Changelog for
samba-4.8.5-8.11.i586.rpm :
* Fri Aug 24 2018 mdbuildAATTuse.startmail.com- Changes since 4.8.4: o Jeremy Allison
* BUG 13474: python: pysmbd: Additional error path leak fix.
* BUG 13511: libsmbclient: Initialize written value before use.
* BUG 13519: ldb: Refuse to build Samba against a newer minor version of ldb.
* BUG 13527: s3: libsmbclient: Fix cli_splice() fallback when reading less than a complete file.
* BUG 13537: Using \"sendfile = yes\" with SMB2 can cause CPU spin. o Andrew Bartlett
* BUG 13575: ldb: Release LDB 1.3.6. o Bailey Berro
* BUG 13511: libsmbclient: Initialize written in cli_splice_fallback(). o Ralph Boehme
* BUG 13318: Durable Handles reconnect fails in a cluster when the cluster fs uses different device ids.
* BUG 13351: s3: smbd: Always set vuid in check_user_ok().
* BUG 13441: vfs_fruit: Delete 0 byte size streams if AAPL is enabled.
* BUG 13451: Fail renaming file if that file has open streams.
* BUG 13505: lib: smb_threads: Fix access before init bug.
* BUG 13535: s3: smbd: Fix path check in smbd_smb2_create_durable_lease_check(). o Alexander Bokovoy
* BUG 13538: samba-tool trust: Support discovery via netr_GetDcName. o Samuel Cabrero
* BUG 13540: ctdb_mutex_ceph_rados_helper: Set SIGINT signal handler. o David Disseldorp
* BUG 13506: vfs_ceph: Don\'t lie about flock support.
* BUG 13540: Fix deadlock with ctdb_mutex_ceph_rados_helper. o Amitay Isaacs
* BUG 13493: ctdb: Fix build on FreeBSD and AIX. o Volker Lendecke
* BUG 13553: libsmb: Fix CID 1438243 (Unchecked return value), CID 1438244 (Unsigned compared against 0), CID 1438245 (Dereference before null check), CID 1438246 (Unchecked return value).
* BUG 13584: vfs_fruit: Fix a panic if fruit_access_check detects a locking conflict. o Gary Lockyer
* BUG 13536: The current position in the dns name was not advanced past the \'.\' character. o Stefan Metzmacher
* BUG 13308: samba-tool domain trust: Fix trust compatibility to Windows Server 1709 and FreeIPA. o Oleksandr Natalenko
* BUG 13559: systemd: Only start smb when network interfaces are up. o Noel Power
* BUG 13553: Fix quotas with SMB2.
* BUG 13563: s3/smbd: Ensure quota code is only called when quota support detected. o Anoop C S
* BUG 13204: s3/libsmb: Explicitly set delete_on_close token for rmdir. o Andreas Schneider
* BUG 13489: krb5_plugin: Install plugins to krb5 modules dir.
* BUG 13503: s3:winbind: Do not lookup local system accounts in AD. o Martin Schwenke
* BUG 13499: Don\'t use CTDB_BROADCAST_VNNMAP.
* BUG 13500: ctdb-daemon: Only consider client ID for local database attach. o Justin Stephenson
* BUG 13485: s3:client: Add \"--quiet\" option to smbclient. o Ralph Wuerthner
* BUG 13568: s3: vfs: time_audit: Fix handling of token_blob in smb_time_audit_offload_read_recv().
* Wed Aug 15 2018 mdbuildAATTuse.startmail.com- This is a security release in order to address the following defects: o CVE-2018-1139 (Weak authentication protocol allowed.) o CVE-2018-1140 (Denial of Service Attack on DNS and LDAP server.) o CVE-2018-10858 (Insufficient input validation on client directory listing in libsmbclient.) o CVE-2018-10918 (Denial of Service Attack on AD DC DRSUAPI server.) o CVE-2018-10919 (Confidential attribute disclosure from the AD LDAP server.) ======= Details ======= o CVE-2018-1139: Vulnerability that allows authentication via NTLMv1 even if disabled. o CVE-2018-1140: Missing null pointer checks may crash the Samba AD DC, both over DNS and LDAP. o CVE-2018-10858: A malicious server could return a directory entry that could corrupt libsmbclient memory. o CVE-2018-10918: Missing null pointer checks may crash the Samba AD DC, over the authenticated DRSUAPI RPC service. o CVE-2018-10919: Missing access control checks allow discovery of confidential attribute values via authenticated LDAP search expressions. Changes since 4.8.3: o Jeremy Allison
* BUG 13453: CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against returns from malicious servers. o Andrew Bartlett
* BUG 13374: CVE-2018-1140: ldbsearch \'(distinguishedName=abc)\' and DNS query with escapes crashes, ldb: Release LDB 1.3.5 for CVE-2018-1140
* BUG 13552: CVE-2018-10918: cracknames: Fix DoS (NULL pointer de-ref) when not servicePrincipalName is set on a user. o Tim Beale
* BUG 13434: CVE-2018-10919: acl_read: Fix unauthorized attribute access via searches. o Günther Deschner
* BUG 13360: CVE-2018-1139 libcli/auth: Do not allow ntlmv1 over SMB1 when it is disabled via \"ntlm auth\". o Andrej Gessel
* BUG 13374: CVE-2018-1140 Add NULL check for ldb_dn_get_casefold() in ltdb_index_dn_attr().
* Tue Jul 17 2018 mdbuildAATTuse.startmail.com- update to 4.8.3