[SCM] Samba Shared Repository - annotated tag samba-4.1.3 created
Karolin Seeger
kseeger at samba.org
Sun Dec 8 22:08:14 MST 2013
The annotated tag, samba-4.1.3 has been created
at ad0b16dd3228411178dc8af809014c73f0247ae1 (tag)
tagging 6898c4dbf993889a804e77dd6cb32e0be50f653f (commit)
replaces samba-4.1.2
tagged by Karolin Seeger
on Fri Dec 6 19:49:49 2013 +0100
- Log -----------------------------------------------------------------
samba: tag release samba-4.1.3
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQBSohxNbzORW2Vot+oRAj05AJ9ROkG1gZS3p8oT9LyXvQsR97ol+gCfQalN
8Xl6TJyCXNsThUJIYDaX4J0=
=3m3a
-----END PGP SIGNATURE-----
Jeremy Allison (4):
CVE-2013-4408:s3:Ensure we always check call_id when validating an RPC reply.
CVE-2013-4408:s3:Ensure LookupSids replies arrays are range checked.
CVE-2013-4408:s3:Ensure LookupNames replies arrays are range checked.
CVE-2013-4408:s3:Ensure LookupRids() replies arrays are range checked.
Karolin Seeger (3):
VERSION: Bump version number up to 4.1.3...
WHATSNEW: Add release notes for Samba 4.1.3.
VERSION: Disable git snapshots for the 4.1.3 release.
Noel Power (1):
CVE-2012-6150: Fail authentication for single group name which cannot be converted to sid
Stefan Metzmacher (12):
CVE-2013-4408:librpc: check for invalid frag_len within dcerpc_read_ncacn_packet_done()
CVE-2013-4408:librpc: check for invalid frag_len within dcerpc_read_ncacn_packet_next_vector()
CVE-2013-4408:s3:rpc_client: check for invalid frag_len in dcerpc_pull_ncacn_packet()
CVE-2013-4408:s3:rpc_client: verify frag_len at least contains the header size
CVE-2013-4408:s4:dcerpc: check for invalid frag_len in ncacn_pull()
CVE-2013-4408:s4:dcerpc_smb: check for invalid frag_len in send_read_request_continue()
CVE-2013-4408:s4:dcerpc_smb2: check for invalid frag_len in send_read_request_continue()
CVE-2013-4408:s4:dcerpc_sock: check for invalid frag_len within sock_complete_packet()
CVE-2013-4408:async_sock: add some overflow detection to read_packet_handler()
CVE-2013-4408:s3:util_tsock: add some overflow detection to tstream_read_packet_done()
CVE-2013-4408:libcli/util: add some size verification to tstream_read_pdu_blob_done()
CVE-2013-4408:s3:ctdb_conn: add some length verification to ctdb_packet_more()
-----------------------------------------------------------------------
--
Samba Shared Repository
More information about the samba-cvs
mailing list