Project

General

Profile

Bug #25119

Samba CVE-2017-11103 for FreeNAS 11.0

Added by John Hixson over 4 years ago. Updated almost 4 years ago.

Status:
Resolved
Priority:
No priority
Assignee:
John Hixson
Category:
OS
Target version:
Seen in:
Severity:
New
Reason for Closing:
Reason for Blocked:
Needs QA:
Yes
Needs Doc:
Yes
Needs Merging:
Yes
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:
ChangeLog Required:
No

Description

Fix 11.0 for Samba CVE-2017-11103

Associated revisions

Revision 5e7d71a2 (diff)
Added by John Hixson over 4 years ago

Update samba to 4.6.6 Ticket: #25119

Revision ef38643b (diff)
Added by John Hixson over 4 years ago

FreeBSD Security Advisory FreeBSD-SA-17:05.heimdal Ticket: #25119

Revision ef38643b (diff)
Added by John Hixson over 4 years ago

FreeBSD Security Advisory FreeBSD-SA-17:05.heimdal Ticket: #25119

Revision 09f92cd7 (diff)
Added by John Hixson over 4 years ago

FreeBSD Security Advisory FreeBSD-SA-17:05.heimdal Ticket: #25119 Ticket: #25143 (cherry picked from commit ef38643b4e92bb3598b09b785b9b0be2cc5ebca2)

Revision 09f92cd7 (diff)
Added by John Hixson over 4 years ago

FreeBSD Security Advisory FreeBSD-SA-17:05.heimdal Ticket: #25119 Ticket: #25143 (cherry picked from commit ef38643b4e92bb3598b09b785b9b0be2cc5ebca2)

Revision d96aaa34 (diff)
Added by John Hixson over 4 years ago

FreeBSD Security Advisory FreeBSD-SA-17:05.heimdal Ticket: #25119 Ticket: #25142 (cherry picked from commit ef38643b4e92bb3598b09b785b9b0be2cc5ebca2)

Revision d96aaa34 (diff)
Added by John Hixson over 4 years ago

FreeBSD Security Advisory FreeBSD-SA-17:05.heimdal Ticket: #25119 Ticket: #25142 (cherry picked from commit ef38643b4e92bb3598b09b785b9b0be2cc5ebca2)

History

#1 Updated by John Hixson over 4 years ago

  • Copied from Bug #25118: Samba CVE-2017-11103 for FreeNAS 9.10 added

#2 Updated by John Hixson over 4 years ago

#3 Updated by Dru Lavigne over 4 years ago

  • Status changed from Untriaged to Unscreened
  • Assignee changed from Release Council to Kris Moore
  • Target version set to 11.0-U2

Kris: do we also want to get this into TrueNAS U1 in a separate ticket?

#5 Avatar?id=14398&size=24x24 Updated by Kris Moore over 4 years ago

  • Status changed from Unscreened to Needs Developer Review
  • Assignee changed from Kris Moore to Timur Bakeyev

Yep, copied to TN, Assigning to Timur for review.

#6 Updated by Timur Bakeyev over 4 years ago

  • Status changed from Needs Developer Review to 15
  • Assignee changed from Timur Bakeyev to John Hixson

John, you said you'll rework the pull request(s) to make them more manageable by size.

Also, I see that Jenkins failed to thest this pull request in the port build:

* installing ctdb/tests/eventscripts/etc-ctdb/rc.local as /wrkdirs/usr/ports/net/samba46/work/stage/usr/local/share/ctdb/tests/eventscripts/etc-ctdb/rc.local
* installing ctdb/tests/eventscripts/etc-ctdb/nfs-linux-kernel-callout as /wrkdirs/usr/ports/net/samba46/work/stage/usr/local/share/ctdb/tests/eventscripts/etc-ctdb/nfs-linux-kernel-callout
Waf: Leaving directory `/usr/samba_src/bin'
Cannot create the folder '/wrkdirs/usr/ports/net/samba46/work/stage/usr/local/share/ctdb/tests/eventscripts/etc-ctdb/events.d' (error: [Errno 17] File exists: '/wrkdirs/usr/ports/net/samba46/work/stage/usr/local/share/ctdb/tests/eventscripts/etc-ctdb/events.d')
*** Error code 1

Stop.
make: stopped in /usr/ports/net/samba46
====>> Cleaning up wrkdir
===>  Cleaning for samba46-4.6.5_4
build of net/samba46 ended at Fri Jul 14 00:47:01 UTC 2017

Which is actually also looks strange to me, I'd expect samba46-4.6.6 to be tested.

#7 Updated by John Hixson over 4 years ago

Timur Bakeyev wrote:

John, you said you'll rework the pull request(s) to make them more manageable by size.

Also, I see that Jenkins failed to thest this pull request in the port build:
[...]

Which is actually also looks strange to me, I'd expect samba46-4.6.6 to be tested.

The problem was that I bumped to 4.6.6 from 4.6.4. This was not intentional. I thought that that we were on 4.6.5 so I bumped to 4.6.6. I have deleted the branch and recreated it. The pull request is now at https://github.com/freenas/samba/pull/4 and should look much simpler ;-)

#8 Updated by Timur Bakeyev over 4 years ago

  • Status changed from 15 to Reviewed by Developer
  • Assignee changed from John Hixson to Vaibhav Chauhan

Looks good to me

#9 Updated by Vaibhav Chauhan over 4 years ago

  • Status changed from Reviewed by Developer to 42

#10 Updated by Vaibhav Chauhan over 4 years ago

  • Status changed from 42 to Ready For Release

#11 Updated by Vaibhav Chauhan over 4 years ago

  • Copied from deleted (Bug #25118: Samba CVE-2017-11103 for FreeNAS 9.10)

#12 Updated by Joe Maloney over 4 years ago

  • QA Status Test Passes added
  • QA Status deleted (Not Tested)

QA testing with smbtorture by using:

smbtorture -UAdministrator -W AD01 //127.0.0.1/smbtorture/ ALL

After running overnight no stability issues have been encountered from this CVE patch.

#13 Updated by Vaibhav Chauhan over 4 years ago

  • Status changed from Ready For Release to Resolved

#14 Updated by William Grzybowski almost 4 years ago

  • Assignee changed from Vaibhav Chauhan to John Hixson

Also available in: Atom PDF