Commit Graph

42 Commits

Author SHA1 Message Date
Fabrice Fontaine
e5939475da package/cifs-utils: security bump to version 6.15
This is a security release to address the following bugs:

- CVE-2022-27239: mount.cifs: fix length check for ip option parsing
- CVE-2022-29869: mount.cifs: fix verbose messages on option parsing

https://lists.samba.org/archive/samba-technical/2022-April/137335.html
https://lists.samba.org/archive/samba-technical/2021-September/136914.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-05-14 22:56:47 +02:00
Peter Korsgaard
66dbb74763 package/cifs-utils: drop python2 support
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-02-09 22:07:45 +01:00
Fabrice Fontaine
0b332bb15c package/cifs-utils: security bump to version 6.13
Fix CVE-2021-20208: A flaw was found in cifs-utils in versions before
6.13. A user when mounting a krb5 CIFS file system from within a
container can use Kerberos credentials of the host. The highest threat
from this vulnerability is to data confidentiality and integrity.

https://lists.samba.org/archive/samba-technical/2021-April/136467.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-07 21:56:51 +02:00
Fabrice Fontaine
99001b0a81 package/cifs-utils: add missing python dependencies
Add missing python dependencies which have been forgotten when bumping
to version 6.12 in commit b5dede7d1a

Fixes:
 - http://autobuild.buildroot.org/results/acdbf7c58ec8ae648f8048bc75650dcdcdca6285

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
  - dependencies are because of python3, not python
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-03 16:51:03 +02:00
Peter Seiderer
b5dede7d1a package/cifs-utils: bump version to 6.12
- removed 0001-Use-DESTDIR-when-installing-mount.smb3-and-optionall.patch
  (superseded by upstream commit [1])

- adjust autoreconf comment accordingly

- add option for smb tools to avoid hard python runtime dependency
  (smbinfo and smb2-quota are python scripts)

Changelog ([2]):

  December, 2020: Release 6.12
  get/setcifsacl tools are improved to support changing owner, group and SACLs
  mount.cifs is enhanced to use SUDO_UID env variable for cruid
  smbinfo is re-written in Python language
  https://lists.samba.org/archive/samba-technical/2020-December/136156.html

[1] https://git.samba.org/?p=cifs-utils.git;a=patch;h=a00e84378d9c5e63272ff69ca18fd0e872b384d3
[2] https://wiki.samba.org/index.php/LinuxCIFS_utils

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-03-16 21:07:48 +01:00
Heiko Thiery
6863f00ab3 package/cifs-utils: add CIFS_UTILS_CPE_ID_VENDOR
cpe:2.3🅰️samba:cifs-utils is a valid CPE identifier for this package:

https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Asamba%3Acifs-utils

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-21 22:01:54 +01:00
Fabrice Fontaine
ce0e86b293 package/cifs-utils: security bump to version 6.11
Fix CVE-2020-14342: It was found that cifs-utils' mount.cifs was
invoking a shell when requesting the Samba password, which could be used
to inject arbitrary commands. An attacker able to invoke mount.cifs with
special permission, such as via sudo rules, could use this flaw to
escalate their privileges.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-09-20 15:06:04 +02:00
Ryan Barnett
3fe17ae48d package/cifs-utils: bump to version 6.10
In the version bump to 6.10 the following changes were:

 * Fix hash file to two spaces format
 * Add patch to respect DESTDIR and optionally install man pages for
   mount.smb3 by utilizing CONFIG_MAN.
 * Pass -std=gnu11 to fix compile issues found with the sourcery-arm
   toolchain with C99 style code errors in smbinfo.c and defintion of
   'struct sa' uisng gnu11 for C11 GNU extensions.

Signed-off-by: Ryan Barnett <ryanbarnett3@gmail.com>
CC: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-04-29 22:38:09 +02:00
Thomas Petazzoni
de62310948 package/cifs-utils: bump to version 6.9
>From https://wiki.samba.org/index.php/LinuxCIFS_utils:

- April 5, 2019: Release 6.9
  - smbinfo utility is added to query various kinds of information
    from the server (objectId, snapshots, different FileInfo* classes
    and other metadata)
  - server IP change is supported by expiring DNS key resolver entries
  - get/setcifsacl tools are improved to handle unexpected behavior
  - share snapshot are allowed to be specified by a GMT token or SMB
    100-nanoseconds time
  - various new mount option are documented: bsize, handletimeout,
    handlecache, rdma, max_credits and others
  - https://lists.samba.org/archive/samba-technical/2019-April/133233.html

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-10-01 07:19:13 +02:00
Baruch Siach
57d16fd480 cifs-utils: disable man page generation
Buildroot does not generate documentation for target.

