[SCM] Samba Shared Repository - annotated tag samba-4.2.7 created

Karolin Seeger kseeger at samba.org
Wed Dec 16 11:26:03 UTC 2015

The annotated tag, samba-4.2.7 has been created
        at  5a49c437ce8ed451c27a0fd5a6e76dd5580a501a (tag)
   tagging  add4fe9079dda8fb0bfd9763da85d65ed0063523 (commit)
  replaces  samba-4.2.6
 tagged by  Karolin Seeger
        on  Thu Dec 10 12:50:21 2015 +0100

- Log -----------------------------------------------------------------
samba: tag release samba-4.2.7
Version: GnuPG v1


Andrew Bartlett (1):
      CVE-2015-8467: samdb: Match MS15-096 behaviour for userAccountControl

Douglas Bagnall (6):
      CVE-2015-5330: ldb_dn: simplify and fix ldb_dn_escape_internal()
      CVE-2015-5330: ldb_dn_escape_value: use known string length, not strlen()
      CVE-2015-5330: Fix handling of unicode near string endings
      CVE-2015-5330: strupper_talloc_n_handle(): properly count characters
      CVE-2015-5330: next_codepoint_handle_ext: don't short-circuit UTF16 low bytes
      CVE-2015-5330: ldb_dn_explode: copy strings by length, not terminators

Jeremy Allison (4):
      CVE-2015-3223: lib: ldb: Cope with canonicalise_fn returning string "", length 0.
      CVE-2015-3223: lib: ldb: Use memmem binary search, not strstr text search.
      CVE-2015-5252: s3: smbd: Fix symlink verification (file access outside the share).
      CVE-2015-5299: s3-shadow-copy2: fix missing access check on snapdir

Karolin Seeger (3):
      VERSION: Bump version up to 4.2.7...
      WHATSNEW: Add release notes for Samba 4.2.7.
      VERSION: Disable git snapshots for the 4.2.7 release.

Ralph Boehme (1):
      ldb: bump version of the required system ldb to 1.1.24

Stefan Metzmacher (3):
      CVE-2015-5296: s3:libsmb: force signing when requiring encryption in do_connect()
      CVE-2015-5296: s3:libsmb: force signing when requiring encryption in SMBC_server_internal()
      CVE-2015-5296: libcli/smb: make sure we require signing when we demand encryption on a session


Samba Shared Repository

More information about the samba-cvs mailing list