svn commit: samba r2947 - in branches/SAMBA_2_2: . source/include source/smbd

Wed Oct 13 12:31:37 GMT 2004

Author: jerry
Date: 2004-10-13 12:31:37 +0000 (Wed, 13 Oct 2004)
New Revision: 2947

WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba&path=/branches/SAMBA_2_2&rev=2947&nolog=1

Log:
applying changes for 2.2.12
Modified:
   branches/SAMBA_2_2/WHATSNEW.txt
   branches/SAMBA_2_2/source/include/version.h
   branches/SAMBA_2_2/source/smbd/vfs.c


Changeset:
Modified: branches/SAMBA_2_2/WHATSNEW.txt
===================================================================

--- branches/SAMBA_2_2/WHATSNEW.txt	2004-10-13 12:29:57 UTC (rev 2946)
+++ branches/SAMBA_2_2/WHATSNEW.txt	2004-10-13 12:31:37 UTC (rev 2947)
@@ -1,4 +1,85 @@
                  ==============================
+                 Release Notes for Samba 2.2.12
+                          Sept 29, 2004
+                 ==============================
+
+
+######################## SECURITY RELEASE ########################
+
+Summary:       Potential Arbitrary File Access
+
+Affected
+Versions:	Samba 2.2.x 
+
+Summary:	A remote attacker may be able to gain access
+		to files which exist outside of the share's
+		defined path. Such files must still be readable
+		by the account used for the connection.
+
+CVE ID:        CAN-2004-0815
+               (http://cve.mitre.org/)
+
+This is the last stable release of the Samba 2.2 code base.
+There will be no further Samba 2.2.x releases.
+
+-------------
+CAN-2004-0815
+-------------
+
+A bug in the input validation routines used to convert DOS
+path names to path names on the Samba host's file system
+may be exploited to gain access to files outside of the
+share's path defined by smb.conf.
+
+
+Protecting Unpatched Servers
+----------------------------
+
+Samba file shares with 'wide links = no' (a non-default
+setting) in the service definition in smb.conf are *not*
+vulnerable to this attack.
+
+The Samba Team always encourages users to run the latest stable
+release as a defense of against attacks.  However, under certain
+circumstances it may not be possible to immediately upgrade
+important installations.  In such cases, administrators should
+read the "Server Security" documentation found at
+http://www.samba.org/samba/docs/server_security.html.
+
+
+Credits
+--------
+
+Both security issues were reported to Samba developers by
+iDEFENSE (http://www.idefense.com/).  Karol Wiesek is
+credited with this discovery.
+
+-- 
+
+Older releases notes for 2.2.x distributions follow
+
+       ------------------------------------------------------
+                 ==============================
+                 Release Notes for Samba 2.2.11
+                          Aug 12, 2004
+                 ==============================
+
+This is the latest stable release of the Samba 2.2 code base.
+
+Please note that the Samba 2.2 code tree will reach its End-Of-Life
+on October 1, 2004.  Administrators of existing Samba 2.2
+installations are encouraged to upgrade to the latest Samba 3.0.x
+release prior to that date.
+
+The Samba 2.2.11 release addresses the following bug:
+
+  o Crashes in smbd triggered by a Windows XP SP2 client sending 
+    a FindNextPrintChangeNotify() request without previously 
+    issuing FindFirstPrintChangeNotify().
+
+
+       ------------------------------------------------------
+                 ==============================
                  Release Notes for Samba 2.2.10
                           July 22, 2004
                  ==============================
@@ -27,8 +108,6 @@
 or v3.0.5.
 
 
-Older releases notes for 2.2.x distributions follow
-
        ------------------------------------------------------
 
                  =============================

Modified: branches/SAMBA_2_2/source/include/version.h
===================================================================
--- branches/SAMBA_2_2/source/include/version.h	2004-10-13 12:29:57 UTC (rev 2946)
+++ branches/SAMBA_2_2/source/include/version.h	2004-10-13 12:31:37 UTC (rev 2947)
@@ -1 +1 @@
-#define VERSION "2.2.11pre1"
+#define VERSION "2.2.13pre1"

Modified: branches/SAMBA_2_2/source/smbd/vfs.c
===================================================================
--- branches/SAMBA_2_2/source/smbd/vfs.c	2004-10-13 12:29:57 UTC (rev 2946)
+++ branches/SAMBA_2_2/source/smbd/vfs.c	2004-10-13 12:31:37 UTC (rev 2947)
@@ -784,7 +784,6 @@
 	*dir2 = *wd = *base_name = *newname = 0;
 
 	if (widelinks) {
-		unix_clean_name(s);
 		/* can't have a leading .. */
 		if (strncmp(s,"..",2) == 0 && (s[2]==0 || s[2]=='/')) {
 			DEBUG(3,("Illegal file name? (%s)\n",s));

