[SCM] Samba Shared Repository - branch v4-7-stable updated

Wed Jul 12 14:51:54 UTC 2017

The branch, v4-7-stable has been updated
       via  27d4dfb VERSION: Disable GIT_SNAPSHOTS for the 4.7.0rc2 release
       via  95a3381 WHATSNEW: Add release notes for Samba 4.7.0rc2
       via  4e809d0 CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation
       via  766c59d VERSION: Bump version up to 4.7.0rc2...
      from  d4bb8fe VERSION: Disable GIT_SNAPSHOTS for the 4.7.0rc1 release

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-7-stable


- Log -----------------------------------------------------------------
-----------------------------------------------------------------------

Summary of changes:
 VERSION                           | 2 +-
 WHATSNEW.txt                      | 9 ++++++++-
 source4/heimdal/lib/krb5/ticket.c | 4 ++--
 3 files changed, 11 insertions(+), 4 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index 7fd1f8a..12b20ea 100644
--- a/VERSION
+++ b/VERSION
@@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE=
 # e.g. SAMBA_VERSION_RC_RELEASE=1                      #
 #  ->  "3.0.0rc1"                                      #
 ########################################################
-SAMBA_VERSION_RC_RELEASE=1
+SAMBA_VERSION_RC_RELEASE=2
 
 ########################################################
 # To mark SVN snapshots this should be set to 'yes'    #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 8ef5428..73daedf 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,7 +1,7 @@
 Release Announcements
 =====================
 
-This is the first release candidate of Samba 4.7.  This is *not*
+This is the second release candidate of Samba 4.7.  This is *not*
 intended for production environments and is designed for testing
 purposes only.  Please report any defects via the Samba bug reporting
 system at https://bugzilla.samba.org/.
@@ -283,6 +283,13 @@ KNOWN ISSUES
 https://wiki.samba.org/index.php/Release_Planning_for_Samba_4.7#Release_blocking_bugs
 
 
+CHANGES SINCE 4.7.0rc1
+======================
+
+o  Jeffrey Altman <jaltman at secure-endpoints.com>
+   * BUG 12894: CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation
+
+
 #######################################
 Reporting bugs & Development Discussion
 #######################################
diff --git a/source4/heimdal/lib/krb5/ticket.c b/source4/heimdal/lib/krb5/ticket.c
index 064bbfb..5a317c7 100644
--- a/source4/heimdal/lib/krb5/ticket.c
+++ b/source4/heimdal/lib/krb5/ticket.c
@@ -641,8 +641,8 @@ _krb5_extract_ticket(krb5_context context,
     /* check server referral and save principal */
     ret = _krb5_principalname2krb5_principal (context,
 					      &tmp_principal,
-					      rep->kdc_rep.ticket.sname,
-					      rep->kdc_rep.ticket.realm);
+					      rep->enc_part.sname,
+					      rep->enc_part.srealm);
     if (ret)
 	goto out;
     if((flags & EXTRACT_TICKET_ALLOW_SERVER_MISMATCH) == 0){


-- 
Samba Shared Repository

