From 192dc27dc3694023dcaca6f5a34a2788172240d3 Mon Sep 17 00:00:00 2001
From: Tristan Helmich <fadenb@users.noreply.github.com>
Date: Wed, 13 Apr 2016 17:59:03 +0200
Subject: [PATCH] samba4Full: 4.3.6 -> 4.3.8 (#14661)

Fixes the following security issues:
 * CVE-2015-5370 (Multiple errors in DCE-RPC code)
 * CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
 * CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
 * CVE-2016-2112 (LDAP client and server don't enforce integrity)
 * CVE-2016-2113 (Missing TLS certificate validation)
 * CVE-2016-2114 ("server signing = mandatory" not enforced)
 * CVE-2016-2115 (SMB IPC traffic is not integrity protected)
 * CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)

See http://badlock.org/ for details.
---
 pkgs/servers/samba/4.x.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/servers/samba/4.x.nix b/pkgs/servers/samba/4.x.nix
index 0f3b9bb7a658..2368ba18a494 100644
--- a/pkgs/servers/samba/4.x.nix
+++ b/pkgs/servers/samba/4.x.nix
@@ -18,11 +18,11 @@
 with lib;
 
 stdenv.mkDerivation rec {
-  name = "samba-4.3.6";
+  name = "samba-4.3.8";
 
   src = fetchurl {
     url = "mirror://samba/pub/samba/stable/${name}.tar.gz";
-    sha256 = "0929fpk2pq4v389naai519xvsm9bzpar4jlgjxwlx1cnn6jyql9j";
+    sha256 = "041b5frh4ikcka922aqhqjvlv4w2s7jycyykpvsknj0a79ncd79p";
   };
 
   patches =