %{required_mit_krb5}
 BuildRequires: libacl-devel
 BuildRequires: libaio-devel
 BuildRequires: libarchive-devel
 BuildRequires: libattr-devel
 BuildRequires: libcap-devel
-BuildRequires: libcmocka-devel
 BuildRequires: libuuid-devel
 BuildRequires: libxslt
 BuildRequires: ncurses-devel
@ -195,14 +201,14 @@ BuildRequires: python-crypto
 BuildRequires: perl(Parse::Yapp)

 %if ! %with_internal_talloc
-%global libtalloc_version 2.1.8
+%global libtalloc_version 2.1.9

 BuildRequires: libtalloc-devel >= %{libtalloc_version}
 BuildRequires: pytalloc-devel >= %{libtalloc_version}
 %endif

 %if ! %with_internal_tevent
-%global libtevent_version 0.9.31
+%global libtevent_version 0.9.34

 BuildRequires: libtevent-devel >= %{libtevent_version}
 BuildRequires: python-tevent >= %{libtevent_version}
@ -225,6 +231,7 @@ BuildRequires: python-tdb >= %{libtdb_version}
 %if %{with testsuite}
 BuildRequires: ldb-tools
 BuildRequires: python2-pygpgme
+BuildRequires: libcmocka-devel
 %endif

 # filter out perl requirements pulled in from examples in the docdir.
@ -830,7 +837,7 @@ cat > %{buildroot}%{_sysconfdir}/sysconfig/ctdb <<EOF
 EOF

 install -d -m 0755 %{buildroot}%{_sysconfdir}/ctdb
-install -m 0644 ctdb/config/ctdbd.conf %{buildroot}%{_sysconfdir}/ctdb/ctdb.conf
+install -m 0644 ctdb/config/ctdbd.conf %{buildroot}%{_sysconfdir}/ctdb/ctdbd.conf
 %endif

 install -m 0644 %{SOURCE201} packaging/README.downgrade
@ -948,17 +955,27 @@ fi
 %posttrans -n libwbclient
 # It has to be posttrans here to make sure all files of a previous version
 # without alternatives support are removed
-%{_sbindir}/update-alternatives --install %{_libdir}/libwbclient.so.%{libwbc_alternatives_version} \
-                                libwbclient.so.%{libwbc_alternatives_version}%{libwbc_alternatives_suffix} %{_libdir}/samba/wbclient/libwbclient.so.%{libwbc_alternatives_version} 10
+%{_sbindir}/update-alternatives \
+        --install \
+        %{_libdir}/libwbclient.so.%{libwbc_alternatives_version} \
+        libwbclient.so.%{libwbc_alternatives_version}%{libwbc_alternatives_suffix} \
+        %{_libdir}/samba/wbclient/libwbclient.so.%{libwbc_alternatives_version} \
+        10
 /sbin/ldconfig

 %preun -n libwbclient
-%{_sbindir}/update-alternatives --remove libwbclient.so.%{libwbc_alternatives_version}%{libwbc_alternatives_suffix} %{_libdir}/samba/wbclient/libwbclient.so.%{libwbc_alternatives_version}
+%{_sbindir}/update-alternatives \
+        --remove \
+        libwbclient.so.%{libwbc_alternatives_version}%{libwbc_alternatives_suffix} \
+        %{_libdir}/samba/wbclient/libwbclient.so.%{libwbc_alternatives_version}
 /sbin/ldconfig

 %posttrans -n libwbclient-devel
-%{_sbindir}/update-alternatives --install %{_libdir}/libwbclient.so \
-                                libwbclient.so%{libwbc_alternatives_suffix} %{_libdir}/samba/wbclient/libwbclient.so 10
+%{_sbindir}/update-alternatives \
+        --install %{_libdir}/libwbclient.so \
+        libwbclient.so.%{libwbc_alternatives_suffix} \
+        %{_libdir}/samba/wbclient/libwbclient.so \
+        10

