SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for samba-libs-4.6.6-2.1.x86_64.rpm :
Wed Jul 12 14:00:00 2017 mdbuildAATTuse.startmail.com
- This is a security release in order to address the following defect:
o CVE-2017-11103 (Orpheus\' Lyre mutual authentication validation bypass)
=======
Details
=======
o CVE-2017-11103 (Heimdal):
All versions of Samba from 4.0.0 onwards using embedded Heimdal
Kerberos are vulnerable to a man-in-the-middle attack impersonating
a trusted server, who may gain elevated access to the domain by
returning malicious replication or authorization data.
Samba binaries built against MIT Kerberos are not vulnerable.
Changes since 4.6.5:
o Jeffrey Altman

* BUG 12894: CVE-2017-11103: Orpheus\' Lyre KDC-REP service name validation

Tue Jun 6 14:00:00 2017 mdbuildAATTuse.startmail.com
- Changes since 4.6.4:
o Jeremy Allison

* BUG 12804: s3: VFS: Catia: Ensure path name is also converted.
o Christian Ambach

* BUG 12765: s3:smbcacls add prompt for password.
o Ralph Boehme

* BUG 12562: vfs_acl_xattr|tdb: Ensure create mask is at least 0666 if
ignore_system_acls is set.

* BUG 12702: Wrong sid->uid mapping for SIDs residing in sIDHistory.

* BUG 12749: vfs_fruit: lp_case_sensitive() does not return a bool.

* BUG 12766: s3/smbd: Update exclusive oplock optimisation to the lease area.

* BUG 12798: s3/smbd: Fix exclusive lease optimisation.
o Alexander Bokovoy

* BUG 12751: Allow passing trusted domain password as plain-text to PASSDB
layer.

* BUG 12764: systemd: Fix detection of libsystemd.
o Amitay Isaacs

* BUG 12697: ctdb-readonly: Avoid a tight loop waiting for revoke to
complete.

* BUG 12770: ctdb-logging: Initialize DEBUGLEVEL before changing the value.
o Shilpa Krishnareddy

* BUG 12756: notify: Fix ordering of events in notifyd.
o Volker Lendecke

* BUG 12757: idmap_rfc2307: Lookup of more than two SIDs fails.
o Stefan Metzmacher

* BUG 12767: samba-tool: Let \'samba-tool user syncpasswords\' report deletions
immediately.
o Doug Nazar

* BUG 12760: s3: smbd: inotify_map_mask_to_filter incorrectly indexes an
array.
o Andreas Schneider

* BUG 12687: vfs_expand_msdfs tries to open the remote address as a file
path.
o Martin Schwenke

* BUG 12802: \'ctdb nodestatus\' incorrectly displays status for all nodes with
wrong exit code.

* BUG 12814: ctdb-common: Fix crash in logging initialisation.

Wed May 24 14:00:00 2017 mdbuildAATTuse.startmail.com
-
o CVE-2017-7494 (Remote code execution from a writable share)
=======
Details
=======
o CVE-2017-7494:
All versions of Samba from 3.5.0 onwards are vulnerable to a remote
code execution vulnerability, allowing a malicious client to upload a
shared library to a writable share, and then cause the server to load
and execute it.
Changes since 4.6.3:
o Volker Lendecke

* BUG 12780: CVE-2017-7494: Avoid remote code execution from a writable
share.

Tue Apr 25 14:00:00 2017 mdbuildAATTuse.startmail.com
- Changes since 4.6.2:
o Michael Adam

* BUG 12743: s3:vfs:shadow_copy2: vfs_shadow_copy2 fails to list snapshots
from shares with GlusterFS backend.
o Jeremy Allison

* BUG 12559: Fix for Solaris C compiler.

* BUG 12628: s3: locking: Update oplock optimization for the leases era.

* BUG 12693: Make the Solaris C compiler happy.

* BUG 12695: s3: libgpo: Allow skipping GPO objects that don\'t have the
expected LDAP attributes.

* BUG 12747: Fix buffer overflow caused by wrong use of getgroups.
o Hanno Boeck

* BUG 12746: lib: debug: Avoid negative array access.

