[SCM] Samba Website Repository - branch master updated
Karolin Seeger
kseeger at samba.org
Mon Jun 23 02:56:17 MDT 2014
The branch, master has been updated
via 5b418b9 Announce Samba 4.1.9, 4.0.19 and 3.6.24.
from 6b3ce7b Added Marc Muehlfeld to team member list.
http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 5b418b90e3fd1634ab8a711b6c1b5856eab2270e
Author: Karolin Seeger <kseeger at samba.org>
Date: Mon Jun 23 10:02:53 2014 +0200
Announce Samba 4.1.9, 4.0.19 and 3.6.24.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
-----------------------------------------------------------------------
Summary of changes:
generated_news/latest_10_bodies.html | 36 ++++++---
generated_news/latest_10_headlines.html | 6 +-
generated_news/latest_2_bodies.html | 35 ++++++---
history/header_history.html | 3 +
history/samba-3.6.24.html | 50 ++++++++++++
history/samba-4.0.19.html | 50 ++++++++++++
history/samba-4.1.9.html | 50 ++++++++++++
history/security.html | 19 +++++
latest_stable_release.html | 6 +-
.../{CVE-2013-4124.html => CVE-2014-0244.html} | 36 ++++-----
security/CVE-2014-3493.html | 79 ++++++++++++++++++++
11 files changed, 320 insertions(+), 50 deletions(-)
create mode 100755 history/samba-3.6.24.html
create mode 100755 history/samba-4.0.19.html
create mode 100755 history/samba-4.1.9.html
copy security/{CVE-2013-4124.html => CVE-2014-0244.html} (50%)
create mode 100644 security/CVE-2014-3493.html
Changeset truncated at 500 lines:
diff --git a/generated_news/latest_10_bodies.html b/generated_news/latest_10_bodies.html
index e6dbe04..a3c792b 100644
--- a/generated_news/latest_10_bodies.html
+++ b/generated_news/latest_10_bodies.html
@@ -1,3 +1,26 @@
+ <h5><a name="4.1.9">23 June 2014</a></h5>
+ <p class="headline">Samba 4.1.9, 4.0.19 and 3.6.24 <b>Security
+ Releases</b> Available for Download</p>
+ <p>These are security releases in order to address
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244">CVE-2014-0244</a>
+ (<b>Denial of service - CPU loop</b>) and
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493">CVE-2014-3493</a>
+ (<b>Denial of service - Server crash/memory corruption</b>).
+ </p>
+
+ <p>The uncompressed tarballs and patch files have been signed
+ using GnuPG (ID 6568B7EA).</p>
+ <p>
+ The source code can be downloaded here:
+ <li><a href="http://samba.org/samba/ftp/stable/samba-4.1.9.tar.gz">download
+ Samba 4.1.9</a>,</li>
+ <li><a href="http://samba.org/samba/ftp/stable/samba-4.0.19.tar.gz">download
+ Samba 4.0.19</a>,</li>
+ <li><a href="http://samba.org/samba/ftp/stable/samba-3.6.24.tar.gz">download
+ Samba 3.6.24</a>.</li>
+ </p>
+
+
<h5><a name="4.1.8">03 June 2014</a></h5>
<p class="headline">Samba 4.1.8 Available for Download</p>
<p>This is the latest stable release of the Samba 4.1 series.</p>
@@ -119,16 +142,3 @@ patch against Samba 4.0.14</a> is also available. See
project does not require virtualization and can be used to build
environments on different operating systems. <a href="http://cwrap.org/">
Learn more ...</a></p>
-
-
- <h5><a name="4.1.4">10 January 2014</a></h5>
- <p class="headline">Samba 4.1.4 Available for Download</p>
- <p>This is the latest stable release of the Samba 4.1 series.</p>
-
-<p>The uncompressed tarballs and patch files have been signed
-using GnuPG (ID 6568B7EA). The source code can be
-<a href="http://samba.org/samba/ftp/stable/samba-4.1.4.tar.gz">downloaded
-now</a>. A <a href="http://samba.org/samba/ftp/patches/patch-4.1.3-4.1.4.diffs.gz">
-patch against Samba 4.1.3</a> is also available. See
-<a href="http://samba.org/samba/history/samba-4.1.4.html"> the release notes
