Skip to content
This repository was archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: e855bc89611d
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 6d448d7fbd69
Choose a head ref
  • 2 commits
  • 1 file changed
  • 2 contributors

Commits on Nov 15, 2019

  1. samba: add patches for CVE-2019-3880, CVE-2019-10218, CVE-2019-14833 & 

    …CVE-2019-14847

using patches from the 4.8 & 4.9 branches, but luckily these all apply and
work against 4.7
    @risicle
    risicle committed Nov 15, 2019

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    GPG key ID: 4AEE18F83AFDEB23
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    b85424a View commit details

Commits on Nov 19, 2019

  1. Merge pull request #73370 from risicle/ris-samba-CVEs-r19.03 

    [19.03] samba: add patches for CVE-2019-3880, CVE-2019-10218, CVE-2019-14833 & CVE-2019-14847
    Christian Kauhaus authored Nov 19, 2019

    Unverified

    This user has not yet uploaded their public signing key.
    GPG key ID: 6371839BF51BA5DA
    Learn about vigilant mode
    Copy the full SHA
    6d448d7 View commit details
Showing with 44 additions and 0 deletions.
  1. +44 −0 pkgs/servers/samba/4.x.nix
44 changes: 44 additions & 0 deletions pkgs/servers/samba/4.x.nix
View file
Original file line number Diff line number Diff line change
@@ -37,6 +37,50 @@ stdenv.mkDerivation rec {
url = "https://patch-diff.githubusercontent.com/raw/samba-team/samba/pull/107.patch";
sha256 = "0r6q34vjj0bdzmcbnrkad9rww58k4krbwicv4gs1g3dj49skpvd6";
})
# note the following is a patch against the 4.8 branch, but luckily it applies
# and works against 4.7
(fetchpatch {
name = "4.8-CVE-2019-3880.patch";
url = "https://gitlab.com/samba-team/samba/commit/9a3ee861e43f84d48ef47998ceeb3bbf29f0c948.patch";
sha256 = "12822dpdar7jp65r86ppd2f0az414azzvaslb04ngbcz62zwskfw";
})
# and the following are all patches against the 4.9 branch, but luckily they all apply
# and work against 4.7 too
(fetchpatch {
name = "4.9-CVE-2019-10218.part1.patch";
url = "https://gitlab.com/samba-team/samba/commit/fc6022b9b19473076c4236fdf4ac474f44ca73e2.patch";
sha256 = "1y6cax6rhrwqnqhyh764sdc19vask3v3abrk7vnvyb24rc52q4v9";
})
(fetchpatch {
name = "4.9-CVE-2019-10218.part2.patch";
url = "https://gitlab.com/samba-team/samba/commit/167f78aa97af6502cb2027dc9dad40399b0a9c4f.patch";
sha256 = "1ncib6j4nrybzdq1bg02va7yh98s2faplfngwg3d0mkd4l1lr1wc";
})
(fetchpatch {
name = "4.9-CVE-2019-14833.part1.patch";
url = "https://gitlab.com/samba-team/samba/commit/e6de467a763b93152eef27726957a32879268fb7.patch";
sha256 = "13s6n4kb9m8vp1cn3kvldnqdirxmk3lm0klr0kjd81n762gmc0r3";
})
(fetchpatch {
name = "4.9-CVE-2019-14833.part2.patch";
url = "https://gitlab.com/samba-team/samba/commit/70078d4ddf3b842eeadee058dadeef82ec4edf0b.patch";
sha256 = "0z80x6qycip28lp0x0xdbj0a0f2s1cjzl1ry4ds3wr4hi9v9dqps";
})
(fetchpatch {
name = "4.9-CVE-2019-14847.part1.patch";
url = "https://gitlab.com/samba-team/samba/commit/ea39bdd6293041af668f1bfdfea39a725733bad3.patch";
sha256 = "1rrdz6a649is3mqx3syzlq769f08yavr2hjnd626hkxxxbvhsysc";
})
(fetchpatch {
name = "4.9-CVE-2019-14847.part2.patch";
url = "https://gitlab.com/samba-team/samba/commit/bdb3e3f669bd991da819040e726e003e4e2b841d.patch";
sha256 = "12mjby9vzp29s93q2wk73kalpr345gx813lhmvgkalbn6186w5f7";
})
(fetchpatch {
name = "4.9-CVE-2019-14847.part3.patch";
url = "https://gitlab.com/samba-team/samba/commit/77b10b360f4ffb7ac90bc5fce0a80306515c1aca.patch";
sha256 = "0mclx3zdb2l8w4p1iyak6d82dpnyksp3ixj5syck6v0f10nkniz8";
})
];

buildInputs =