 %preun -n libwbclient-devel
 # alternatives checks if the file which should be removed is a link or not, but
@ -1152,6 +1169,7 @@ rm -rf %{buildroot}
 %{_bindir}/cifsdd
 %{_bindir}/dbwrap_tool
 %{_bindir}/findsmb
+%{_bindir}/mvxattr
 %{_bindir}/nmblookup
 %{_bindir}/oLschema2ldif
 %{_bindir}/regdiff
@ -1180,6 +1198,7 @@ rm -rf %{buildroot}
 %{_mandir}/man1/regtree.1*
 %{_mandir}/man1/findsmb.1*
 %{_mandir}/man1/log2pcap.1*
+%{_mandir}/man1/mvxattr.1*
 %{_mandir}/man1/rpcclient.1*
 %{_mandir}/man1/sharesec.1*
 %{_mandir}/man1/smbcacls.1*
@ -1860,7 +1879,7 @@ rm -rf %{buildroot}
 %config(noreplace, missingok) %{_sysconfdir}/sysconfig/ctdb

 %dir %{_sysconfdir}/ctdb
-%config(noreplace) %{_sysconfdir}/ctdb/ctdb.conf
+%config(noreplace) %{_sysconfdir}/ctdb/ctdbd.conf
 %config(noreplace) %{_sysconfdir}/ctdb/notify.sh
 %config(noreplace) %{_sysconfdir}/ctdb/debug-hung-script.sh
 %config(noreplace) %{_sysconfdir}/ctdb/ctdb-crash-cleanup.sh
@ -1961,6 +1980,7 @@ rm -rf %{buildroot}
 %{_libexecdir}/ctdb/tests/ctdb_packet_parse
 %{_libexecdir}/ctdb/tests/ctdb_takeover_tests
 %{_libexecdir}/ctdb/tests/db_hash_test
+%{_libexecdir}/ctdb/tests/dummy_client
 %{_libexecdir}/ctdb/tests/fake_ctdbd
 %{_libexecdir}/ctdb/tests/fetch_loop
 %{_libexecdir}/ctdb/tests/fetch_loop_key
@ -2096,6 +2116,10 @@ rm -rf %{buildroot}
 %{_datadir}/ctdb/tests/eventscripts/05.system.monitor.016.sh
 %{_datadir}/ctdb/tests/eventscripts/05.system.monitor.017.sh
 %{_datadir}/ctdb/tests/eventscripts/05.system.monitor.018.sh
+%{_datadir}/ctdb/tests/eventscripts/06.nfs.releaseip.001.sh
+%{_datadir}/ctdb/tests/eventscripts/06.nfs.releaseip.002.sh
+%{_datadir}/ctdb/tests/eventscripts/06.nfs.takeip.001.sh
+%{_datadir}/ctdb/tests/eventscripts/06.nfs.takeip.002.sh
 %{_datadir}/ctdb/tests/eventscripts/10.interface.init.001.sh
 %{_datadir}/ctdb/tests/eventscripts/10.interface.init.002.sh
 %{_datadir}/ctdb/tests/eventscripts/10.interface.init.021.sh