- for more info</a>.</p>
diff --git a/generated_news/latest_10_headlines.html b/generated_news/latest_10_headlines.html
index 50b5510..5034382 100644
--- a/generated_news/latest_10_headlines.html
+++ b/generated_news/latest_10_headlines.html
@@ -1,4 +1,8 @@
<ul>
+ <li> 23 June 2014 <a href="#4.1.9">Samba 4.1.9, 4.0.19
+ and 3.6.24 Security Releases Available for Download (CVE-2014-0244 and
+ CVE-2014-3493)</a></li>
+
<li> 03 June 2014 <a href="#4.1.8">Samba 4.1.8 Available for Download</a></li>
<li> 27 May 2014 <a href="#4.0.18">Samba 4.0.18 Available for Download</a></li>
@@ -18,6 +22,4 @@
<li> 18 February 2014 <a href="#4.0.15">Samba 4.0.15 Available for Download</a></li>
<li> 02 February 2014 <a href="#cwrap_1.0.0">cwrap 1.0.0 Available for Download</a></li>
-
- <li> 10 January 2014 <a href="#4.1.4">Samba 4.1.4 Available for Download</a></li>
</ul>
diff --git a/generated_news/latest_2_bodies.html b/generated_news/latest_2_bodies.html
index de1450b..aa78939 100644
--- a/generated_news/latest_2_bodies.html
+++ b/generated_news/latest_2_bodies.html
@@ -1,3 +1,26 @@
+ <h5><a name="4.1.9">23 June 2014</a></h5>
+ <p class="headline">Samba 4.1.9, 4.0.19 and 3.6.24 <b>Security
+ Releases</b> Available for Download</p>
+ <p>These are security releases in order to address
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244">CVE-2014-0244</a>
+ (<b>Denial of service - CPU loop</b>) and
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493">CVE-2014-3493</a>
+ (<b>Denial of service - Server crash/memory corruption</b>).
+ </p>
+
+ <p>The uncompressed tarballs and patch files have been signed
+ using GnuPG (ID 6568B7EA).</p>
+ <p>
+ The source code can be downloaded here:
+ <li><a href="http://samba.org/samba/ftp/stable/samba-4.1.9.tar.gz">download
+ Samba 4.1.9</a>,</li>
+ <li><a href="http://samba.org/samba/ftp/stable/samba-4.0.19.tar.gz">download
+ Samba 4.0.19</a>,</li>
+ <li><a href="http://samba.org/samba/ftp/stable/samba-3.6.24.tar.gz">download
+ Samba 3.6.24</a>.</li>
+ </p>
+
+
<h5><a name="4.1.8">03 June 2014</a></h5>
<p class="headline">Samba 4.1.8 Available for Download</p>
<p>This is the latest stable release of the Samba 4.1 series.</p>
@@ -10,15 +33,3 @@ patch against Samba 4.1.7</a> is also available. See
<a href="http://samba.org/samba/history/samba-4.1.8.html"> the release notes
for more info</a>.</p>
-
- <h5><a name="4.0.18">27 May 2014</a></h5>
- <p class="headline">Samba 4.0.18 Available for Download</p>
- <p>This is the latest stable release of the Samba 4.0 series.</p>
-
-<p>The uncompressed tarballs and patch files have been signed
-using GnuPG (ID 6568B7EA). The source code can be
-<a href="http://samba.org/samba/ftp/stable/samba-4.0.18.tar.gz">downloaded
-now</a>. A <a href="http://samba.org/samba/ftp/patches/patch-4.0.17-4.0.18.diffs.gz">
-patch against Samba 4.0.17</a> is also available. See
-<a href="http://samba.org/samba/history/samba-4.0.18.html"> the release notes
- for more info</a>.</p>
diff --git a/history/header_history.html b/history/header_history.html
index 023ae39..f431b35 100755
--- a/history/header_history.html
+++ b/history/header_history.html
@@ -10,6 +10,7 @@
<li class="navSub">
<ul>
<li><a href="/samba/security/CVE-2013-0454.html">CVE-2013-0454</a></li>
+ <li><a href="samba-4.1.9.html">samba-4.1.9</a></li>
<li><a href="samba-4.1.8.html">samba-4.1.8</a></li>
<li><a href="samba-4.1.7.html">samba-4.1.7</a></li>
<li><a href="samba-4.1.6.html">samba-4.1.6</a></li>
@@ -19,6 +20,7 @@
<li><a href="samba-4.1.2.html">samba-4.1.2</a></li>
<li><a href="samba-4.1.1.html">samba-4.1.1</a></li>
