Changelog for
libndr0-4.9.4-3.1.x86_64.rpm :
Thu Dec 20 13:00:00 2018 Johannes Engel
- Update to 4.9.4
+ Bugfixes
Tue Nov 27 13:00:00 2018 Johannes Engel
- Update to 4.9.3
+ CVE-2018-14629 (Unprivileged adding of CNAME record causing loop in AD
Internal DNS server)
+ CVE-2018-16841 (Double-free in Samba AD DC KDC with PKINIT)
+ CVE-2018-16851 (NULL pointer de-reference in Samba AD DC LDAP server)
+ CVE-2018-16852 (NULL pointer de-reference in Samba AD DC DNS servers)
+ CVE-2018-16853 (Samba AD DC S4U2Self crash in experimental MIT Kerberos
configuration (unsupported))
+ CVE-2018-16857 (Bad password count in AD DC not always effective)
Thu Nov 8 13:00:00 2018 Johannes Engel
- Update to 4.9.2
+ Bugfixes
Mon Sep 24 14:00:00 2018 Johannes Engel
- Update to 4.9.1
+ Bugfixes
Fri Sep 14 14:00:00 2018 Johannes Engel
- Update to 4.9.0
Fri Sep 7 14:00:00 2018 jcnengelAATTgmail.com
- Update to 4.9.0 RC5
Wed Aug 15 14:00:00 2018 jcnengelAATTgmail.com
- Introduce 4.9.0 RC3
+ net ads setspn handles SPNs now
+ net ads keytab behavior has changed
+ Local authorization plugin for MIT Kerberos
+ Database audit support
+ Password change audit support
+ Group membership change audit support
+ New experimental LMDB LDB backend
+ Support Password Settings Objects (PSOs)
+ New samba-tool command for backing up domain DB
+ Domain rename tool
+ New samba-tool options for diagnosing DRS replication issues
+ DNS entries cleanup during DC demote
+ Much faster ntacl sysvolreset
Tue Aug 14 14:00:00 2018 jcnengelAATTgmail.com
- Update to 4.8.4
+ Fix CVE-2018-1139 (Weak authentication protocol allowed.)
+ Fix CVE-2018-1140 (Denial of Service Attack on DNS and LDAP
server.)
+ Fix CVE-2018-10858 (Insufficient input validation on client
directory listing in libsmbclient.)
+ Fix CVE-2018-10918 (Denial of Service Attack on AD DC DRSUAP
server.)
+ Fix CVE-2018-10919 (Confidential attribute disclosure from the
AD LDAP server.)
Sat Jun 30 14:00:00 2018 jcnengelAATTgmail.com
- Update to 4.8.3
+ Bugfixes
Thu May 17 14:00:00 2018 jcnengelAATTgmail.com
- Update to 4.8.2
+ Bugfixes, most notably #13335
Sun Apr 29 14:00:00 2018 jcnengelAATTgmail.com
- Update to 4.8.1
+ Bugfixes
Fri Mar 16 13:00:00 2018 jcnengelAATTgmail.com
- Update to 4.8.0
+ Fix CVE-2018-1050 (Denial of Service Attack on external print
server)
+ Fix CVE-2018-1057 (Authenticated users can change other users\'
password)
Fri Mar 2 13:00:00 2018 jcnengelAATTgmail.com
- Update to 4.8.0rc4
Mon Feb 12 13:00:00 2018 jcnengelAATTgmail.com
- Update to 4.8.0rc3
Sun Feb 11 13:00:00 2018 jcnengelAATTgmail.com
- Update to 4.8.0rc2
+ Add group policy support for samba kdc
+ Time machine support with vfs_fruit
+ support for lower casing mdns name
+ Encryption of sensitive attributes on disk
Fri Feb 9 13:00:00 2018 jcnengelAATTgmail.com
- Update to 4.7.5
+ Fix bug #13228 causing AD objects to have missing or corrupted
linked attributes
+ Other bugfixes
Sat Dec 23 13:00:00 2017 jcnengelAATTgmail.com
- Update to 4.7.4
+ smbclient reparse point symlink parameters reversed
+ Bugfixes
Tue Nov 21 13:00:00 2017 jcnengelAATTgmail.com
- Update to 4.7.3
+ Fix CVE-2017-14746 (Use-after-free vulnerability.)
+ Fix CVE-2017-15275 (Server heap memory information leak.)
Wed Nov 15 13:00:00 2017 jcnengelAATTgmail.com
- Update to 4.7.2
* Fix bug #13130 potentially causing file corruption
Thu Nov 2 13:00:00 2017 jcnengelAATTgmail.com
- Update to 4.7.1
* Bugfixes
Thu Sep 21 14:00:00 2017 jcnengelAATTgmail.com
- Update to 4.7.0
* Introduction of whole DB read locks
* First support of MIT Kerberos instead of Heimdal
* Detailed audit support for authentication and authorization
* Improved RODC support
* Smaller improvements
Mon Jun 12 14:00:00 2017 jcnengelAATTgmail.com
- Update to 4.6.5
* Bugfixes
Tue May 30 14:00:00 2017 jcnengelAATTgmail.com
- Upgrade to 4.6.4
* New ID mapping checks in testparm routine
* spelling correction in vfs_fruit
* Allow specification of Kerberos encryption type
* Support uploading of printer drivers from Windows 10 clients
* Support for owner inheritance in smbd
* Netlogon supports multiple processes
* Allow configuration of TCP ports for RPC services
Mon May 29 14:00:00 2017 jcnengelAATTgmail.com
- Update to 4.5.10
* Fix BUG 12780: CVE-2017-7494: Avoid remote code execution from
a writable share.
