[SCM] Samba Website Repository - branch master updated

Karolin Seeger kseeger at samba.org
Fri Aug 1 04:51:06 MDT 2014


The branch, master has been updated
       via  f5ce199 Announce Samba 4.1.11 and 4.0.21.
      from  d87113b Announce Samba 4.0.20.

http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit f5ce199e1747a065fc29f0d21c55e10f8f15568c
Author: Karolin Seeger <kseeger at samba.org>
Date:   Thu Jul 31 16:25:49 2014 +0200

    Announce Samba 4.1.11 and 4.0.21.
    
    Signed-off-by: Karolin Seeger <kseeger at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 generated_news/latest_10_bodies.html    |   32 ++++++++++++++---------
 generated_news/latest_10_headlines.html |    5 ++-
 generated_news/latest_2_bodies.html     |   31 ++++++++++++++---------
 history/header_history.html             |    2 +
 history/samba-4.0.21.html               |   42 +++++++++++++++++++++++++++++++
 history/samba-4.1.11.html               |   42 +++++++++++++++++++++++++++++++
 history/security.html                   |   15 +++++++++++
 latest_stable_release.html              |    6 ++--
 8 files changed, 145 insertions(+), 30 deletions(-)
 create mode 100755 history/samba-4.0.21.html
 create mode 100755 history/samba-4.1.11.html


Changeset truncated at 500 lines:

diff --git a/generated_news/latest_10_bodies.html b/generated_news/latest_10_bodies.html
index b29282d..1f810af 100644
--- a/generated_news/latest_10_bodies.html
+++ b/generated_news/latest_10_bodies.html
@@ -1,3 +1,22 @@
+	<h5><a name="4.1.11">01 August 2014</a></h5>
+	<p class="headline">Samba 4.1.11 and 4.0.21 <b>Security
+	Releases</b> Available for Download</p>
+	<p>These are security releases in order to address
+	<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3560">CVE-2014-3560</a>
+	(<b>Remote code execution in nmbd</b>).
+	</p>
+
+	<p>The uncompressed tarballs and patch files have been signed
+	using GnuPG (ID 6568B7EA).</p>
+	<p>
+	The source code can be downloaded here:
+	<li><a href="http://samba.org/samba/ftp/stable/samba-4.1.11.tar.gz">download
+	Samba 4.1.11</a>,</li>
+	<li><a href="http://samba.org/samba/ftp/stable/samba-4.0.21.tar.gz">download
+	Samba 4.0.21</a>.</li>
+	</p>
+
+
 	<h5><a name="4.0.20">30 July 2014</a></h5>
 	<p class="headline">Samba 4.0.20 Available for Download</p>
 	<p>This is the latest stable release of the Samba 4.0 series.</p>
@@ -130,16 +149,3 @@ patch against Samba 4.0.16</a> is also available. See
 	<li><a href="http://samba.org/samba/ftp/stable/samba-3.6.23.tar.gz">download
 	Samba 3.6.23</a>.</li>
 	</p>
-
-
-	<h5><a name="4.1.5">21 February 2014</a></h5>
-	<p class="headline">Samba 4.1.5 Available for Download</p>
-	<p>This is the latest stable release of the Samba 4.1 series.</p>
-
-<p>The uncompressed tarballs and patch files have been signed
-using GnuPG (ID 6568B7EA).  The source code can be
-<a href="http://samba.org/samba/ftp/stable/samba-4.1.5.tar.gz">downloaded
-now</a>. A <a href="http://samba.org/samba/ftp/patches/patch-4.1.4-4.1.5.diffs.gz">
-patch against Samba 4.1.4</a> is also available. See
-<a href="http://samba.org/samba/history/samba-4.1.5.html"> the release notes
- for more info</a>.</p>
diff --git a/generated_news/latest_10_headlines.html b/generated_news/latest_10_headlines.html
index 6e82c92..929f666 100644
--- a/generated_news/latest_10_headlines.html
+++ b/generated_news/latest_10_headlines.html
@@ -1,4 +1,7 @@
 <ul>
+	<li> 01 August 2014 <a href="#4.1.11">Samba 4.1.11 and 4.0.21 Security
+	Releases Available for Download (CVE-2014-3560)</a></li>
+
 	<li> 30 July 2014 <a href="#4.0.20">Samba 4.0.20 Available for Download</a></li>
 