* BUG 12748: cleanupdb: Fix a memory read error.
o Ralph Boehme

* BUG 7537: streams_xattr and kernel oplocks results in
NT_STATUS_NETWORK_BUSY.

* BUG 11961: winbindd: idmap_autorid allocates ids for unknown SIDs from other
backends.

* BUG 12565: vfs_fruit: Resource fork open request with
flags=O_CREAT|O_RDONLY.

* BUG 12615: manpages/vfs_fruit: Document global options.

* BUG 12624: lib/pthreadpool: Fix a memory leak.

* BUG 12727: Lookup-domain for well-known SIDs on a DC.

* BUG 12728: winbindd: Fix error handling in rpc_lookup_sids().

* BUG 12729: winbindd: Trigger possible passdb_dsdb initialisation.
o Alexander Bokovoy

* BUG 12611: credentials_krb5: use gss_acquire_cred for client-side GSSAPI
use case.

* BUG 12690: lib/crypto: Implement samba.crypto Python module for RC4.
o Amitay Isaacs

* BUG 12697: ctdb-readonly: Avoid a tight loop waiting for revoke to
complete.

* BUG 12723: ctdb_event monitor command crashes if event is not specified.

* BUG 12733: ctdb-docs: Fix documentation of \"-n\" option to \'ctdb tool\'.
o Volker Lendecke

* BUG 12558: smbd: Fix smb1 findfirst with DFS.

* BUG 12610: smbd: Do an early exit on negprot failure.

* BUG 12699: winbindd: Fix substitution for \'template homedir\'.
o Stefan Metzmacher

* BUG 12554: s4:kdc: Disable principal based autodetected referral detection.

* BUG 12613: idmap_autorid: Allocate new domain range if the callers knows
the sid is valid.

* BUG 12724: LINKFLAGS_PYEMBED should not contain -L/some/path.

* BUG 12725: PAM auth with WBFLAG_PAM_GET_PWD_POLICY returns wrong policy for
trusted domain.

* BUG 12731: rpcclient: Allow -U\'OTHERDOMAIN\\user\' again.
o Christof Schmitt

* BUG 12725: winbindd: Fix password policy for pam authentication.
o Andreas Schneider

* BUG 12554: s3:gse: Correctly handle external trusts with MIT.

* BUG 12611: auth/credentials: Always set the realm if we set the principal
from the ccache.

* BUG 12686: replace: Include sysmacros.h.

* BUG 12687: s3:vfs_expand_msdfs: Do not open the remote address as a file.

* BUG 12704: s3:libsmb: Only print error message if kerberos use is forced.

* BUG 12708: winbindd: Child process crashes when kerberos-authenticating
a user with wrong password.
o Uri Simchoni

* BUG 12715: vfs_fruit: Office document opens as read-only on macOS due to
CNID semantics.

* BUG 12737: vfs_acl_xattr: Fix failure to get ACL on Linux if memory is
fragmented.

Fri Mar 31 14:00:00 2017 mdbuildAATTuse.startmail.com
- This is a bug fix release to address a regression introduced by the security
fixes for CVE-2017-2619 (Symlink race allows access outside share definition).
Please see https://bugzilla.samba.org/show_bug.cgi?id=12721 for details.
Changes since 4.6.1:
o Jeremy Allison

* BUG 12721: Fix regression with \"follow symlinks = no\".

Thu Mar 23 13:00:00 2017 mdbuildAATTuse.startmail.com
-
Changes since 4.6.0:
o Jeremy Allison

* BUG 12496: CVE-2017-2619: Symlink race permits opening files outside share
directory.
o Ralph Boehme

* BUG 12496: CVE-2017-2619: Symlink race permits opening files outside share
directory.
-

Fri Feb 3 13:00:00 2017 mdbuildAATTuse.startmail.com
- Changes since 4.5.4:
o Amitay Isaacs

* BUG 12469: ctdb-locking: Explicitly unlock record/db in lock helper.
o Björn Jacke

* BUG 12535: vfs_default: Unlock the right file in copy chunk.
o Martin Schwenke

* BUG 12512: ctdb-scripts: Fix remaining uses of \"ctdb gratiousarp\".