Sun May 21 14:00:00 2017 jcnengelAATTgmail.com
- Update to 4.5.9
* Bugfixes
Fri Mar 31 14:00:00 2017 jcnengelAATTgmail.com
- Update to 4.5.8
* Bugfix: Fix regression with \"follow symlinks = no\"
Thu Mar 23 13:00:00 2017 jcnengelAATTgmail.com
- Update to 4.5.7
* Fix CVE-2017-2619 (Symlink race allows access outside share
definition)
Tue Mar 14 13:00:00 2017 jcnengelAATTgmail.com
- Update to 4.5.6
* Bugfixes
Tue Jan 31 13:00:00 2017 jcnengelAATTgmail.com
- Update to 4.5.5
* Revert rewrite of vfs_fruit module due to missing test
* Bugfixes
Mon Jan 23 13:00:00 2017 jcnengelAATTgmail.com
- Update to 4.5.4
* Bugfixes
Fri Dec 23 13:00:00 2016 jcnengelAATTgmail.com
- Update to 4.5.3
* CVE-2016-2123 (Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer
Overflow Remote Code Execution Vulnerability).
* CVE-2016-2125 (Unconditional privilege delegation to Kerberos servers in
trusted realms).
* CVE-2016-2126 (Flaws in Kerberos PAC validation can trigger privilege
elevation).
Sun Dec 11 13:00:00 2016 jcnengelAATTgmail.com
- Update to 4.5.2
* Bugfixes
Wed Oct 26 14:00:00 2016 jcnengelAATTgmail.com
- Update to 4.5.1
* Let winbindd discard expired kerberos tickets when built
against (internal) heimdal (BUG #12369).
* REGRESSION: smbd segfaults on startup, tevent context being
freed (BUG #12283).
Sat Sep 10 14:00:00 2016 jcnengelAATTgmail.com
- Update to 4.5.0
* NTLMv1 authentication disabled by default
* Support for LDAP_SERVER_NOTIFICATION_OID
* KCC improvements for sparse network replication
* VLV - Virtual list view
* DRS Replication for AD DC
* samba-tool drs replicate with new options
* replPropertyMetaData Changes
* Linked attributes on deleted objects
* Improved AD DC performance
* Other dbcheck improvements
* Tombstone reanimation
* Multiple DNS Forwarders on the AD DC
* Password quality plugin support in the AD DC
* pwdLastSet is now correctly honoured
* net ads dns unregister
* samba-tool improvements
* SMB 2.1 Leases enabled by default
* Open File Description (OFD) Locks
* Password sync as AD DC
* Python crypto requirements
* SmartCard/ PKINIT improvements
* CTDB changes
* New shadow_copy2 options
* Bugfixes
Fri Jul 8 14:00:00 2016 jcnengelAATTgmail.com
- Update to 4.4.5
* Fix CVE-2016-2119 (Client side SMB2/3 required signing can be
downgraded)
Wed Jun 8 14:00:00 2016 jcnengelAATTgmail.com
- Update to 4.4.4
* Bugfixes
Wed May 4 14:00:00 2016 jcnengelAATTgmail.com
- Fix winbind.service file with correct executable
Tue May 3 14:00:00 2016 jcnengelAATTgmail.com
- Update to 4.4.3
* Bugfixes
Tue Apr 12 14:00:00 2016 jcnengelAATTgmail.com
- Update to 4.4.2
* Fix Badlock bug (CVE-2016-2118)
Fri Mar 25 13:00:00 2016 jcnengelAATTgmail.com
- Update to 4.4.0
* Added GNUTLS-based backup key implementation to s4-rpc_server
* samba-tool gained the ability to remove other dead DCs
* Implement asynchronous flush requests for SMB2/3
* rewrite the WINS nsswitch module
* various CTDB changes
* many other bugfixes and enhancements
Mon Mar 14 13:00:00 2016 jcnengelAATTgmail.com
- Update to 4.3.6
* Security fixes
Sat Mar 5 13:00:00 2016 jcnengelAATTgmail.com
- Update to 4.3.5
* Bugfixes
Thu Feb 11 13:00:00 2016 jcnengelAATTgmail.com
- Update to 4.3.4
Wed Sep 9 14:00:00 2015 jcnengelAATTgmail.com
- Update to 4.3.0
Sat Aug 29 14:00:00 2015 jcnengelAATTgmail.com
- Initial checkin of 4.2.23