 	<li> 28 July 2014 <a href="#4.1.10">Samba 4.1.10 Available for Download</a></li>
@@ -20,6 +23,4 @@
 	<li> 11 March 2014 <a href="#4.1.6">Samba 4.1.6, 4.0.16
 	and 3.6.23 Security Releases Available for Download (CVE-2013-4496 and
 	CVE-2013-6442)</a></li>
-
-	<li> 21 February 2014 <a href="#4.1.5">Samba 4.1.5 Available for Download</a></li>
 </ul>
diff --git a/generated_news/latest_2_bodies.html b/generated_news/latest_2_bodies.html
index cc1442e..4e26228 100644
--- a/generated_news/latest_2_bodies.html
+++ b/generated_news/latest_2_bodies.html
@@ -1,3 +1,22 @@
+	<h5><a name="4.1.11">01 August 2014</a></h5>
+	<p class="headline">Samba 4.1.11 and 4.0.21 <b>Security
+	Releases</b> Available for Download</p>
+	<p>These are security releases in order to address
+	<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3560">CVE-2014-3560</a>
+	(<b>Remote code execution in nmbd</b>).
+	</p>
+
+	<p>The uncompressed tarballs and patch files have been signed
+	using GnuPG (ID 6568B7EA).</p>
+	<p>
+	The source code can be downloaded here:
+	<li><a href="http://samba.org/samba/ftp/stable/samba-4.1.11.tar.gz">download
+	Samba 4.1.11</a>,</li>
+	<li><a href="http://samba.org/samba/ftp/stable/samba-4.0.21.tar.gz">download
+	Samba 4.0.21</a>.</li>
+	</p>
+
+
 	<h5><a name="4.0.20">30 July 2014</a></h5>
 	<p class="headline">Samba 4.0.20 Available for Download</p>
 	<p>This is the latest stable release of the Samba 4.0 series.</p>
@@ -9,15 +28,3 @@ now</a>. A <a href="http://samba.org/samba/ftp/patches/patch-4.0.19-4.0.20.diffs
 patch against Samba 4.0.19</a> is also available. See
 <a href="http://samba.org/samba/history/samba-4.0.20.html"> the release notes
  for more info</a>.</p>
-
-	<h5><a name="4.1.10">28 July 2014</a></h5>
-	<p class="headline">Samba 4.1.10 Available for Download</p>
-	<p>This is the latest stable release of the Samba 4.1 series.</p>
-
-<p>The uncompressed tarballs and patch files have been signed
-using GnuPG (ID 6568B7EA).  The source code can be
-<a href="http://samba.org/samba/ftp/stable/samba-4.1.10.tar.gz">downloaded
-now</a>. A <a href="http://samba.org/samba/ftp/patches/patch-4.1.9-4.1.10.diffs.gz">
-patch against Samba 4.1.9</a> is also available. See
-<a href="http://samba.org/samba/history/samba-4.1.10.html"> the release notes
- for more info</a>.</p>
diff --git a/history/header_history.html b/history/header_history.html
index 355020d..fcf748c 100755
--- a/history/header_history.html
+++ b/history/header_history.html
@@ -10,6 +10,7 @@
 		<li class="navSub">
 			<ul>
 			<li><a href="/samba/security/CVE-2013-0454.html">CVE-2013-0454</a></li>
+			<li><a href="samba-4.1.11.html">samba-4.1.11</a></li>
 			<li><a href="samba-4.1.10.html">samba-4.1.10</a></li>
 			<li><a href="samba-4.1.9.html">samba-4.1.9</a></li>
 			<li><a href="samba-4.1.8.html">samba-4.1.8</a></li>
@@ -21,6 +22,7 @@
 			<li><a href="samba-4.1.2.html">samba-4.1.2</a></li>
 			<li><a href="samba-4.1.1.html">samba-4.1.1</a></li>
 			<li><a href="samba-4.1.0.html">samba-4.1.0</a></li>
+			<li><a href="samba-4.0.21.html">samba-4.0.21</a></li>
 			<li><a href="samba-4.0.20.html">samba-4.0.20</a></li>
 			<li><a href="samba-4.0.19.html">samba-4.0.19</a></li>
 			<li><a href="samba-4.0.18.html">samba-4.0.18</a></li>
diff --git a/history/samba-4.0.21.html b/history/samba-4.0.21.html
new file mode 100755
index 0000000..3b124a7
--- /dev/null
+++ b/history/samba-4.0.21.html
@@ -0,0 +1,42 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+<title>Samba - Release Notes Archive</title>
+</head>
+
+<body>
+
+   <H2>Samba 4.0.21 Available for Download</H2>
+
+<p>
+<pre>
+                   ==============================
+                   Release Notes for Samba 4.0.21
+                           August 1, 2014
+                   ==============================
+
+
+This is a security release in order to address
+CVE-2014-3560 (Remote code execution in nmbd).
+
+o  CVE-2014-3560:
+   Samba 4.0.0 to 4.1.10 are affected by a remote code execution attack on
+   unauthenticated nmbd NetBIOS name services.
+
+   A malicious browser can send packets that may overwrite the heap of
+   the target nmbd NetBIOS name services daemon. It may be possible to
+   use this to generate a remote code execution vulnerability as the
+   superuser (root).
+
+
+Changes since 4.1.20:
+---------------------
+
+o   Volker Lendecke <vl at samba.org>
+    * BUG 10735: CVE-2014-3560: Fix unstrcpy macro length.
+</pre>
+
+</body>
+</html>
diff --git a/history/samba-4.1.11.html b/history/samba-4.1.11.html
new file mode 100755
index 0000000..41cb532
--- /dev/null
+++ b/history/samba-4.1.11.html
@@ -0,0 +1,42 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+<title>Samba - Release Notes Archive</title>
+</head>
+
+<body>
+
+   <H2>Samba 4.1.11 Available for Download</H2>
+
+<p>
+<pre>
+                   ==============================
+                   Release Notes for Samba 4.1.11
+                           August 1, 2014
+                   ==============================
+
+
+This is a security release in order to address
+CVE-2014-3560 (Remote code execution in nmbd).
+
+o  CVE-2014-3560:
+   Samba 4.0.0 to 4.1.10 are affected by a remote code execution attack on
+   unauthenticated nmbd NetBIOS name services.
+
+   A malicious browser can send packets that may overwrite the heap of
+   the target nmbd NetBIOS name services daemon. It may be possible to
+   use this to generate a remote code execution vulnerability as the
+   superuser (root).
+
+
+Changes since 4.1.10:
+---------------------
+
+o   Volker Lendecke <vl at samba.org>
+    * BUG 10735: CVE-2014-3560: Fix unstrcpy macro length.
+</pre>
+
+</body>
+</html>
diff --git a/history/security.html b/history/security.html
index 50d3015..731b063 100755
--- a/history/security.html
+++ b/history/security.html
@@ -22,6 +22,21 @@ link to full release notes for each release.</p>
       </tr>
 
