SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for python-tdb-4.8.5-8.1.x86_64.rpm :
Fri Aug 24 14:00:00 2018 mdbuildAATTuse.startmail.com
- Changes since 4.8.4:
o Jeremy Allison

* BUG 13474: python: pysmbd: Additional error path leak fix.

* BUG 13511: libsmbclient: Initialize written value before use.

* BUG 13519: ldb: Refuse to build Samba against a newer minor version of
ldb.

* BUG 13527: s3: libsmbclient: Fix cli_splice() fallback when reading less
than a complete file.

* BUG 13537: Using \"sendfile = yes\" with SMB2 can cause CPU spin.
o Andrew Bartlett

* BUG 13575: ldb: Release LDB 1.3.6.
o Bailey Berro

* BUG 13511: libsmbclient: Initialize written in cli_splice_fallback().
o Ralph Boehme

* BUG 13318: Durable Handles reconnect fails in a cluster when the cluster
fs uses different device ids.

* BUG 13351: s3: smbd: Always set vuid in check_user_ok().

* BUG 13441: vfs_fruit: Delete 0 byte size streams if AAPL is enabled.

* BUG 13451: Fail renaming file if that file has open streams.

* BUG 13505: lib: smb_threads: Fix access before init bug.

* BUG 13535: s3: smbd: Fix path check in
smbd_smb2_create_durable_lease_check().
o Alexander Bokovoy

* BUG 13538: samba-tool trust: Support discovery via netr_GetDcName.
o Samuel Cabrero

* BUG 13540: ctdb_mutex_ceph_rados_helper: Set SIGINT signal handler.
o David Disseldorp

* BUG 13506: vfs_ceph: Don\'t lie about flock support.

* BUG 13540: Fix deadlock with ctdb_mutex_ceph_rados_helper.
o Amitay Isaacs

* BUG 13493: ctdb: Fix build on FreeBSD and AIX.
o Volker Lendecke

* BUG 13553: libsmb: Fix CID 1438243 (Unchecked return value), CID 1438244
(Unsigned compared against 0), CID 1438245 (Dereference before null check),
CID 1438246 (Unchecked return value).

* BUG 13584: vfs_fruit: Fix a panic if fruit_access_check detects a locking
conflict.
o Gary Lockyer

* BUG 13536: The current position in the dns name was not advanced past the
\'.\' character.
o Stefan Metzmacher

* BUG 13308: samba-tool domain trust: Fix trust compatibility to Windows
Server 1709 and FreeIPA.
o Oleksandr Natalenko

* BUG 13559: systemd: Only start smb when network interfaces are up.
o Noel Power

* BUG 13553: Fix quotas with SMB2.

* BUG 13563: s3/smbd: Ensure quota code is only called when quota support
detected.
o Anoop C S

* BUG 13204: s3/libsmb: Explicitly set delete_on_close token for rmdir.
o Andreas Schneider

* BUG 13489: krb5_plugin: Install plugins to krb5 modules dir.

* BUG 13503: s3:winbind: Do not lookup local system accounts in AD.
o Martin Schwenke

* BUG 13499: Don\'t use CTDB_BROADCAST_VNNMAP.

* BUG 13500: ctdb-daemon: Only consider client ID for local database attach.
o Justin Stephenson

* BUG 13485: s3:client: Add \"--quiet\" option to smbclient.
o Ralph Wuerthner

* BUG 13568: s3: vfs: time_audit: Fix handling of token_blob in
smb_time_audit_offload_read_recv().

Wed Aug 15 14:00:00 2018 mdbuildAATTuse.startmail.com
- This is a security release in order to address the following defects:
o CVE-2018-1139 (Weak authentication protocol allowed.)
o CVE-2018-1140 (Denial of Service Attack on DNS and LDAP server.)
o CVE-2018-10858 (Insufficient input validation on client directory
listing in libsmbclient.)
o CVE-2018-10918 (Denial of Service Attack on AD DC DRSUAPI server.)
o CVE-2018-10919 (Confidential attribute disclosure from the AD LDAP
server.)
=======
Details
=======
o CVE-2018-1139:
Vulnerability that allows authentication via NTLMv1 even if disabled.
o CVE-2018-1140:
Missing null pointer checks may crash the Samba AD DC, both over
DNS and LDAP.
o CVE-2018-10858:
A malicious server could return a directory entry that could corrupt
libsmbclient memory.
o CVE-2018-10918:
Missing null pointer checks may crash the Samba AD DC, over the
authenticated DRSUAPI RPC service.
o CVE-2018-10919:
Missing access control checks allow discovery of confidential attribute
values via authenticated LDAP search expressions.
Changes since 4.8.3:
o Jeremy Allison

* BUG 13453: CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against
returns from malicious servers.
o Andrew Bartlett

* BUG 13374: CVE-2018-1140: ldbsearch \'(distinguishedName=abc)\' and DNS query
with escapes crashes, ldb: Release LDB 1.3.5 for CVE-2018-1140

* BUG 13552: CVE-2018-10918: cracknames: Fix DoS (NULL pointer de-ref) when
not servicePrincipalName is set on a user.
o Tim Beale

* BUG 13434: CVE-2018-10919: acl_read: Fix unauthorized attribute access via
searches.
o Günther Deschner

* BUG 13360: CVE-2018-1139 libcli/auth: Do not allow ntlmv1 over SMB1 when it
is disabled via \"ntlm auth\".
o Andrej Gessel

* BUG 13374: CVE-2018-1140 Add NULL check for ldb_dn_get_casefold() in
ltdb_index_dn_attr().

Tue Jul 17 14:00:00 2018 mdbuildAATTuse.startmail.com
- update to 4.8.3


  
ICM