Adolf Belka 148b2ced39 cifs-utils: Update to version 7.0 ...

- Update from version 6.14 to 7.0
- Update of rootfile not required
- Changelog
    7.0
	3165220 cifs-utils: bump version to 7.0
	7b91873 cifs-utils: don't return uninitialized value in cifs_gss_get_req
	d9f5447 cifs-utils: make GSSAPI usage compatible with Heimdal
	5e5aa50 cifs-utils: work around missing krb5_free_string in Heimdal
	dc60353 fix warnings for -Waddress-of-packed-member
	c4c94ad setcifsacl: fix memory allocation for struct cifs_ace
	4ad2c50 setcifsacl: fix comparison of actions reported by covscan
	9b074db cifs.upcall: remove unused variable and fix syslog message
	2981686 cifs.upcall: Switch to RFC principal type naming
	8a288d6 man-pages: Update cifs.upcall to mention GSS_USE_PROXY
	aeee690 cifs.upcall: fix compiler warning
	e2430c0 cifs.upcall: add gssproxy support
    6.15
	- CVE-2022-27239: mount.cifs: fix length check for ip option parsing
		In cifs-utils through 6.14, a stack-based buffer overflow when parsing
		 the mount.cifs ip= command-line argument could lead to local attackers
		 gaining root privileges.
	- CVE-2022-29869: mount.cifs: fix verbose messages on option parsing
		cifs-utils through 6.14, with verbose logging, can cause an
		 information leak when a file contains = (equal sign) characters but is
		 not a valid credentials file.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>

2024-01-03 21:11:17 +00:00

3.3 KiB

Raw Permalink Blame History

View Raw