[SCM] Samba Shared Repository - branch v3-0-test updated -
release-3-0-27a-27-g452e964
Gerald (Jerry) Carter
jerry at samba.org
Mon Dec 10 15:31:29 GMT 2007
The branch, v3-0-test has been updated
via 452e964995afe5a43040c8bdcadc9c45a1e1d007 (commit)
via 5cc2baea238b49b99d69099a12c3c02ac4860a52 (commit)
via 82bd5484ad502f2afdb771a27a12a39459cb2ec0 (commit)
via f5afd08483dec2bd1c53c10550e512e12ebe4ab1 (commit)
via e1abd8c2265dd63d5de388e7d8047c80204bb36e (commit)
via 1f7b4c72d953d2fc9d18eb96a4c7739ae36b5a3d (commit)
via 62197dd367e7c04759560f395f554b2bfda90d78 (commit)
via 64547bd884668d801c3ac48ff3374bf02a2d0959 (commit)
via b14aa30006033d9dbaa8120bc419406535d620b8 (commit)
via 6a9610ba27f802136f1ca8a94816d552df17a166 (commit)
from 9c0590cbca8128a76300d0e5b3f5b8e479d8080f (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-0-test
- Log -----------------------------------------------------------------
commit 452e964995afe5a43040c8bdcadc9c45a1e1d007
Merge: f5afd08483dec2bd1c53c10550e512e12ebe4ab1 5cc2baea238b49b99d69099a12c3c02ac4860a52
Author: Gerald (Jerry) Carter <jerry at samba.org>
Date: Mon Dec 10 09:30:23 2007 -0600
Merge branch 'v3-0-stable' into v3-0-test
commit f5afd08483dec2bd1c53c10550e512e12ebe4ab1
Merge: 9c0590cbca8128a76300d0e5b3f5b8e479d8080f e1abd8c2265dd63d5de388e7d8047c80204bb36e
Author: Gerald (Jerry) Carter <jerry at samba.org>
Date: Mon Dec 10 08:34:15 2007 -0600
Merge branch 'v3-0-stable' into v3-0-test
Resolved conflicts in source/VERSION.
-----------------------------------------------------------------------
Summary of changes:
WHATSNEW.txt | 39 +++++++++++++++++++++++++++++++++++----
source/VERSION | 4 ++--
source/lib/version.c | 6 +++---
source/libsmb/clidgram.c | 6 ++++++
source/nmbd/nmbd_packets.c | 6 ++++++
5 files changed, 52 insertions(+), 9 deletions(-)
Changeset truncated at 500 lines:
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 9b5494c..bd4fe02 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,38 @@
+ ==============================
+ Release Notes for Samba 3.0.28
+ Dec 10, 2007
+ ==============================
+
+Samba 3.0.28 is a security release in order to address the following
+defect:
+
+ o CVS-2007-6015
+ Boundary failure in GETDC mailslot processing can result in
+ a buffer overrun
+
+The original security announcement for this and past advisories can
+be found http://www.samba.org/samba/security/
+
+######################################################################
+Changes
+#######
+
+Changes since 3.0.27a
+---------------------
+
+o Jeremy Allison <jra at samba.org>
+ * Fix for CVS-2007-0615.
+
+o Volker Lendecke <vl at samba.org>
+ * Fix for CVS-2007-0615.
+ * Add missing unbecome_root() calls in error path processing
+ when failing to add local groups in create_local_nt_token().
+
+
+Release notes for older releases follow:
+
+ --------------------------------------------------
+
===============================
Release Notes for Samba 3.0.27a
Nov 20, 2007
@@ -86,8 +121,6 @@ o Martin Zielinski <mz at seh.de>
-Release notes for older releases follow:
-
--------------------------------------------------
==============================
@@ -124,8 +157,6 @@ o Simo Sorce <idra at samba.org>
* Additional fixes for CVS-2007-4572.
-Release notes for older releases follow:
-
--------------------------------------------------
===============================
Release Notes for Samba 3.0.26a
diff --git a/source/VERSION b/source/VERSION
index 1f38b98..4095e11 100644
--- a/source/VERSION
+++ b/source/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=3
SAMBA_VERSION_MINOR=0
-SAMBA_VERSION_RELEASE=27
+SAMBA_VERSION_RELEASE=28
########################################################
# Bug fix releases use a letter for the patch revision #
@@ -36,7 +36,7 @@ SAMBA_VERSION_RELEASE=27
# e.g. SAMBA_VERSION_REVISION=a #
# -> "2.2.8a" #
########################################################
-SAMBA_VERSION_REVISION=b
+SAMBA_VERSION_REVISION=a
########################################################
# For 'pre' releases the version will be #
diff --git a/source/lib/version.c b/source/lib/version.c
index ee8c3eb..93fd108 100644
--- a/source/lib/version.c
+++ b/source/lib/version.c
@@ -28,7 +28,7 @@ const char *samba_version_string(void)
#else
static fstring samba_version;
static BOOL init_samba_version;
-#ifdef SAMBA_VENDOR_PATCH
+#ifdef SAMBA_VERSION_VENDOR_PATCH
fstring tmp_version;
size_t remaining;
#endif
@@ -40,9 +40,9 @@ const char *samba_version_string(void)
SAMBA_VERSION_OFFICIAL_STRING,
SAMBA_VERSION_VENDOR_SUFFIX);
-#ifdef SAMBA_VENDOR_PATCH
+#ifdef SAMBA_VERSION_VENDOR_PATCH
remaining = sizeof(samba_version)-strlen(samba_version);
- snprintf( tmp_version, sizeof(tmp_version), "-%d", SAMBA_VENDOR_PATCH );
+ snprintf( tmp_version, sizeof(tmp_version), "-%d", SAMBA_VERSION_VENDOR_PATCH);
strlcat( samba_version, tmp_version, remaining-1 );
#endif
diff --git a/source/libsmb/clidgram.c b/source/libsmb/clidgram.c
index 83ea81d..548ace6 100644
--- a/source/libsmb/clidgram.c
+++ b/source/libsmb/clidgram.c
@@ -72,6 +72,12 @@ BOOL cli_send_mailslot(BOOL unique, const char *mailslot,
/* Setup the smb part. */
ptr -= 4; /* XXX Ugliness because of handling of tcp SMB length. */
memcpy(tmp,ptr,4);
+
+ if (smb_size + 17*2 + strlen(mailslot) + 1 + len > MAX_DGRAM_SIZE) {
+ DEBUG(0, ("cli_send_mailslot: Cannot write beyond end of packet\n"));
+ return False;
+ }
+
set_message(ptr,17,strlen(mailslot) + 1 + len,True);
memcpy(ptr,tmp,4);
diff --git a/source/nmbd/nmbd_packets.c b/source/nmbd/nmbd_packets.c
index bbcc1ec..1460f7d 100644
--- a/source/nmbd/nmbd_packets.c
+++ b/source/nmbd/nmbd_packets.c
@@ -1892,6 +1892,12 @@ BOOL send_mailslot(BOOL unique, const char *mailslot,char *buf, size_t len,
/* Setup the smb part. */
ptr -= 4; /* XXX Ugliness because of handling of tcp SMB length. */
memcpy(tmp,ptr,4);
+
+ if (smb_size + 17*2 + strlen(mailslot) + 1 + len > MAX_DGRAM_SIZE) {
+ DEBUG(0, ("send_mailslot: Cannot write beyond end of packet\n"));
+ return False;
+ }
+
set_message(ptr,17,strlen(mailslot) + 1 + len,True);
memcpy(ptr,tmp,4);
--
Samba Shared Repository
More information about the samba-cvs
mailing list