     <tr>
+	<td>01 Aug 2014</td>
+	<td><a href="/samba/ftp/patches/security/samba-4.1.10-CVE-2014-3560.patch">
+	patch for Samba 4.1.10</a><br />
+	<a href="/samba/ftp/patches/security/samba-4.0.20-CVE-2014-3560.patch">
+	patch for Samba 4.0.20</a><br />
+	<td>Remote code execution in nmbd.
+	</td>
+	<td>4.0.0 - 4.1.10</td>
+	<td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3560">CVE-2014-3560</a>
+	</td>
+	<td><a href="/samba/security/CVE-2014-3560">Announcement</a>
+	</td>
+    </tr>
+
+    <tr>
 	<td>23 Jun 2014</td>
 	<td><a href="/samba/ftp/patches/security/samba-4.1.8-CVE-2014-0244-CVE-2014-3493.patch">
 	patch for Samba 4.1.8</a><br />
diff --git a/latest_stable_release.html b/latest_stable_release.html
index b638e71..8e52d4c 100644
--- a/latest_stable_release.html
+++ b/latest_stable_release.html
@@ -1,7 +1,7 @@
 <!-- BEGIN: latest_stable_release.html -->
 <p>
-	<a href="/samba/ftp/stable/samba-4.1.10.tar.gz">Samba 4.1.10 (gzipped)</a><br>
-	<a href="/samba/history/samba-4.1.10.html">Release Notes</a> ·
-	<a href="/samba/ftp/stable/samba-4.1.10.tar.asc">Signature</a>
+	<a href="/samba/ftp/stable/samba-4.1.11.tar.gz">Samba 4.1.11 (gzipped)</a><br>
+	<a href="/samba/history/samba-4.1.11.html">Release Notes</a> ·
+	<a href="/samba/ftp/stable/samba-4.1.11.tar.asc">Signature</a>
 </p>
 <!-- END: latest_stable_release.html -->


-- 
Samba Website Repository


More information about the samba-cvs mailing list