From cb4694aac4003e0653ed512b36eee902a5e83a35 Mon Sep 17 00:00:00 2001
From: Funda Wang <fundawang@yeah.net>
Date: Thu, 10 Jul 2025 21:02:07 +0800
Subject: [PATCH] 4.22.3

---
 backport-CVE-2025-0620.patch               | 36 ----------------------
 samba-4.22.1.tar.asc                       | 16 ----------
 samba-4.22.3.tar.asc                       | 16 ++++++++++
 samba-4.22.1.tar.gz => samba-4.22.3.tar.gz |  4 +--
 samba.spec                                 | 11 +++++--
 5 files changed, 26 insertions(+), 57 deletions(-)
 delete mode 100644 backport-CVE-2025-0620.patch
 delete mode 100644 samba-4.22.1.tar.asc
 create mode 100644 samba-4.22.3.tar.asc
 rename samba-4.22.1.tar.gz => samba-4.22.3.tar.gz (32%)

diff --git a/backport-CVE-2025-0620.patch b/backport-CVE-2025-0620.patch
deleted file mode 100644
index 9ad33f0..0000000
--- a/backport-CVE-2025-0620.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From 6f0ae60428a024b4aba92a8103a698c1eca2357c Mon Sep 17 00:00:00 2001
-From: Ralph Boehme <slow@samba.org>
-Date: Fri, 23 May 2025 08:47:06 +0200
-Subject: [PATCH] CVE-2025-0620: smbd: smbd doesn't pick up group membership
- changes when re-authenticating an expired SMB session
-
-BUG: https://bugzilla.samba.org/show_bug.cgi?id=15707
-
-Signed-off-by: Ralph Boehme <slow@samba.org>
-Reviewed-by: Anoop C S <anoopcs@samba.org>
-Reviewed-by: Stefan Metzmacher <metze@samba.org>
-
-Autobuild-User(master): Jule Anger <janger@samba.org>
-Autobuild-Date(master): Mon Jun  2 15:10:30 UTC 2025 on atb-devel-224
-
-Conflict: NA
-Reference: https://github.com/samba-team/samba/commit/6f0ae60428a024b4aba92a8103a698c1eca2357c
----
- source3/smbd/conn.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/source3/smbd/conn.c b/source3/smbd/conn.c
-index 4e7e1ce01276..0e4d78237876 100644
---- a/source3/smbd/conn.c
-+++ b/source3/smbd/conn.c
-@@ -173,8 +173,8 @@ static void conn_clear_vuid_cache(connection_struct *conn, uint64_t vuid)
- 
- 	for (i=0; i<VUID_CACHE_SIZE; i++) {
- 		ent = &conn->vuid_cache->array[i];
--		if (ent->vuid != vuid) {
--			continue;
-+		if (ent->vuid == vuid) {
-+			break;
- 		}
- 	}
- 	if (i == VUID_CACHE_SIZE) {
diff --git a/samba-4.22.1.tar.asc b/samba-4.22.1.tar.asc
deleted file mode 100644
index c5cdf4e..0000000
--- a/samba-4.22.1.tar.asc
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEEgfXigyvSVFoYl7cTqplEL7aAtiAFAmgBNroACgkQqplEL7aA
-tiC5bA/8DzcHbtStTEi4TD0g/9JYBVMmtmL+dmknHf7z8f3T1QwDY7pYTjqv1tyZ
-VfTML6uT80cDdG/5T9vv2FqxedE5izPDuw9yuFuXMBFUK2nhyYXhwVYXCVjfP8NK
-RxFHj/v6mhHLX5vRGAK9FmfcdVL3yBuczXWICFffzwGWoW1mYww9jr1Q5sff7a2s
-AT2xEI/+GmfKGKzocCUufF9i4a+tFQhcYf6EeFiir2YeG9BBMLCFEtgIDYfwFJIM
-OOCD0ZwUKcP6xdlkutnVLWjV493hkHZfIwT2W+LeK19sgF+zJdYEjgh/sHJZHhan
-b7wpJxu/0DMvcKKdd9cifGJLNSoN+rkDq+a3/p5mJisP+rffYoox7HFzEqyAb5f2