<li><a href="samba-4.1.0.html">samba-4.1.0</a></li>
+ <li><a href="samba-4.0.19.html">samba-4.0.19</a></li>
<li><a href="samba-4.0.18.html">samba-4.0.18</a></li>
<li><a href="samba-4.0.17.html">samba-4.0.17</a></li>
<li><a href="samba-4.0.16.html">samba-4.0.16</a></li>
@@ -38,6 +40,7 @@
<li><a href="samba-4.0.2.html">samba-4.0.2</a></li>
<li><a href="samba-4.0.1.html">samba-4.0.1</a></li>
<li><a href="samba-4.0.0.html">samba-4.0.0</a></li>
+ <li><a href="samba-3.6.24.html">samba-3.6.24</a></li>
<li><a href="samba-3.6.23.html">samba-3.6.23</a></li>
<li><a href="samba-3.6.22.html">samba-3.6.22</a></li>
<li><a href="samba-3.6.21.html">samba-3.6.21</a></li>
diff --git a/history/samba-3.6.24.html b/history/samba-3.6.24.html
new file mode 100755
index 0000000..cdf0e3f
--- /dev/null
+++ b/history/samba-3.6.24.html
@@ -0,0 +1,50 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+<title>Samba - Release Notes Archive</title>
+</head>
+
+<body>
+
+ <H2>Samba 3.6.23 Available for Download</H2>
+
+<p>
+<pre>
+ ==============================
+ Release Notes for Samba 3.6.24
+ June 23, 2014
+ ==============================
+
+
+This is a security release in order to address
+CVE-2014-0244 (Denial of service - CPU loop) and
+CVE-2014-3493 (Denial of service - Server crash/memory corruption).
+
+o CVE-2014-0244:
+ All current released versions of Samba are vulnerable to a denial of
+ service on the nmbd NetBIOS name services daemon. A malformed packet
+ can cause the nmbd server to loop the CPU and prevent any further
+ NetBIOS name service.
+
+ This flaw is not exploitable beyond causing the code to loop expending
+ CPU resources.
+
+o CVE-2014-3493:
+ All current released versions of Samba are affected by a denial of service
+ crash involving overwriting memory on an authenticated connection to the
+ smbd file server.
+
+
+Changes since 3.6.22:
+---------------------
+
+o Jeremy Allison <jra at samba.org>
+ * BUG 10633: CVE-2014-0244: Fix nmbd denial of service.
+ * BUG 10654: CVE-2014-3493: Fix segmentation fault in
+ smbd_marshall_dir_entry()'s SMB_FIND_FILE_UNIX handler.
+</pre>
+
+</body>
+</html>
diff --git a/history/samba-4.0.19.html b/history/samba-4.0.19.html
new file mode 100755
index 0000000..6c8ce2c
--- /dev/null
+++ b/history/samba-4.0.19.html
@@ -0,0 +1,50 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+<title>Samba - Release Notes Archive</title>
+</head>
+
+<body>
+
+ <H2>Samba 4.0.18 Available for Download</H2>
+
+<p>
+<pre>
+ ==============================
+ Release Notes for Samba 4.0.19
+ June 23, 2014
+ ==============================
+
+
+This is a security release in order to address
+CVE-2014-0244 (Denial of service - CPU loop) and
+CVE-2014-3493 (Denial of service - Server crash/memory corruption).
+
+o CVE-2014-0244:
+ All current released versions of Samba are vulnerable to a denial of
+ service on the nmbd NetBIOS name services daemon. A malformed packet
+ can cause the nmbd server to loop the CPU and prevent any further
+ NetBIOS name service.
+
+ This flaw is not exploitable beyond causing the code to loop expending
+ CPU resources.
+
+o CVE-2014-3493:
+ All current released versions of Samba are affected by a denial of service
+ crash involving overwriting memory on an authenticated connection to the
+ smbd file server.
+
+
+Changes since 4.0.18:
+---------------------
+
+o Jeremy Allison <jra at samba.org>
+ * BUG 10633: CVE-2014-0244: Fix nmbd denial of service.
+ * BUG 10654: CVE-2014-3493: Fix segmentation fault in
+ smbd_marshall_dir_entry()'s SMB_FIND_FILE_UNIX handler.