This fixes the build on hosts where the rst2man command does not support
the --syntax-highlight parameter.

Fixes:
http://autobuild.buildroot.net/results/265/2655c0e1fa3ad0a10b4aed39a17feead94e47bfb/
http://autobuild.buildroot.net/results/92d/92d7c608f717bbfe01ecfb9bc9604cb303d8594c/
http://autobuild.buildroot.net/results/4b9/4b95404a89a595ca9c1e3df912169e9d36ff2bd7/

Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-06-03 20:23:27 +02:00
Peter Korsgaard
8b0fd3cb49 Merge branch 'next'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-06-02 11:21:20 +02:00
Fabrice Fontaine
6ff41f264c cifs-utils: bump to version 6.8
- Remove patch (already in version)
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-13 23:00:56 +02:00
Thomas Petazzoni
85f9d08934 cifs-utils: unconditionally disable PIE
PIE support in Buildroot should be enabled via the global option
BR2_RELRO_FULL option, and not done on a per-package basis, therefore
PIE should unconditionally be disabled in the cifs-utils package.

This has the added side-effect that it works around a binutils bug on
SPARC causing the linker to segfault when PIE is enabled:

sparc-linux-gcc -Wall -Wextra -D_FORTIFY_SOURCE=2 -fpie -pie -Wl,-z,relro,-z,now -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64  -Os    -o mount.cifs mount.cifs.o mtab.o resolve_host.o util.o  -lcap-ng
collect2: fatal error: ld terminated with signal 6 [Aborted], core dumped

This issue will reappear when we start testing BR2_RELRO_FULL in the
autobuilders, but in the mean time it avoids the problem.

Fixes:

  http://autobuild.buildroot.net/results/a5342890f39bdccae1324e7d3dbe0eab1aad28e5/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-13 22:28:26 +02:00
Baruch Siach
47bde82a04 cifs-utils: bump to version 6.7
Enable autoreconf because of missing install-sh.

Add upstream patch fixing build breakage with libtalloc is missing.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-05-31 22:26:07 +02:00
Rahul Bedarkar
337aa51f3f boot, package: use SPDX short identifier for GPLv3/GPLv3+
We want to use SPDX identifier for license string as much as possible.
SPDX short identifier for GPLv3/GPLv3+ is GPL-3.0/GPL-3.0+.

This change is done using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\<GPLv3\>/GPL-3.0/g'

Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-04-01 15:17:59 +02:00
Gustavo Zacarias
d8983d0c76 cifs-utils: bump to version 6.6
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-09-08 08:49:36 +02:00
Waldemar Brodkorb
3c93901bcd toolchain: add hidden symbol for PIE support
uClibc-ng does not support PIE for some architectures as
arc and m68k. It isn't implemented in the static linking case, too.
With musl toolchains you might have static PIE support with little
patching of gcc. Static linking for GNU libc isn't enabled in
buildroot. Fixup any package using special treatment of PIE.
(grep -ir pie package/*/*.mk)

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
[Thomas: use positive logic.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-07-24 21:44:22 +02:00
Waldemar Brodkorb
7446bf2958 cifs-utils: disable PIE for m68k
PIE is not supported for uClibc-ng/m68k.

Fixes following autobuild failure:
http://autobuild.buildroot.net/results/4246de0280d4e7f8765adefd379c9dd414c316f1/

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-07-07 22:12:49 +02:00
Gustavo Zacarias
4d191c0d09 cifs-utils: bump to version 6.5
Patch is upstream so remove it.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-09 13:14:21 +01:00
Bernd Kuhls
4969784be1 package/cifs-utils: add optional support for keyutils
When keyutils was compiled before, cifs-utils will use it as optional
dependency:

$ output/host/usr/bin/x86_64-linux-readelf -a output/target/usr/bin/cifscreds | grep NEEDED
 0x0000000000000001 (NEEDED)             Shared library: [libkeyutils.so.1]
 0x0000000000000001 (NEEDED)             Shared library: [libc.so.1]

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-02-21 14:45:03 +01:00
Jörg Krause
4d53184aff package/cifs-utils: add upstream patch to fix musl build
Fixes build error with the musl C library:

```
error: '_PATH_MOUNTED' undeclared (first use in this function)
```

Fixes:
http://autobuild.buildroot.net/results/44e/44e800d9933160c48b9c2447d63eeb37a0065d03/
http://autobuild.buildroot.net/results/b9f/b9f918bba4952566e3818fb99f45a7e425acf727/
http://autobuild.buildroot.net/results/8de/8dec8c46ad1959066101efe7cc1781f3d4732028/
http://autobuild.buildroot.net/results/cc3/cc38e7581b4bba362a9be388099b0ea237f4e580/

and many more.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-08-17 22:53:58 +02:00
Thomas Petazzoni
665e13c85e Rename BR2_PREFER_STATIC_LIB to BR2_STATIC_LIBS
Since a while, the semantic of BR2_PREFER_STATIC_LIB has been changed
from "prefer static libraries when possible" to "use only static
libraries". The former semantic didn't make much sense, since the user
had absolutely no control/idea of which package would use static
libraries, and which packages would not. Therefore, for quite some
time, we have been starting to enforce that BR2_PREFER_STATIC_LIB
should really build everything with static libraries.