* BUG 12516: /etc/iproute2/rt_tables gets populated with multiple
\'default\' entries.
Changes since 4.5.3:
o Jeremy Allison

* BUG 12460: rename_internals_fsp missing ACL permission-check on destination
folder.

* BUG 12466: lib: security: se_access_check() incorrectly processes owner
rights (S-1-3-4) DENY ace entries.

* BUG 12467: s3: ntlm_auth: Don\'t corrupt the output stream with debug
messages.

* BUG 12479: s3: libsmb: Add cli_smb2_ftruncate(), plumb into
cli_ftruncate().
o Ralph Boehme

* BUG 12396: s3/smbd: Remove a misleading error message.

* BUG 12412: vfs_fruit: Fix \"fruit:resource\" option spelling, but not
behaviour.

* BUG 12485: ctdbd_conn: Fix a resource leak.
o David Disseldorp

* BUG 12144: smbd/ioctl: match WS2016 ReFS set compression behaviour.
o Björn Jacke

* BUG 2210: pam: Map more NT password errors to PAM errors.
o Volker Lendecke

* BUG 12484: winbindd: Use idmap cache in xids2sids.

* BUG 12509: messaging: Fix dead but not cleaned-up-yet destination sockets.
o Stefan Metzmacher

* BUG 12480: kinit succeeded but ads_sasl_spnego_gensec_bind(KRB5) failed: An
internal error occurred (with MIT krb5).
o Andreas Schneider

* BUG 12183: printing: Fix building with CUPS version older than 1.7.

* BUG 12441: s3:libads: Include system /etc/krb5.conf if we use MIT Kerberos.
o Martin Schwenke

* BUG 12470: Fix ctdb ip bugs.
This is a security release in order to address the following defects:
o CVE-2016-2123 (Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer
Overflow Remote Code Execution Vulnerability).
o CVE-2016-2125 (Unconditional privilege delegation to Kerberos servers in
trusted realms).
o CVE-2016-2126 (Flaws in Kerberos PAC validation can trigger privilege
elevation).
=======
Details
=======
o CVE-2016-2123:
The Samba routine ndr_pull_dnsp_name contains an integer wrap problem,
leading to an attacker-controlled memory overwrite. ndr_pull_dnsp_name
parses data from the Samba Active Directory ldb database. Any user
who can write to the dnsRecord attribute over LDAP can trigger this
memory corruption.
By default, all authenticated LDAP users can write to the dnsRecord
attribute on new DNS objects. This makes the defect a remote privilege
escalation.
o CVE-2016-2125
Samba client code always requests a forwardable ticket
when using Kerberos authentication. This means the
target server, which must be in the current or trusted
domain/realm, is given a valid general purpose Kerberos
\"Ticket Granting Ticket\" (TGT), which can be used to
fully impersonate the authenticated user or service.
o CVE-2016-2126
A remote, authenticated, attacker can cause the winbindd process
to crash using a legitimate Kerberos ticket due to incorrect
handling of the arcfour-hmac-md5 PAC checksum.
A local service with access to the winbindd privileged pipe can
cause winbindd to cache elevated access permissions.
Changes since 4.5.2:
o Volker Lendecke

* BUG 12409: CVE-2016-2123: Fix DNS vuln ZDI-CAN-3995.
o Stefan Metzmacher

* BUG 12445: CVE-2016-2125: Don\'t send delegated credentials to all servers.

* BUG 12446: CVE-2016-2126: auth/kerberos: Only allow known checksum types in
check_pac_checksum().
Changes since 4.5.1:
o Michael Adam

* BUG 12404: vfs:glusterfs: Preallocate result for glfs_realpath.
o Jeremy Allison

* BUG 12384: s3: vfs: Remove files/directories after the streams are deleted.

* BUG 12387: s3: vfs_streams_depot: Use conn->connectpath not conn->cwd.