@ -2212,6 +2236,7 @@ rm -rf %{buildroot}
 %{_datadir}/ctdb/tests/eventscripts/60.nfs.monitor.106.sh
 %{_datadir}/ctdb/tests/eventscripts/60.nfs.monitor.107.sh
 %{_datadir}/ctdb/tests/eventscripts/60.nfs.monitor.108.sh
+%{_datadir}/ctdb/tests/eventscripts/60.nfs.monitor.109.sh
 %{_datadir}/ctdb/tests/eventscripts/60.nfs.monitor.111.sh
 %{_datadir}/ctdb/tests/eventscripts/60.nfs.monitor.112.sh
 %{_datadir}/ctdb/tests/eventscripts/60.nfs.monitor.113.sh
@ -2231,6 +2256,14 @@ rm -rf %{buildroot}
 %{_datadir}/ctdb/tests/eventscripts/60.nfs.monitor.162.sh
 %{_datadir}/ctdb/tests/eventscripts/60.nfs.multi.001.sh
 %{_datadir}/ctdb/tests/eventscripts/60.nfs.multi.002.sh
+%{_datadir}/ctdb/tests/eventscripts/60.nfs.releaseip.001.sh
+%{_datadir}/ctdb/tests/eventscripts/60.nfs.releaseip.002.sh
+%{_datadir}/ctdb/tests/eventscripts/60.nfs.shutdown.001.sh
+%{_datadir}/ctdb/tests/eventscripts/60.nfs.shutdown.002.sh
+%{_datadir}/ctdb/tests/eventscripts/60.nfs.startup.001.sh
+%{_datadir}/ctdb/tests/eventscripts/60.nfs.startup.002.sh
+%{_datadir}/ctdb/tests/eventscripts/60.nfs.takeip.001.sh
+%{_datadir}/ctdb/tests/eventscripts/60.nfs.takeip.002.sh
 %{_datadir}/ctdb/tests/eventscripts/91.lvs.001.sh
 %{_datadir}/ctdb/tests/eventscripts/91.lvs.ipreallocated.011.sh
 %{_datadir}/ctdb/tests/eventscripts/91.lvs.ipreallocated.012.sh
@ -2566,6 +2599,10 @@ rm -rf %{buildroot}
 %{_datadir}/ctdb/tests/tool/ctdb.natgw.008.sh
 %{_datadir}/ctdb/tests/tool/ctdb.nodestatus.001.sh
 %{_datadir}/ctdb/tests/tool/ctdb.nodestatus.002.sh
+%{_datadir}/ctdb/tests/tool/ctdb.nodestatus.003.sh
+%{_datadir}/ctdb/tests/tool/ctdb.nodestatus.004.sh
+%{_datadir}/ctdb/tests/tool/ctdb.nodestatus.005.sh
+%{_datadir}/ctdb/tests/tool/ctdb.nodestatus.006.sh
 %{_datadir}/ctdb/tests/tool/ctdb.ping.001.sh
 %{_datadir}/ctdb/tests/tool/ctdb.pnn.001.sh
 %{_datadir}/ctdb/tests/tool/ctdb.process-exists.001.sh
@ -2624,6 +2661,74 @@ rm -rf %{buildroot}
 %endif # with_clustering_support

