[SCM] Samba Shared Repository - annotated tag samba-4.4.16 created

Karolin Seeger kseeger at samba.org
Wed Sep 20 07:18:30 UTC 2017

The annotated tag, samba-4.4.16 has been created
        at  0515ba553660237d8c62c85b2e869e97ae0d09cc (tag)
   tagging  89edb76883be2d19f490ea9b5d898ac37f8b60f1 (commit)
  replaces  samba-4.4.15
 tagged by  Karolin Seeger
        on  Wed Sep 13 11:28:47 2017 -0700

- Log -----------------------------------------------------------------
samba: tag release samba-4.4.16


Jeremy Allison (2):
      s3: smbd: Fix a read after free if a chained SMB1 call goes async.
      CVE-2017-12163: s3:smbd: Prevent client short SMB1 write from writing server memory to file.

Karolin Seeger (3):
      VERSION: Bump version up to 4.5.16...
      WHATSNEW: Add release notes for Samba 4.4.16.
      VERSION: Disable GIT_SNAPSHOTS for the 4.4.16 release.

Ralph Boehme (1):
      s3/smbd: let non_widelink_open() chdir() to directories directly

Stefan Metzmacher (8):
      CVE-2017-12150: s3:lib: get_cmdline_auth_info_signing_state smb_encrypt SMB_SIGNING_REQUIRED
      CVE-2017-12150: s3:pylibsmb: make use of SMB_SIGNING_DEFAULT for 'samba.samba3.libsmb_samba_internal'
      CVE-2017-12150: libgpo: make use of SMB_SIGNING_REQUIRED in gpo_connect_server()
      CVE-2017-12150: auth/credentials: cli_credentials_authentication_requested() should check for NTLM_CCACHE/SIGN/SEAL
      CVE-2017-12150: libcli/smb: add smbXcli_conn_signing_mandatory()
      CVE-2017-12150: s3:libsmb: only fallback to anonymous if authentication was not requested
      CVE-2017-12151: s3:libsmb: add cli_state_is_encryption_on() helper function
      CVE-2017-12151: s3:libsmb: make use of cli_state_is_encryption_on()


Samba Shared Repository

More information about the samba-cvs mailing list