* BUG 12436: s3/smbd: Fix the last resort check that sets the file type
attribute.
o Andrew Bartlett

* BUG 9954: dsdb: Create RID Set as SYSTEM.

* BUG 12297: dbcheck: Correct message for orphaned backlinks.

* BUG 12395: build: Fix build with perl on debian sid.

* BUG 12398: Fix errors in extended operations (like allocating a RID Set).
o Günther Deschner

* BUG 11197: spoolss: Use correct values for secdesc and devmode pointers.
o Clive Ferreira

* BUG 12394: objectclass_attrs: Only abort on a missing attribute when an
attribute is both MUST and replicated.
o Amitay Isaacs

* BUG 12366: provision,dlz-bind: Add support for BIND 9.11.x.

* BUG 12392: ctdb-locking: Reset real-time priority in lock helper.

* BUG 12407: ctdb-scripts: Fix calculation of CTDB_BASE.

* BUG 12434: ctdb-recovery: Avoid NULL dereference in failure case.
o Stefan Metzmacher

* BUG 10297: s3:smbd: Only pass UCF_PREP_CREATEFILE to filename_convert() if
we may create a new file.
o Mathieu Parent

* BUG 12371: ctdb-scripts: Fix Debian init in samba eventscript.
o Garming Sam

* BUG 9954: samba_tool/fsmo: Allocate RID Set when seizing RID manager.

* BUG 10882: s4-auth: Don\'t check for NULL saltPrincipal if it doesn\'t need
it.

* BUG 12297: upgradeprovision: Remove objectCategory from constructed attrs.

* BUG 12385: collect_tombstones: Allow links to recycled objects to be
deleted.
o Andreas Schneider

* BUG 12183: s3-printing: Correctly encode CUPS printer URIs.

* BUG 12195: s3-printing: Allow printer names longer than 16 chars.

* BUG 12269: nss_wins: Fix errno values for HOST_NOT_FOUND.

* BUG 12405: s3-winbind: Do not return NO_MEMORY if we have an empty user
list.

* BUG 12415: s3:spoolss: Add support for COPY_FROM_DIRECTORY in
AddPrinterDriverEx.
o Martin Schwenke

* BUG 12104: ctdb-packaging: Move CTDB tests to /usr/local/share/ctdb/tests/.
o Uri Simchoni

* BUG 12375: smbd: In ntlm auth, do not map empty domain in case of
\\userAATTrealm.
o Ralph Wuerthner

* BUG 12372: ctdb-conn: Add missing variable initialization.
- Update to 4.4.5
+ Stefan Metzmacher

* BUG 11860: CVE-2016-2119: Fix client side SMB2 signing downgrade.

* BUG 11948: Total dcerpc response payload more than 0x400000.
- Update to 4.4.4
+ Michael Adam

* BUG 11809: SMB3 multichannel: Add implementation of missing channel sequence
number verification.

* BUG 11919: smbd:close: Only remove kernel share modes if they had been
taken at open.

* BUG 11930: notifyd: Prevent NULL deref segfault in notifyd_peer_destructor.
+ Jeremy Allison

* BUG 10618: s3: auth: Move the declaration of struct dom_sid tmp_sid to
function level scope.
+ Christian Ambach

* BUG 10796: s3:rpcclient: Make \'--pw-nt-hash\' option work.

* BUG 11354: s3:libsmb/clifile: Use correct value for MaxParameterCount for
setting EAs.

* BUG 11438: Fix case sensitivity issues over SMB2 or above.
+ Ralph Boehme

* BUG 1703: s3:libnet:libnet_join: Add netbios aliases as SPNs.

* BUG 11721: vfs_fruit: Add an option that allows disabling POSIX rename
behaviour.
+ Alexander Bokovoy

* BUG 11936: s3-smbd: Support systemd 230.
+ Ira Cooper

* BUG 11907: source3: Honor the core soft limit of the OS.
+ Günther Deschner

* BUG 11809: SMB3 multichannel: Add implementation of missing channel sequence
number verification.

* BUG 11864: s3:client:smbspool_krb5_wrapper: Fix the non clearenv build.

