[SCM] Samba Shared Repository - annotated tag samba-4.1.22 created

Karolin Seeger kseeger at samba.org
Wed Dec 16 11:26:46 UTC 2015 

The annotated tag, samba-4.1.22 has been created
        at  6fe6a847fb0ad76657a796812f528020df40a65f (tag)
   tagging  cd89c8372cbc5868f23094a9b7481be21a89a7e9 (commit)
  replaces  samba-4.1.21
 tagged by  Karolin Seeger
        on  Thu Dec 10 12:47:56 2015 +0100

- Log -----------------------------------------------------------------
samba: tag release samba-4.1.22
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iD8DBQBWaWZsbzORW2Vot+oRApkYAJ9VauWOAzZ91/GmadlyA+aEZtoBAQCbBNmw
oPzOcjoXw0QmBSKKVQYwGqQ=
=WNuW
-----END PGP SIGNATURE-----

Andrew Bartlett (1):
      CVE-2015-8467: samdb: Match MS15-096 behaviour for userAccountControl

Douglas Bagnall (6):
      CVE-2015-5330: ldb_dn: simplify and fix ldb_dn_escape_internal()
      CVE-2015-5330: ldb_dn_escape_value: use known string length, not strlen()
      CVE-2015-5330: Fix handling of unicode near string endings
      CVE-2015-5330: strupper_talloc_n_handle(): properly count characters
      CVE-2015-5330: next_codepoint_handle_ext: don't short-circuit UTF16 low bytes
      CVE-2015-5330: ldb_dn_explode: copy strings by length, not terminators

Jeremy Allison (6):
      CVE-2015-3223: lib: ldb: Cope with canonicalise_fn returning string "", length 0.
      CVE-2015-3223: lib: ldb: Use memmem binary search, not strstr text search.
      CVE-2015-7540: s4: libcli: ldap message - Ensure all asn1_XX returns are checked.
      CVE-2015-7540: lib: util: Check *every* asn1 return call and early return.
      CVE-2015-5252: s3: smbd: Fix symlink verification (file access outside the share).
      CVE-2015-5299: s3-shadow-copy2: fix missing access check on snapdir

Karolin Seeger (3):
      VERSION: Bump version up to 4.1.22...
      WHATSNEW: Add release notes for Samba 4.1.22.
      VERSION: Disable git snapshots for the 4.1.22 release.

Ralph Boehme (1):
      ldb: bump version of the required system ldb to 1.1.24

Stefan Metzmacher (3):
      CVE-2015-5296: s3:libsmb: force signing when requiring encryption in do_connect()
      CVE-2015-5296: s3:libsmb: force signing when requiring encryption in SMBC_server_internal()
      CVE-2015-5296: libcli/smb: make sure we require signing when we demand encryption on a session

-----------------------------------------------------------------------


-- 
Samba Shared Repository

More information about the samba-cvs mailing list