[SCM] Samba Shared Repository - annotated tag samba-4.6.16 created

Karolin Seeger kseeger at samba.org
Tue Aug 14 07:48:39 UTC 2018

The annotated tag, samba-4.6.16 has been created
        at  7b5a59fa51930aa3ce8ea575439ca861a7344af1 (tag)
   tagging  18df99ba0bfc466b877d5875bef3ab1279b0e7dc (commit)
  replaces  samba-4.6.15
 tagged by  Karolin Seeger
        on  Mon Aug 13 09:27:05 2018 +0200

- Log -----------------------------------------------------------------
samba: tag release samba-4.6.16


Gary Lockyer (1):
      CVE-2018-10919 tests: test ldap searches for non-existent attributes.

Jeremy Allison (2):
      CVE-2018-10858: libsmb: Ensure smbc_urlencode() can't overwrite passed in buffer.
      CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against returns from malicious servers.

Karolin Seeger (3):
      VERSION: Bump version up to 4.6.16...
      WHATSNEW: Add release notes for Samba 4.6.16.
      VERSION: Disable GIT_SNAPSHOT for the 4.6.16 release.

Tim Beale (10):
      CVE-2018-10919 security: Move object-specific access checks into separate function
      CVE-2018-10919 security: Add more comments to the object-specific access checks
      CVE-2018-10919 tests: Add tests for guessing confidential attributes
      CVE-2018-10919 tests: Add test case for object visibility with limited rights
      CVE-2018-10919 security: Fix checking of object-specific CONTROL_ACCESS rights
      CVE-2018-10919 acl_read: Split access_mask logic out into helper function
      CVE-2018-10919 acl_read: Small refactor to aclread_callback()
      CVE-2018-10919 acl_read: Flip the logic in the dirsync check
      CVE-2018-10919 acl_read: Fix unauthorized attribute access via searches
      CVE-2018-10919 tests: Add extra test for dirsync deleted object corner-case


Samba Shared Repository

More information about the samba-cvs mailing list