* BUG 11906: s3-kerberos: Avoid entering a password change dialogue also when
using MIT.
+ Robin Hack

* BUG 11890: ldb-samba/ldb_matching_rules: Fix CID 1349424 - Uninitialized
pointer read.
+ Volker Lendecke

* BUG 11844: dbwrap_ctdb: Fix ENOENT->NT_STATUS_NOT_FOUND.
+ Robin McCorkell

* BUG 11276: Correctly set cli->raw_status for libsmbclient in SMB2 code.
+ Stefan Metzmacher

* BUG 11910: s3:smbd: Fix anonymous authentication if signing is mandatory.

* BUG 11912: libcli/auth: Let msrpc_parse() return talloc\'ed empty strings.

* BUG 11914: Fix NTLM Authentication issue with squid.

* BUG 11927: s3:rpcclient: make use of SMB_SIGNING_IPC_DEFAULT.
+ Luca Olivetti

* BUG 11530: pdb: Fix segfault in pdb_ldap for missing gecos.
+ Rowland Penny

* BUG 11613: Allow \'samba-tool fsmo\' to cope with empty or missing fsmo
roles.
+ Anoop C S

* BUG 11907: packaging: Set default limit for core file size in service
files.
+ Andreas Schneider

* BUG 11922: s3-net: Convert the key_name to UTF8 during migration.

* BUG 11935: s3-smbspool: Log to stderr.
+ Uri Simchoni

* BUG 11900: heimdal: Encode/decode kvno as signed integer.

* BUG 11931: s3-quotas: Fix sysquotas_4B quota fetching for BSD.

* BUG 11937: smbd: dfree: Ignore quota if not enforced.
+ Raghavendra Talur

* BUG 11907: init: Set core file size to unlimited by default.
+ Hemanth Thummala

