[SCM] Samba Shared Repository - branch v4-0-stable updated
Karolin Seeger
kseeger at samba.org
Fri Aug 1 04:48:18 MDT 2014
The branch, v4-0-stable has been updated
via 2ec2bd6 VERSION: Disable git snapshots for the 4.0.21 release.
via 170540b WHATSNEW: Add release notes for Samba 4.0.21.
via fb1d325 fix unstrcpy
via 97fa00c VERSION: Bump version number up to 4.0.21...
from 40001e9 VERSION: Disable git snapshots for the 4.0.20 release.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-stable
- Log -----------------------------------------------------------------
commit 2ec2bd60863a80367be9c8b11e080ac718056796
Author: Karolin Seeger <kseeger at samba.org>
Date: Thu Jul 31 15:17:36 2014 +0200
VERSION: Disable git snapshots for the 4.0.21 release.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10735
CVE-2014-3560: unstrcpy macro length is invalid
Signed-off-by: Karolin Seeger <kseeger at samba.org>
commit 170540bdd8ea5bb443e04ffb290535dde8efb225
Author: Karolin Seeger <kseeger at samba.org>
Date: Thu Jul 31 15:15:24 2014 +0200
WHATSNEW: Add release notes for Samba 4.0.21.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10735
CVE-2014-3560: unstrcpy macro length is invalid
Signed-off-by: Karolin Seeger <kseeger at samba.org>
commit fb1d325d96dfe9bc2e9c4ec46ad4c55e8f18f4a2
Author: Volker Lendecke <vl at samba.org>
Date: Tue Jul 22 07:02:00 2014 +0200
fix unstrcpy
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10735
CVE-2014-3560: unstrcpy macro length is invalid
commit 97fa00c776d26affd1e661e15104290483aec373
Author: Karolin Seeger <kseeger at samba.org>
Date: Mon Jul 28 21:09:15 2014 +0200
VERSION: Bump version number up to 4.0.21...
and re-enable git snapshots.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
(cherry picked from commit 00fe8eb4c86c4c1c4a2fbedb07e6813cb9002487)
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 53 ++++++++++++++++++++++++++++++++++++++++++-
lib/util/string_wrappers.h | 2 +-
3 files changed, 53 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 0693f17..3950d21 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=0
-SAMBA_VERSION_RELEASE=20
+SAMBA_VERSION_RELEASE=21
########################################################
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 49640f6..58e3986 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,4 +1,53 @@
==============================
+ Release Notes for Samba 4.0.21
+ August 1, 2014
+ ==============================
+
+
+This is a security release in order to address
+CVE-2014-3560 (Remote code execution in nmbd).
+
+o CVE-2014-3560:
+ Samba 4.0.0 to 4.1.10 are affected by a remote code execution attack on
+ unauthenticated nmbd NetBIOS name services.
+
+ A malicious browser can send packets that may overwrite the heap of
+ the target nmbd NetBIOS name services daemon. It may be possible to
+ use this to generate a remote code execution vulnerability as the
+ superuser (root).
+
+
+Changes since 4.1.20:
+---------------------
+
+o Volker Lendecke <vl at samba.org>
+ * BUG 10735: CVE-2014-3560: Fix unstrcpy macro length.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.0 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
+ ==============================
Release Notes for Samba 4.0.20
July 30, 2014
==============================
@@ -72,8 +121,8 @@ database (https://bugzilla.samba.org/).
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
+
==============================
Release Notes for Samba 4.0.19
diff --git a/lib/util/string_wrappers.h b/lib/util/string_wrappers.h
index 5f9d568..243fafc 100644
--- a/lib/util/string_wrappers.h
+++ b/lib/util/string_wrappers.h
@@ -51,7 +51,7 @@ do { \
#define unstrcpy(d,s) \
do { \
const char *_unstrcpy_src = (const char *)(s); \
- strlcpy((d),_unstrcpy_src ? _unstrcpy_src : "",sizeof(fstring)); \
+ strlcpy((d),_unstrcpy_src ? _unstrcpy_src : "",sizeof(unstring)); \
} while (0)
#ifdef HAVE_COMPILER_WILL_OPTIMIZE_OUT_FNS
--
Samba Shared Repository
More information about the samba-cvs
mailing list