[SCM] Samba Shared Repository - branch v4-1-stable updated
Karolin Seeger
kseeger at samba.org
Fri Aug 1 04:47:54 MDT 2014
The branch, v4-1-stable has been updated
via 154a270 VERSION: Disable git snapshots for the 4.1.11 release.
via ebeb3b6 WHATSNEW: Add release notes for Samba 4.1.11.
via e6a8486 fix unstrcpy
via 01be3c5 VERSION: Bump version number up to 4.1.11...
from fcc634b Merge commit 'origin/v4-1-test^' into v4-1-stable
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-1-stable
- Log -----------------------------------------------------------------
commit 154a270edb95d5141781bc5e76b4b2dcac1be5e2
Author: Karolin Seeger <kseeger at samba.org>
Date: Thu Jul 31 15:00:27 2014 +0200
VERSION: Disable git snapshots for the 4.1.11 release.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10735
CVE-2014-3560: unstrcpy macro length is invalid
Signed-off-by: Karolin Seeger <kseeger at samba.org>
commit ebeb3b6d0b4a8533b2744d510ae28d4350ff0845
Author: Karolin Seeger <kseeger at samba.org>
Date: Thu Jul 31 14:48:01 2014 +0200
WHATSNEW: Add release notes for Samba 4.1.11.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10735
CVE-2014-3560: unstrcpy macro length is invalid
Signed-off-by: Karolin Seeger <kseeger at samba.org>
commit e6a848630da3ba958c442438ea131c99fa088605
Author: Volker Lendecke <vl at samba.org>
Date: Tue Jul 22 07:02:00 2014 +0200
fix unstrcpy
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10735
CVE-2014-3560: unstrcpy macro length is invalid
commit 01be3c567c010cb206678af08f688d4cd6ed6fa7
Author: Karolin Seeger <kseeger at samba.org>
Date: Mon Jul 28 08:44:32 2014 +0200
VERSION: Bump version number up to 4.1.11...
and re-enable git snapshots.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
(cherry picked from commit b474dc70f11ebd5fcfd5c0dfa40e94cea5ce206c)
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 55 +++++++++++++++++++++++++++++++++++++++++--
lib/util/string_wrappers.h | 2 +-
3 files changed, 54 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 10e41cd..72f82cc 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=1
-SAMBA_VERSION_RELEASE=10
+SAMBA_VERSION_RELEASE=11
########################################################
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index cb9a1c6..521ea1f 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,4 +1,55 @@
==============================
+ Release Notes for Samba 4.1.11
+ August 1, 2014
+ ==============================
+
+
+This is a security release in order to address
+CVE-2014-3560 (Remote code execution in nmbd).
+
+o CVE-2014-3560:
+ Samba 4.0.0 to 4.1.10 are affected by a remote code execution attack on
+ unauthenticated nmbd NetBIOS name services.
+
+ A malicious browser can send packets that may overwrite the heap of
+ the target nmbd NetBIOS name services daemon. It may be possible to
+ use this to generate a remote code execution vulnerability as the
+ superuser (root).
+
+
+Changes since 4.1.10:
+---------------------
+
+o Volker Lendecke <vl at samba.org>
+ * BUG 10735: CVE-2014-3560: Fix unstrcpy macro length.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
+======================================================================
+
+ ==============================
Release Notes for Samba 4.1.10
July 28, 2014
==============================
@@ -140,10 +191,8 @@ database (https://bugzilla.samba.org/).
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
-======================================================================
=============================
Release Notes for Samba 4.1.9
diff --git a/lib/util/string_wrappers.h b/lib/util/string_wrappers.h
index 5f9d568..243fafc 100644
--- a/lib/util/string_wrappers.h
+++ b/lib/util/string_wrappers.h
@@ -51,7 +51,7 @@ do { \
#define unstrcpy(d,s) \
do { \
const char *_unstrcpy_src = (const char *)(s); \
- strlcpy((d),_unstrcpy_src ? _unstrcpy_src : "",sizeof(fstring)); \
+ strlcpy((d),_unstrcpy_src ? _unstrcpy_src : "",sizeof(unstring)); \
} while (0)
#ifdef HAVE_COMPILER_WILL_OPTIMIZE_OUT_FNS
--
Samba Shared Repository
More information about the samba-cvs
mailing list