[SCM] Samba Shared Repository - annotated tag samba-3.6.22 created
Karolin Seeger
kseeger at samba.org
Sun Dec 8 22:14:31 MST 2013
The annotated tag, samba-3.6.22 has been created
at 27e09c41c426351bf4736ecc6150c387ae168573 (tag)
tagging e795800392ce1b5b5717ea0ad5334ebd6c9df7ed (commit)
replaces samba-3.6.21
tagged by Karolin Seeger
on Sat Dec 7 20:25:55 2013 +0100
- Log -----------------------------------------------------------------
tag samba-3.6.22
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQBSo3ZJbzORW2Vot+oRAgP1AJ4w8Ou2CfTr9aqaU24mWRD23MjrIACgnM5h
lWLrlxIWC5t4SHxzoZjos5s=
=xV34
-----END PGP SIGNATURE-----
Jeremy Allison (4):
CVE-2013-4408:s3:Ensure we always check call_id when validating an RPC reply.
CVE-2013-4408:s3:Ensure LookupSids replies arrays are range checked.
CVE-2013-4408:s3:Ensure LookupNames replies arrays are range checked.
CVE-2013-4408:s3:Ensure LookupRids() replies arrays are range checked.
Karolin Seeger (2):
VERSION: Bump version up to 3.6.22.
WHATSNEW: Add release notes for Samba 3.0.22.
Noel Power (1):
CVE-2012-6150: Fail authentication for single group name which cannot be converted to sid
Stefan Metzmacher (11):
CVE-2013-4408:librpc: check for invalid frag_len within dcerpc_read_ncacn_packet_done()
CVE-2013-4408:librpc: check for invalid frag_len within dcerpc_read_ncacn_packet_next_vector()
CVE-2013-4408:s3:rpc_client: check for invalid frag_len in dcerpc_pull_ncacn_packet()
CVE-2013-4408:s3:rpc_client: verify frag_len at least contains the header size
CVE-2013-4408:s4:dcerpc: check for invalid frag_len in ncacn_pull()
CVE-2013-4408:s4:dcerpc_smb: check for invalid frag_len in send_read_request_continue()
CVE-2013-4408:s4:dcerpc_smb2: check for invalid frag_len in send_read_request_continue()
CVE-2013-4408:s4:dcerpc_sock: check for invalid frag_len within sock_complete_packet()
CVE-2013-4408:async_sock: add some overflow detection to read_packet_handler()
CVE-2013-4408:s3:util_tsock: add some overflow detection to tstream_read_packet_done()
CVE-2013-4408:libcli/util: add some size verification to tstream_read_pdu_blob_done()
-----------------------------------------------------------------------
--
Samba Shared Repository
More information about the samba-cvs
mailing list