-qbIk9Y5ogfIfsc/Wnid+B11pd+za29UXyXhR7AlfvkAH4wbxxb60S0gl6yKIHSHU
-YYiCmO5GTYuiKTnkW2H2OHIS2quF9m9G+zaRNQRTTbuSrxKrm77LqCH/7hlLyuCF
-wxs5QRYVLHjxuTWBtPHTFmavk8unTeIXnfCFMua/qrXl27b1735pvsqvmH251FmY
-jIRPooSe4GeQSZKlbxWLXhulau+kAAbuCaWYUE182aEneJc65ArmVm6ekZ5HDVDV
-o7vr+3nwwU+/v2ommBFXFIUGnkxf++I3IIwt2sC+hPe48ZnNCqA=
-=9e53
------END PGP SIGNATURE-----
diff --git a/samba-4.22.3.tar.asc b/samba-4.22.3.tar.asc
new file mode 100644
index 0000000..6589528
--- /dev/null
+++ b/samba-4.22.3.tar.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEgfXigyvSVFoYl7cTqplEL7aAtiAFAmhr85oACgkQqplEL7aA
+tiDUNQ//dYzBBGHRH1hoc2bBiqMHpsqGFnRttLGLJzNw+zaEB311NgMbezWX0XvH
+pjsKWlX+EzwyfgccW5LDmnxB02LHiY8gtwgGB4eN59knORQi7tq8KnbXyInqLLdm
+tx4WgZlCKXNz0RMbR46qnjRISfyf7RMNWvzN2aUC2XoiZO+pmdO9+TFrT3g0xaqP
+mttUqfb9eppf8SL0FtTQYjifFodi/LmEJSzqz+r9DAt0hyxk/s+YlVjnOlR/kC7k
+Wi9JBbT+lcUODKBPykzh/G2FyFtV7zVH4eOYxLbJyvFo3l67nXFAsm2DikbtpNkD
+sQaKY9GGd+hTRNg3O+1R7v1vKP++Hs8BW9VepRWpbCWOu3mx5fqa6Yat5pF7RIZI
+sVOr98LmOon1aNtMTIjqUKQ/Xn3Di44wBXd3eTbVXsyGitBftVV/QTm+qEKI8tte
+hR7N1oWbUU20cIGf8cY3K4uR8/ueUutPFGFUTjN3mJqicxDj3P1UVNrBgAyLkjjt
+zeionne2pEBmyzAl7W07gSQQZAtMPegIrr3Jtyd/6mTrQe9TtNCSKWrh++KNrWzm
+wRzlWrmG/jz4q/QAXYMou8HnfmNG0n1rg8xo/y3DHm89yX+OBmkr9lFuv62lJwJs
+o/5unHkM0M3YgiJ/HE0RtPBlB/Qb+rl/J7hIG8Z5tgCCfwpShtc=
+=OHaM
+-----END PGP SIGNATURE-----
diff --git a/samba-4.22.1.tar.gz b/samba-4.22.3.tar.gz
similarity index 32%
rename from samba-4.22.1.tar.gz
rename to samba-4.22.3.tar.gz
index e529e5c..632c53e 100644
--- a/samba-4.22.1.tar.gz
+++ b/samba-4.22.3.tar.gz
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:6a1f89f1ab25916e255f1c2c3a4a88235a854af2eca40bb9d9bba7545b684a0a
-size 42866082
+oid sha256:8fd7092629a3596d935cd7567d934979f94272918ec3affd0cc807934ecf22ba
+size 42869744
diff --git a/samba.spec b/samba.spec
index e173924..1f6c255 100644
--- a/samba.spec
+++ b/samba.spec
@@ -44,8 +44,8 @@
 %global samba_depver %{version}-%{release}
 
 Name:           samba
-Version:        4.22.1
-Release:        2
+Version:        4.22.3
+Release:        1
 
 Summary:        A suite for Linux to interoperate with Windows
 License:        GPL-3.0-or-later AND LGPL-3.0-or-later
@@ -67,7 +67,6 @@ Source11:       samba-winbind-systemd-sysusers.conf
 Source201:      README.downgrade
 
 Patch1:         remove-sensitive-info.patch
-Patch2:         backport-CVE-2025-0620.patch
 
 
 BuildRequires: avahi-devel bison dbus-devel docbook-style-xsl e2fsprogs-devel flex gawk gnupg2 gnutls-devel >= 3.4.7 gpgme-devel
@@ -3073,6 +3072,12 @@ fi
 %{_mandir}/man3/ldif*
 
 %changelog
+* Thu Jul 10 2025 Funda Wang <fundawang@yeah.net> - 4.22.3-1
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC: update to 4.22.3
+
 * Fri Jun 06 2025 xinghe <xinghe2@h-partners.com> - 4.22.1-2
 - Type:cves
 - ID:CVE-2025-0620
-- 
Gitee