samba4Full: 4.3.6 -> 4.3.8 (#14661)

Fixes the following security issues: * CVE-2015-5370 (Multiple errors in DCE-RPC code) * CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP) * CVE-2016-2111 (NETLOGON Spoofing Vulnerability) * CVE-2016-2112 (LDAP client and server don't enforce integrity) * CVE-2016-2113 (Missing TLS certificate validation) * CVE-2016-2114 ("server signing = mandatory" not enforced) * CVE-2016-2115 (SMB IPC traffic is not integrity protected) * CVE-2016-2118 (SAMR and LSA man in the middle attacks possible) See http://badlock.org/ for details.
2016-04-13 17:59:03 +02:00 · 2016-04-13 17:59:03 +02:00 · 192dc27dc3
parent 04267ed630
commit 192dc27dc3
1 changed files with 2 additions and 2 deletions
--- a/pkgs/servers/samba/4.x.nix
+++ b/pkgs/servers/samba/4.x.nix
@ -18,11 +18,11 @@
 with lib;

 stdenv.mkDerivation rec {
-  name = "samba-4.3.6";
+  name = "samba-4.3.8";

  src = fetchurl {
    url = "mirror://samba/pub/samba/stable/${name}.tar.gz";
-    sha256 = "0929fpk2pq4v389naai519xvsm9bzpar4jlgjxwlx1cnn6jyql9j";
+    sha256 = "041b5frh4ikcka922aqhqjvlv4w2s7jycyykpvsknj0a79ncd79p";
  };

  patches =