* BUG 11934: Fix memory leak in share mode locking.
- Update to 4.4.3
- Update to 4.4.2
+ + A man-in-the-middle can downgrade NTLMSSP authentication;
+ CVE-2016-2110; (bso#11688); (bsc#973031).
+ + Domain controller netlogon member computer can be spoofed;
+ CVE-2016-2111; (bso#11749); (bsc#973032).
+ + LDAP conenctions vulnerable to downgrade and MITM attack;
+ CVE-2016-2112; (bso#11644); (bsc#973033).
+ + TLS certificate validation missing; CVE-2016-2113; (bso#11752);
+ (bsc#973034).
+ + Named pipe IPC vulnerable to MITM attacks; CVE-2016-2115;
+ (bso#11756); (bsc#973036).
+ + \"Badlock\" DCERPC impersonation of authenticated account possible;
+ CVE-2016-2118; (bso#11804); (bsc#971965).
+ + DCERPC server and client vulnerable to DOS and MITM attacks;
+ CVE-2015-5370; (bso#11344); (bsc#936862).
- Update to 4.4.0.
+ + Read of uninitialized memory DNS TXT handling; (bso#11128); (bso#11686);
+ CVE-2016-0771.
+ + Getting and setting Windows ACLs on symlinks can change permissions on link
+ target; (bso#11648); CVE-2015-7560.
+ + Sockets with htons(IPPROTO_RAW); (bso#11705); CVE-2015-8543.
+ + s3: smbd: posix_acls: Fix check for setting u:g:o entry on a filesystem
+ with no ACL support; (bso#10489).
+ + docs: Add example for domain logins to smbspool man page; (bso#11643).
+ + smbd: Show correct disk size for different quota and dfree block sizes;
+ (bso#11681).
+ + docs: Add smbspool_krb5_wrapper manpage; (bso#11690).
+ + winbindd: Return trust parameters when listing trusts; (bso#11691).
+ + ctdb: Do not provide a useless pkgconfig file for ctdb; (bso#11696).
+ + Crypto.Cipher.ARC4 is not available on some platforms, fallback to
+ M2Crypto.RC4.RC4 then; (bso#11699).
+ + s3:utils/smbget: Set default blocksize; (bso#11700).
+ + Streamline \'smbget\' options with the rest of the Samba utils; (bso#11700).
+ + s3:clispnego: Fix confusing warning in spnego_gen_krb5_wrap(); (bso#11702).
+ + s3: smbd: Fix timestamp rounding inside SMB2 create; (bso#11703).
+ + loadparm: Fix memory leak issue; (bso#11708).
+ + lib/tsocket: Work around sockets not supporting FIONREAD; (bso#11714).
+ + s3:vfs:glusterfs: Fix build after quota changes; (bso#11715).
+ + ctdb-scripts: Drop use of \"smbcontrol winbindd ip-dropped ...\"; (bso#11719).
+ + lib:socket: Fix CID 1350010: Integer OVERFLOW_BEFORE_WIDEN; (bso#11723).
+ + smbd: Fix CID 1351215 Improper use of negative value; (bso#11724).
+ + smbd: Fix CID 1351216 Dereference null return value; (bso#11725).
+ + s3:smbd:open: Skip redundant call to file_set_dosmode when creating a new
+ file; (bso#11727).
+ + docs: Add manpage for cifsdd; (bso#11730).
+ + param: Fix str_list_v3 to accept ; again; (bso#11732).
+ + lib/socket: Fix improper use of default interface speed; (bso#11734).
+ + lib:socket: Fix CID 1350009: Fix illegal memory accesses
+ (BUFFER_SIZE_WARNING); (bso#11735).
+ + libcli: Fix debug message, print sid string for new_ace trustee;
+ (bso#11738).
+ + Fix installation path of Samba helper binaries; (bso#11739).
+ + Fix memory leak in loadparm; (bso#11740).
+ + tevent: version 0.9.28: Fix memory leak when old signal action restored;
+ (bso#11742).
+ + smbd: Ignore SVHDX create context; (bso#11753).
+ + Fix net join; (bso#11755).
+ + s3:libads: setup the msDS-SupportedEncryptionTypes attribute on ldap_add;
+ (bso#11755).
+ + passdb: Add linefeed to debug message; (bso#11763).
+ + s3:utils/smbget: Fix option parsing; (bso#11767).
+ + libnet: Make Kerberos domain join site-aware; (bso#11769).
+ + Reset TCP Connections during IP failover; (bso#11770).
+ + ldb: Version 1.1.26; (bso#11772).
+ + s3:smbd: Add negprot remote arch detection for OSX; (bso#11773).
+ + vfs_glusterfs: Fix use after free in AIO callback; (bso#11774).
+ + mkdir can return ACCESS_DENIED incorrectly on create race; (bso#11780).
+ + \"trustdom_list_done: Got invalid trustdom response\" message should be
+ avoided; (bso#11782).
+ + Mismatch between local and remote attribute ids lets replication fail with
+ custom schema; (bso#11783).
+ + Quota is not supported on Solaris 10; (bso#11788).
+ + Talloc: Version 2.1.6; (bso#11789).
+ + smbd: Enable multi-channel if \'server multi channel support = yes\' in the
+ config; (bso#11796).
+ + build: Fix build when \'--without-quota\' specified; (bso#11798).
+ + lib/socket/interfaces: Fix some uninitialied bytes; (bso#11802).
+ + Access based share enum: handle permission set in configuration files;
+ (bso#8093).
+ + See also WHATSNEW.txt from the samba-doc package.
- Update to 4.3.6.
+ Getting and setting Windows ACLs on symlinks can change permissions on link
target; CVE-2015-7560; (bso#11648); (bsc#968222).
+ Fix Out-of-bounds read in internal DNS server; CVE-2016-0771;
(bso#11128); (bso#11686); (bsc#968223).
- Update to 4.3.5.
+ s3:utils/smbget: Fix recursive download; (bso#6482).
+ s3: smbd: posix_acls: Fix check for setting u:g:o entry on a filesystemi
with no ACL support; (bso#10489).
+ s3:smbd/oplock: Obey kernel oplock setting when releasing oplocks;
(bso#11400).
+ vfs_shadow_copy2: Fix case where snapshots are outside the share;
(bso#11580).
+ smbclient: Query disk usage relative to current directory; (bso#11662).
+ winbindd: Handle expired sessions correctly; (bso#11670).
+ smbd: Show correct disk size for different quota and dfree block sizes;
(bso#11681).
+ smbcacls: Fix uninitialized variable; (bso#11682).
+ s3:smbd: Ignore initial allocation size for directory creation;
(bso#11684).
+ s3-client: Add a KRB5 wrapper for smbspool; (bso#11690).
+ s3-parm: Clean up defaults when removing global parameters; (bso#11693).
+ Use M2Crypto.RC4.RC4 on platforms without Crypto.Cipher.ARC4; (bso#11699).
+ s3: smbd: Fix timestamp rounding inside SMB2 create; (bso#11703).
+ ctdb: Remove error messages after kernel security update; CVE-2015-8543;
(bso#11705).
+ loadparm: Fix memory leak issue; (bso#11708).
+ lib/tsocket: Work around sockets not supporting FIONREAD; (bso#11714).
+ ctdb-scripts: Drop use of \"smbcontrol winbindd ip-dropped ...\";
(bso#11719).
+ s3:smbd:open: Skip redundant call to file_set_dosmode when creating a new
file; (bso#11727).
+ param: Fix str_list_v3 to accept \";\" again; (bso#11732).
- Update to 4.3.4.
o Michael Adam

