[SCM] Samba Shared Repository - annotated tag samba-4.8.4 created
Karolin Seeger
kseeger at samba.org
Tue Aug 14 07:45:02 UTC 2018
The annotated tag, samba-4.8.4 has been created
at a480a26377a23435ca9f0865fa49d2fb2f5e0d41 (tag)
tagging 626c489c2c879aef8b82efe9f7e832cca0183f4d (commit)
replaces samba-4.8.3
tagged by Karolin Seeger
on Sat Aug 11 08:19:01 2018 +0200
- Log -----------------------------------------------------------------
samba: tag release samba-4.8.4
-----BEGIN PGP SIGNATURE-----
iEYEABECAAYFAltuf9YACgkQbzORW2Vot+plNgCdGg0/MXbAsmn0ML4XstZmdvjX
SZgAoMHj4xsAiwE6UsO5cqz6RrtZ9C8o
=HwTE
-----END PGP SIGNATURE-----
Andrej Gessel (1):
CVE-2018-1140 Add NULL check for ldb_dn_get_casefold() in ltdb_index_dn_attr()
Andrew Bartlett (7):
CVE-2018-10918: cracknames: Fix DoS (NULL pointer de-ref) when not servicePrincipalName is set on a user
CVE-2018-1139 libcli/auth: Add initial tests for ntlm_password_check()
CVE-2018-1140 ldb: Check for ldb_dn_get_casefold() failure in ldb_sqlite
CVE-2018-1140 ldb_tdb: Ensure the dn in distinguishedName= is valid before use
CVE-2018-1140 ldb_tdb: Check for DN validity in add, rename and search
CVE-2018-1140 ldb: Add tests for search add and rename with a bad dn= DN
ldb: Release LDB 1.3.5 for CVE-2018-1140
Douglas Bagnall (1):
selftest/tests.py: remove always-needed, never-set with_cmocka flag
Gary Lockyer (1):
CVE-2018-10919 tests: test ldap searches for non-existent attributes.
Günther Deschner (4):
CVE-2018-1139 libcli/auth: fix debug messages in hash_password_check()
CVE-2018-1139 s3-utils: use enum ntlm_auth_level in ntlm_password_check().
CVE-2018-1139 selftest: verify whether ntlmv1 can be used via SMB1 when it is disabled.
CVE-2018-1139 libcli/auth: Do not allow ntlmv1 over SMB1 when it is disabled via "ntlm auth".
Jeremy Allison (2):
CVE-2018-10858: libsmb: Ensure smbc_urlencode() can't overwrite passed in buffer.
CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against returns from malicious servers.
Kai Blin (1):
CVE-2018-1140 dns: Add a test to trigger the LDB casefolding issue on invalid chars
Karolin Seeger (3):
VERSION: Bump version up to 4.8.4...
WHATSNEW: Add release notes for Samba 4.8.4.
VERSION: Disable GIT_SNAPSHOT for the Samba 4.8.4 release.
Tim Beale (10):
CVE-2018-10919 security: Move object-specific access checks into separate function
CVE-2018-10919 security: Add more comments to the object-specific access checks
CVE-2018-10919 tests: Add tests for guessing confidential attributes
CVE-2018-10919 tests: Add test case for object visibility with limited rights
CVE-2018-10919 security: Fix checking of object-specific CONTROL_ACCESS rights
CVE-2018-10919 acl_read: Split access_mask logic out into helper function
CVE-2018-10919 acl_read: Small refactor to aclread_callback()
CVE-2018-10919 acl_read: Flip the logic in the dirsync check
CVE-2018-10919 acl_read: Fix unauthorized attribute access via searches
CVE-2018-10919 tests: Add extra test for dirsync deleted object corner-case
-----------------------------------------------------------------------
--
Samba Shared Repository
More information about the samba-cvs
mailing list