+</pre>
+
+</body>
+</html>
diff --git a/history/samba-4.1.9.html b/history/samba-4.1.9.html
new file mode 100755
index 0000000..02be6f4
--- /dev/null
+++ b/history/samba-4.1.9.html
@@ -0,0 +1,50 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+<title>Samba - Release Notes Archive</title>
+</head>
+
+<body>
+
+ <H2>Samba 4.1.9 Available for Download</H2>
+
+<p>
+<pre>
+ =============================
+ Release Notes for Samba 4.1.9
+ June 23, 2014
+ =============================
+
+
+This is a security release in order to address
+CVE-2014-0244 (Denial of service - CPU loop) and
+CVE-2014-3493 (Denial of service - Server crash/memory corruption).
+
+o CVE-2014-0244:
+ All current released versions of Samba are vulnerable to a denial of
+ service on the nmbd NetBIOS name services daemon. A malformed packet
+ can cause the nmbd server to loop the CPU and prevent any further
+ NetBIOS name service.
+
+ This flaw is not exploitable beyond causing the code to loop expending
+ CPU resources.
+
+o CVE-2014-3493:
+ All current released versions of Samba are affected by a denial of service
+ crash involving overwriting memory on an authenticated connection to the
+ smbd file server.
+
+
+Changes since 4.1.8:
+--------------------
+
+o Jeremy Allison <jra at samba.org>
+ * BUG 10633: CVE-2014-0244: Fix nmbd denial of service.
+ * BUG 10654: CVE-2014-3493: Fix segmentation fault in
+ smbd_marshall_dir_entry()'s SMB_FIND_FILE_UNIX handler.
+</pre>
+
+</body>
+</html>
diff --git a/history/security.html b/history/security.html
index e0caad5..50d3015 100755
--- a/history/security.html
+++ b/history/security.html
@@ -22,6 +22,25 @@ link to full release notes for each release.</p>
</tr>
<tr>
+ <td>23 Jun 2014</td>
+ <td><a href="/samba/ftp/patches/security/samba-4.1.8-CVE-2014-0244-CVE-2014-3493.patch">
+ patch for Samba 4.1.8</a><br />
+ <a href="/samba/ftp/patches/security/samba-4.0.18-CVE-2014-0244-CVE-2014-3493.patch">
+ patch for Samba 4.0.18</a><br />
+ <a href="/samba/ftp/patches/security/samba-3.6.23-CVE-2014-0244-CVE-2014-3493.patch">
+ patch for Samba 3.6.23</a><br />
+ <td>Denial of service - CPU loop, Denial of service - Server crash/memory corruption.
+ </td>
+ <td>please refer to the advisories</td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244">CVE-2014-0244</a>,
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493">CVE-2014-3493</a>
+ </td>
+ <td><a href="/samba/security/CVE-2014-0244">Announcement</a>
+ <a href="/samba/security/CVE-2014-3493">Announcement</a>
+ </td>
+ </tr>
+
+ <tr>
<td>03 June 2014</td>
<td><a href="/samba/ftp/patches/security/samba-4.0.17-CVE-2014-0178-CVE-2014-0239.patch">
patch for Samba 4.0.17</a><br />
diff --git a/latest_stable_release.html b/latest_stable_release.html
index b7589ee..3c1be15 100644
--- a/latest_stable_release.html
+++ b/latest_stable_release.html
@@ -1,7 +1,7 @@
<!-- BEGIN: latest_stable_release.html -->
<p>
- <a href="/samba/ftp/stable/samba-4.1.8.tar.gz">Samba 4.1.8 (gzipped)</a><br>
- <a href="/samba/history/samba-4.1.8.html">Release Notes</a> ·
- <a href="/samba/ftp/stable/samba-4.1.8.tar.asc">Signature</a>
+ <a href="/samba/ftp/stable/samba-4.1.9.tar.gz">Samba 4.1.9 (gzipped)</a><br>
+ <a href="/samba/history/samba-4.1.9.html">Release Notes</a> ·
+ <a href="/samba/ftp/stable/samba-4.1.9.tar.asc">Signature</a>
</p>
<!-- END: latest_stable_release.html -->
diff --git a/security/CVE-2013-4124.html b/security/CVE-2014-0244.html
similarity index 50%
copy from security/CVE-2013-4124.html
copy to security/CVE-2014-0244.html
index d4753b8..709d173 100644
--- a/security/CVE-2013-4124.html
+++ b/security/CVE-2014-0244.html
@@ -8,20 +8,20 @@
<body>
- <H2>CVE-2013-4124.html:</H2>
+ <H2>CVE-2014-0244.html:</H2>
<p>
<pre>
===========================================================
-== Subject: Denial of service - CPU loop and memory allocation.