* BUG 11619: doc: Fix a typo in the smb.conf manpage, explanation of idmap
config.

* BUG 11647: s3:smbd: Fix a corner case of the symlink verification.
o Jeremy Allison

* BUG 11624: s3: libsmb: Correctly initialize the list head when keeping a
list of primary followed by DFS connections.

* BUG 11625: Reduce the memory footprint of empty string options.
o Douglas Bagnall

* BUG 11659: Update lastLogon and lastLogonTimestamp.
o Ralph Boehme

* BUG 11065: vfs_fruit: Enable POSIX directory rename semantics.

* BUG 11466: Copying files with vfs_fruit fails when using vfs_streams_xattr
without stream prefix and type suffix.

* BUG 11645: smbd: Make \"hide dot files\" option work with \"store dos
attributes = yes\".
o Günther Deschner

* BUG 11639: lib/async_req: Do not install async_connect_send_test.
o Stefan Metzmacher

* BUG 11394: Crash: Bad talloc magic value - access after free.
o Rowland Penny

* BUG 11613: samba-tool: Fix uncaught exception if no fSMORoleOwner
attribute is given.
o Karolin Seeger

* BUG 11619: docs: Fix some typos in the idmap backend section.

* BUG 11641: docs: Fix typos in man vfs_gpfs.
o Uri Simchoni

* BUG 11649: smbd: Do not disable \"store dos attributes\" on-the-fly.

