Next | Query returned 155 messages, browsing 1 to 10 | Previous

History of commit frequency

CVS Commit History:


   2021-09-13 12:13:33 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
samba4: updated to 4.3.11

Changes since 4.13.10
* BUG 14769: smbd panic on force-close share during offload write.
* BUG 14731: Fix returned attributes on fake quota file handle and avoid
  hitting the VFS.
* BUG 14783: smbd "deadtime" parameter doesn't work anymore.
* BUG 14787: net conf list crashes when run as normal user.
* BUG 14607: Work around special SMB2 READ response behavior of NetApp Ontap
  7.3.7.
* BUG 14793: Start the SMB encryption as soon as possible.
* BUG 14792: Winbind should not start if the socket path for the privileged
  pipe is too long.
   2021-07-25 17:58:04 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
net/samba4: update to 4.3.10

Changes since 4.13.9
--------------------

o  Jeremy Allison <jra@samba.org>
   * BUG 14708: s3: smbd: Ensure POSIX default ACL is mapped into returned
     Windows ACL for directory handles.
   * BUG 14721: Take a copy to make sure we don't reference free'd memory.
   * BUG 14722: s3: lib: Fix talloc heirarcy error in parent_smb_fname().
   * BUG 14736: s3: smbd: Remove erroneous TALLOC_FREE(smb_fname_parent) in
     change_file_owner_to_parent() error path.

o  Andrew Bartlett <abartlet@samba.org>
   * BUG 14575: samba-tool: Give better error information when the
     'domain backup restore' fails with a duplicate SID.

o  Ralph Boehme <slow@samba.org>
   * BUG 14714: smbd: Correctly initialize close timestamp fields.
   * BUG 14740: Spotlight RPC service doesn't work with vfs_glusterfs.

o  Volker Lendecke <vl@samba.org>
   * BUG 14475: ctdb: Fix a crash in run_proc_signal_handler().

o  Stefan Metzmacher <metze@samba.org>
   * BUG 14750: gensec_krb5: Restore ipv6 support for kpasswd.
   * BUG 14752: smbXsrv_{open,session,tcon}: Protect
     smbXsrv_{open,session,tcon}_global_traverse_fn against invalid records.

o  Joseph Sutton <josephsutton@catalyst.net.nz>
   * BUG 14027: samba-tool domain backup offline doesn't work against bind DLZ
     backend.
   * BUG 14669: netcmd: Use next_free_rid() function to calculate a SID for
     restoring a backup.
   2021-07-13 00:30:44 by Nia Alarie | Files touched by this commit (1)
Log message:
samba4: "Building --without-ads requires also building --without-ad-dc."
   2021-06-22 11:36:41 by Nia Alarie | Files touched by this commit (10)
Log message:
samba4: downgrade to 4.13.9, as discussed on netbsd-users@
   2021-06-21 12:23:48 by Nia Alarie | Files touched by this commit (5)
Log message:
samba4: Warn before starting if procfs is not mounted on NetBSD...
   2021-06-02 22:05:20 by Nia Alarie | Files touched by this commit (1)
Log message:
samba4: don't declare snapper twice
   2021-06-01 10:30:18 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
samba4: updated to 4.14.5

Changes since 4.14.4
--------------------
* BUG 14696: s3: smbd: SMB1 SMBsplwr doesn't send a reply packet on success.
* BUG 14708: s3: smbd: Ensure POSIX default ACL is mapped into returned
  Windows ACL for directory handles.
* BUG 14721: s3: smbd: Fix uninitialized memory read in
  process_symlink_open() when used with vfs_shadow_copy2().
* BUG 14689: docs: Expand the "log level" docs on audit logging.
* BUG 14714: smbd: Correctly initialize close timestamp fields.
* BUG 14699: Fix gcc11 compiler issues.
* BUG 14718: docs-xml: Update smbcacls manpage.
* BUG 14719: docs: Update list of available commands in rpcclient.
* BUG 14475: ctdb: Fix a crash in run_proc_signal_handler().
* BUG 14695: s3:winbind: For 'security = ADS' require realm/workgroup to be
  set.
* BUG 14699: lib:replace: Do not build strndup test with gcc 11 or newer.
   2021-05-30 22:02:31 by Dr. Thomas Orgis | Files touched by this commit (4)
Log message:
net/samba4: handle dbus dependency explicitly on Linux

This manifests as the snapper vfs files appearing depending on dbus
being present or not on Linux, causing PLIST mismatch. This option
actually disables this if desired. The default is still on, as
dbus is to be expected on modern Linux installs anyway.
   2021-05-24 21:56:06 by Thomas Klausner | Files touched by this commit (3575)
Log message:
*: recursive bump for perl 5.34
   2021-04-29 17:21:16 by Takahiro Kambe | Files touched by this commit (12) | Package updated
Log message:
net/samba4: update to 4.14.4

pkgsrc changes: remove extra spaces in some patch files.

                   ==============================
                   Release Notes for Samba 4.14.4
                           April 29, 2021
                   ==============================

This is a security release in order to address the following defect:

o CVE-2021-20254: Negative idmap cache entries can cause incorrect group entries
  in the Samba file server process token.

=======
Details
=======

o  CVE-2021-20254:
   The Samba smbd file server must map Windows group identities (SIDs) into unix
   group ids (gids). The code that performs this had a flaw that could allow it
   to read data beyond the end of the array in the case where a negative cache
   entry had been added to the mapping cache. This could cause the calling code
   to return those values into the process token that stores the group
   membership for a user.

   Most commonly this flaw caused the calling code to crash, but an alert user
   (Peter Eriksson, IT Department, Linköping University) found this flaw by
   noticing an unprivileged user was able to delete a file within a network
   share that they should have been disallowed access to.

   Analysis of the code paths has not allowed us to discover a way for a
   remote user to be able to trigger this flaw reproducibly or on demand,
   but this CVE has been issued out of an abundance of caution.

Changes since 4.14.3
--------------------

o  Volker Lendecke <vl@samba.org>
   * BUG 14571: CVE-2021-20254: Fix buffer overrun in sids_to_unixids().

Next | Query returned 155 messages, browsing 1 to 10 | Previous