+== Subject: Denial of service - CPU loop
==
-== CVE ID#: CVE-2013-4124
+== CVE ID#: CVE-2014-0244
==
-== Versions: Samba 3.0.x - 4.0.7 (inclusive)
+== Versions: Samba 3.6.0 - 4.1.8 (inclusive)
==
-== Summary: Samba 3.0.x to 4.0.7 are affected by a
-== denial of service attack on authenticated
-== or guest connections.
+== Summary: Samba 3.6.x to 4.1.8 are affected by a
+== denial of service attack on unauthenticated
+== nmbd NetBIOS name services.
==
===========================================================
@@ -30,17 +30,12 @@ Description
===========
All current released versions of Samba are vulnerable to a denial of
-service on an authenticated or guest connection. A malformed packet
-can cause the smbd server to loop the CPU performing memory
-allocations and preventing any further service.
-
-A connection to a file share, or a local account is needed to exploit
-this problem, either authenticated or unauthenticated if guest
-connections are allowed.
+service on the nmbd NetBIOS name services daemon. A malformed packet
+can cause the nmbd server to loop the CPU and prevent any further
+NetBIOS name service.
This flaw is not exploitable beyond causing the code to loop
-allocating memory, which may cause the machine to exceed memory
-limits.
+expending CPU resources.
==================
Patch Availability
@@ -50,8 +45,8 @@ A patch addressing this defect has been posted to
http://www.samba.org/samba/security/
-Additionally, Samba 3.5.22, 3.6.17 and 4.0.8 have been issued as
-security releases to correct the defect. Patches against older Samba
+Additionally, Samba 4.1.9, 4.0.19 and 3.6.24 have been issued as
+security releases to correct the defect. Patches against older Samba
versions are available at http://samba.org/samba/patches/. Samba
vendors and administrators running affected versions are advised to
upgrade or apply the patch as soon as possible.
@@ -66,8 +61,9 @@ None.
Credits
=======
-This problem was found by an internal audit of the Samba code by
-Jeremy Allison of Google.
+This problem was found by a Red Hat user and analyzed by
+Stefan Cornelius <scorneli at redhat.com>. Jeremy Allison of Google
+provided the Samba code fix for nmbd.
</pre>
</body>
</html>
diff --git a/security/CVE-2014-3493.html b/security/CVE-2014-3493.html
new file mode 100644
index 0000000..088fe73
--- /dev/null
+++ b/security/CVE-2014-3493.html
@@ -0,0 +1,79 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+<title>Samba - Security Announcement Archive</title>
+</head>
+
+<body>
+
+ <H2>CVE-2014-3493.html:</H2>
+
+<p>
+<pre>
+===========================================================
+== Subject: Denial of service - Server crash/memory corruption
+==
+== CVE ID#: CVE-2014-3493
+==
+== Versions: Samba 3.6.0 - 4.1.8 (inclusive)
+==
+== Summary: Samba 3.6.x to 4.1.8 are affected by a
+== denial of service crash involving overwriting
+== memory on an authenticated connection to the
+== smbd file server.
+==
+===========================================================
+
+===========
+Description
+===========
+
+All current released versions of Samba are vulnerable to a denial of
+service on the smbd file server daemon.
+
+Valid unicode path names stored on disk can cause smbd to
+crash if an authenticated client attempts to read them
+using a non-unicode request.
+
+The crash is caused by memory being overwritten by
+zeros at a 4GB offset from the expected return buffer
+area, due to an invalid return code from a bad unicode
+to Windows character set conversion.
+
+Currently it is not believed to be exploitable by
+an attacker, as there is no way to control the
+exact area of memory being overwritten. However,
+in the interests of safety this is being treated
+as a security issue.
+
+==================
+Patch Availability
+==================
+
+A patch addressing this defect has been posted to
+
+ http://www.samba.org/samba/security/
+
--
Samba Website Repository
More information about the samba-cvs
mailing list