 %changelog
+* Fri Apr 13 2018 Guenther Deschner <gdeschner@redhat.com> - 4.6.15-0
+- Update to Samba 4.6.15
+
+* Tue Mar 13 2018 Guenther Deschner <gdeschner@redhat.com> - 4.6.14-0
+- Update to Samba 4.6.14
+- resolves: #1554754, #1554756 - Security fixes for CVE-2018-1050 CVE-2018-1057
+
+* Wed Feb 14 2018 Guenther Deschner <gdeschner@redhat.com> - 4.6.13-0
+- Update to Samba 4.6.13
+
+* Thu Dec 21 2017 Guenther Deschner <gdeschner@redhat.com> - 4.6.12-0
+- Update to Samba 4.6.12
+
+* Tue Nov 21 2017 Guenther Deschner <gdeschner@redhat.com> - 4.6.11-0
+- Update to Samba 4.6.11
+- resolves: #1515692 - Security fix for CVE-2017-14746 and CVE-2017-15275
+
+* Wed Nov 15 2017 Guenther Deschner <gdeschner@redhat.com> - 4.6.10-0
+- Update to Samba 4.6.10
+
+* Wed Oct 25 2017 Guenther Deschner <gdeschner@redhat.com> - 4.6.9-0
+- Update to Samba 4.6.9
+
+* Wed Sep 20 2017 Guenther Deschner <gdeschner@redhat.com> - 4.6.8-0
+- Update to Samba 4.6.8
+- resolves: #1493441 - Security fix for CVE-2017-12150 CVE-2017-12151 CVE-2017-12163
+
+* Thu Aug 10 2017 Guenther Deschner <gdeschner@redhat.com> - 4.6.7-0
+- Update to Samba 4.6.7
+
+* Mon Jun 12 2017 Guenther Deschner <gdeschner@redhat.com> - 4.6.5-0
+- Update to Samba 4.6.5
+
+* Wed May 24 2017 Andreas Schneider <asn@redhat.com> - 4.6.4-1
+- #resolves: #1451486 - Add source tarball comment
+
+* Wed May 24 2017 Guenther Deschner <gdeschner@redhat.com> - 4.6.4-0
+- Update to Samba 4.6.4
+- resolves: #1455050 - Security fix for CVE-2017-7494
+
+* Tue Apr 25 2017 Guenther Deschner <gdeschner@redhat.com> - 4.6.3-0
+- Update to Samba 4.6.3
+
+* Fri Mar 31 2017 Guenther Deschner <gdeschner@redhat.com> - 4.6.2-0
+- Update to Samba 4.6.2
+- related: #1435156 - Security fix for CVE-2017-2619
+
+* Thu Mar 23 2017 Guenther Deschner <gdeschner@redhat.com> - 4.6.1-0
+- Update to Samba 4.6.1
+- resolves: #1435156 - Security fix for CVE-2017-2619
+
+* Wed Mar 15 2017 Alexander Bokovoy <abokovoy@redhat.com> - 4.6.0-4
+- Export arcfour_crypt_blob to Python as samba.crypto.arcfour_encrypt
+- Makes possible to run trust to AD in FreeIPA in FIPS mode
+
+* Fri Mar 10 2017 Alexander Bokovoy <abokovoy@redhat.com> - 4.6.0-3
+- auth/credentials: Always set the the realm if we set the principal from the ccache
+- resolves: #1430761 - credentials_crb5: use gss_acquire_cred for client-side GSSAPI use case
+
+* Thu Mar 09 2017 Alexander Bokovoy <abokovoy@redhat.com> - 4.6.0-2
+- resolves: #1430761 - credentials_krb5: use gss_acquire_cred for client-side GSSAPI use case
+
+* Tue Mar 07 2017 Andreas Schneider <asn@redhat.com> - 4.6.0-1
+- Update to Samba 4.6.0
+
+* Wed Mar 01 2017 Andreas Schneider <asn@redhat.com> - 4.6.0-0.3.rc4
+- Update to Samba 4.6.0rc4
+
 * Tue Feb 14 2017 Andreas Schneider <asn@redhat.com> - 4.6.0-0.1.rc3
 - Update to Samba 4.6.0rc3