As a consequence, this patch renames BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS, and adjust the Config.in option accordingly.

This also helps preparing the addition of other options to select
shared, shared+static or just static.

Note that we have verified that this commit can be reproduced by
simply doing a global rename of BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS plus adding BR2_PREFER_STATIC_LIB to Config.in.legacy.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
2014-12-11 22:48:13 +01:00
Gustavo Zacarias
696d63b461 cifs-utils: add hash
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-19 17:35:48 +02:00
Thomas De Schampheleire
aaffd209fa packages: rename FOO_CONF_OPT into FOO_CONF_OPTS
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_CONF_OPT.

Sed command used:
   find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g'

Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-04 18:54:16 +02:00
Gustavo Zacarias
3b5e06c158 cifs-utils: bump to version 6.4
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-07-12 13:04:11 +02:00
Vicente Olivert Riera
510ffcd66b cifs-utils: fix building on static
Disable position independent executables when building on static.

Fixes:
   http://autobuild.buildroot.net/results/bb0/bb00db98477f0f81c95ac1830ef3649b30963416/

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-03-26 22:41:23 +01:00
Gustavo Zacarias
52cbffc960 cifs-utils: bump to version 6.3
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-01-10 23:01:57 +01:00
Gustavo Zacarias
8552d8cd8f cifs-utils: bump to version 6.2
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-11-13 00:23:44 +01:00
Thomas De Schampheleire
c9907e4804 cifs-utils: correct license GPLv3 -> GPLv3+
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-10-09 21:27:27 +02:00
Gustavo Zacarias
b62e9cde88 cifs-utils: bump to version 6.1
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-07-12 13:31:21 +02:00
Alexandre Belloni
23ac7255c8 Add header to packages where missing
Reported-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-06-21 11:00:31 +02:00
Gustavo Zacarias
cfe70c5e13 cifs-utils: bump to version 6.0
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-04-11 09:30:28 +02:00
Gustavo Zacarias
f5f65705af cifs-utils: bump to version 5.9
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-01-17 14:43:09 +01:00
Gustavo Zacarias
811bcf124a cifs-utils: bump to version 5.7
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-10-16 23:17:10 +02:00
Gustavo Zacarias
839546dd3a cifs-utils: bump to version 5.6
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2012-08-17 17:46:10 +02:00
Arnout Vandecappelle (Essensium/Mind)
e1502ebc0c all packages: rename XXXTARGETS to xxx-package
Also remove the redundant $(call ...).

This is a purely mechanical change, performed with
find package linux toolchain boot -name \*.mk | \
  xargs sed -i -e 's/$(eval $(call GENTARGETS))/$(eval $(generic-package))/' \
               -e 's/$(eval $(call AUTOTARGETS))/$(eval $(autotools-package))/' \
               -e 's/$(eval $(call CMAKETARGETS))/$(eval $(cmake-package))/'

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2012-07-17 20:23:05 +02:00
Gustavo Zacarias
b9c3890cdd cifs-utils: bump to version 5.5
Bump cifs-utils to version 5.5
Also switch to http source instead of ftp.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2012-07-15 21:45:10 +02:00
Peter Korsgaard
a89e0e8721 cifs-utils: needs MMU
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-05-20 19:50:52 +02:00
Gustavo Zacarias
18bd541dd0 cifs-utils: security bump to version 5.4
Fixes CVE-2012-1586.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-05-09 00:23:42 +02:00
Thomas Petazzoni
300f9c9c9d package: remove useless arguments from AUTOTARGETS
Thanks to the pkgparentdir and pkgname functions, we can rewrite the
AUTOTARGETS macro in a way that avoids the need for each package to
repeat its name and the directory in which it is present.

[Peter: pkgdir->pkgparentdir]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2011-09-29 23:12:27 +02:00
Peter Korsgaard
4353fec6d7 cifs-utils: bump version
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2011-09-26 22:37:46 +02:00
Thomas Petazzoni
c20ab0feca cifs-utils: new package
[Peter: fix Config.in]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2011-09-26 22:36:56 +02:00