Sun Dec 20 13:00:00 2015 mdbuildAATTuse.startmail.com
- Update to 4.3.3.
+ Malicious request can cause Samba LDAP server to hang, spinning using CPU;
CVE-2015-3223; (bso#11325); (bnc#958581).
+ Remote read memory exploit in LDB; CVE-2015-5330; (bso#11599);
(bnc#958586).
+ Insufficient symlink verification (file access outside the share);
CVE-2015-5252; (bso#11395); (bnc#958582).
+ No man in the middle protection when forcing smb encryption on the client
side; CVE-2015-5296; (bso#11536); (bnc#958584).
+ Currently the snapshot browsing is not secure thru windows previous version
(shadow_copy2); CVE-2015-5299; (bso#11529); (bnc#958583).
+ Fix Microsoft MS15-096 to prevent machine accounts from being changed into
user accounts; CVE-2015-8467; (bso#11552); (bnc#958585).
- Add directorys & permissions for \"ntpd_signed\" & \"/var/lib/samba/private/dns\" to samba-tmpfiles.conf
- Add BuildRequires / Requires: bind & ntp
- Changed Source (source_location)
- Changed tmp-files: /var/run -> /run
Sun Oct 25 20:19:33 UTC 2015 -
- Update to 4.3.2.
+ vfs_gpfs: Re-enable share modes; (bso#11243).
+ dcerpc.idl: Accept invalid dcerpc_bind_nak pdus; (bso#11327).
+ s3-smbd: Fix old DOS client doing wildcard delete - gives an attribute
type of zero; (bso#11452).
+ Add libreplace dependency to texpect, fixes a linking error on Solaris;
(bso#11511).
+ s4: Fix linking of \'smbtorture\' on Solaris; (bso#11512).
+ s4:lib/messaging: Use correct path for names.tdb; (bso#11562).
+ Fix segfault of \'net ads (join|leave) -S INVALID\' with nss_wins;
(bso#11563).
+ async_req: Fix non-blocking connect(); (bso#11564).
+ auth: gensec: Fix a memory leak; (bso#11565).
+ lib: util: Make non-critical message a warning; (bso#11566).
+ Fix winbindd crashes with samlogon for trusted domain user; (bso#11569).
+ smbd: Send SMB2 oplock breaks unencrypted; (bso#11570).
+ ctdb: Open the RO tracking db with perms 0600 instead of 0000; (bso#11577).
+ s3:smb2_server: Make the logic of SMB2_CANCEL DLIST_REMOVE() clearer;
(bso#11581).
+ s3-smbd: Fix use after issue in smbd_smb2_request_dispatch(); (bso#11581).
+ manpage: Correct small typo error; (bso#11584).
+ s3: smbd: If EAs are turned off on a share don\'t allow an SMB2 create
containing them; (bso#11589).
+ Backport some valgrind fixes from upstream master; (bso#11597).
+ auth: Consistent handling of well-known alias as primary gid; (bso#11608).
+ winbind: Fix crash on invalid idmap configs; (bso#11612).
+ s3: smbd: have_file_open_below() fails to enumerate open files below an
open directory handle; (bso#11615).
+ Changing log level of two entries to DBG_NOTICE; (bso#9912).
Sonday Oct 25 21:08:15 UTC 2015 -
- Update to 4.3.1
+ s3: smbd: Fix our access-based enumeration on \"hide unreadable\" to match
Windows; (bso#10252).
+ nss_winbind: Fix hang on Solaris on big groups; (bso#10365).
+ smbd: Fix file name buflen and padding in notify repsonse; (bso#10634).
+ kerberos: Make sure we only use prompter type when available;
winbind: Fix 100% loop; (bso#11038).
+ source3/lib/msghdr.c: Fix compiling error on Solaris; (bso#11053).
+ s3:ctdbd_conn: make sure we destroy tevent_fd before closing the socket;
(bso#11316).
+ s3: smbd: Fix mkdir race condition; (bso#11486).
+ pam_winbind: Fix a segfault if initialization fails; (bso#11502).
+ s3: dfs: Fix a crash when the dfs targets are disabled; (bso#11509).
+ s4:lib/messaging: Use \'msg.lock\' and \'msg.sock\' for messaging related
subdirs; (bso#11515).
+ s3: smbd: Fix opening/creating :stream files on the root share directory;
(bso#11522).
+ lib/param: Fix hiding of FLAG_SYNONYM values; (bso#11526).
+ net: Fix a crash with \'net ads keytab create\'; (bso#11528).
+ s3: smbd: Fix a crash in unix_convert(); (bso#11535).
+ s3: smbd: Fix NULL pointer bug introduced by previous \'raw\' stream fix
(bso#11522); (bso#11535).
+ vfs_fruit: Return value of ad_pack in vfs_fruit.c; (bso#11543).
+ vfs_commit: set the fd on open before calling SMB_VFS_FSTAT; (bso#11547).
+ s3:locking: Initialize lease pointer in share_mode_traverse_fn();
(bso#11549).
+ s3:smbstatus: Add stream name to share_entry_forall(); (bso#11550).
+ s3:lib: Validate domain name in lookup_wellknown_name(); (bso#11555).
+ s3: lsa: lookup_name() logic for unqualified (no DOMAIN component) names
is incorrect; (bso#11555).


 
ICM