--- a/4
+++ b/4
@ -1,2 +1,2 @@
-SHA512 (samba-4.6.0rc3.tar.asc) = d266f7abe1a91698e261e29c0a121f95f28085c847f101a0447e92df84e86c96177cf02c0d06966e5d1e9f10bc49ef23b83305ece456cc696c73c8fc7a7184d3
-SHA512 (samba-4.6.0rc3.tar.xz) = d753b668ba9accef943f19e749a380d2d57caec6af0bbd14527f11bf90ec5412c55d7094a504cc3dcac6b659886c8d5d145841cee08e0aad2f0e1cb794f976c8
+SHA512 (samba-4.6.15.tar.xz) = 6cfcaf92fd217f9eb84f1cebefc28035721b8dcd3af2ac432bb90e1a51a95cd6c61078364dff0dd2045397d35e13d342b293014e451ac277da9a5d646da6c0ed
+SHA512 (samba-4.6.15.tar.asc) = 1b1cae6c7e3f89e5035da3f23587308e134e70e8a190dd5080ba193ffcc6942a23bbece62648d1d53d44bd38390c1ca31f134fa9b9b951d7d33b3452bdcad19c
Author	SHA1	Message	Date
Günther Deschner	5cbc42b352	Update to Samba 4.6.15 Guenther	2018-04-13 12:49:31 +02:00
Günther Deschner	9178a28a7e	Update to Samba 4.6.14 resolves: #1554754, #1554756 - Security fixes for CVE-2018-1050 CVE-2018-1057 Guenther	2018-03-13 11:26:04 +01:00
Günther Deschner	c0dff1a1dd	More fixes for libceph-common detection Guenther	2018-02-15 16:33:22 +01:00
Günther Deschner	5be940679e	Update to Samba 4.6.13 Guenther	2018-02-14 14:57:28 +01:00
Günther Deschner	2f8e4ccb7f	Update to Samba 4.6.12 Guenther	2017-12-21 15:46:58 +01:00
Günther Deschner	4d5fe10881	Update to Samba 4.6.11: Security fix for CVE-2017-14746 and CVE-2017-15275 resolves: #1515692 Guenther	2017-11-21 10:23:02 +01:00
Günther Deschner	244b92395f	Update to Samba 4.6.10 Guenther	2017-11-15 21:10:09 +01:00
Günther Deschner	beafa64f80	Update to Samba 4.6.9 Guenther	2017-10-25 13:36:01 +02:00
Günther Deschner	780c9b1a50	Update to Samba 4.6.8 resolves: #1493441 - Security fix for CVE-2017-12150 CVE-2017-12151 CVE-2017-12163 Guenther	2017-09-20 18:00:13 +02:00
Günther Deschner	d1c0b5dabe	Update filelist Guenther	2017-08-10 22:44:57 +02:00
Günther Deschner	4a7fe237dc	Update to Samba 4.6.7 Guenther	2017-08-10 22:11:09 +02:00
Andreas Schneider	1fc294aabb	Fix typo	2017-06-12 15:14:51 +02:00
Andreas Schneider	d87fc40c7a	Make it easier to read update-alternatives	2017-06-12 14:01:03 +02:00
Günther Deschner	af2dc748ac	Add missing files for 4.6.5 build Guenther	2017-06-12 11:45:47 +02:00
Günther Deschner	973a194ea4	Update to Samba 4.6.5 Guenther	2017-06-12 10:08:29 +02:00
Andreas Schneider	5fb4819083	This fixes bug #1451486	2017-05-24 11:31:29 +02:00
Günther Deschner	59e2905f7a	Update to Samba 4.6.4 resolves: #1455050 - Security fix for CVE-2017-7494 Guenther	2017-05-24 09:30:24 +02:00
Günther Deschner	ab3017b1bf	Update to Samba 4.6.3 Guenther	2017-04-25 09:40:31 +02:00
Günther Deschner	7f131bf7c1	Update to Samba 4.6.2 related: #1435156 - Security fix for CVE-2017-2619 Guenther	2017-03-31 10:16:55 +02:00
Andreas Schneider	411bbacb3a	Set the Kerberos version requirement based on what we build	2017-03-31 10:16:51 +02:00
Andreas Schneider	b98feb33bb	Only require cmocka for the testsuite build	2017-03-31 10:16:43 +02:00
Günther Deschner	3651a4b2f3	Update to Samba 4.6.1 resolves: #1435156 - Security fix for CVE-2017-2619 Guenther	2017-03-23 11:23:28 +01:00
Andreas Schneider	94d2e671e1	Fix typo in ctdbd.conf file naming	2017-03-21 11:35:18 +01:00
Alexander Bokovoy	e26f74765f	Fix bogus date (cherry picked from commit `4fdfe93b52`)	2017-03-15 13:52:24 +02:00
Alexander Bokovoy	8c7d0a399b	export arcfour_crypt_blob to Python as samba.crypto.arcfour_encrypt (cherry picked from commit `563829e681`)	2017-03-15 13:52:06 +02:00
Alexander Bokovoy	443d764799	one more patch from git master	2017-03-10 19:48:15 +02:00
Alexander Bokovoy	35d0231191	credentials_krb5: use gss_acquire_cred for client-side GSSAPI use case Resolves: #1430761 (cherry picked from commit `4a8bf8a4fb`)	2017-03-09 16:37:26 +02:00
Andreas Schneider	44ebc76f6d	Update to Samba 4.6.0	2017-03-07 11:38:35 +01:00
Andreas Schneider	0e89ba2c3d	Update to Samba 4.6.0rc4	2017-03-02 17:26:34 +01:00