[SCM] Samba Shared Repository - annotated tag ldb-1.3.5 created

Stefan Metzmacher metze at samba.org
Tue Aug 14 08:54:25 UTC 2018

The annotated tag, ldb-1.3.5 has been created
        at  fe1a5a7a9f4589018ec7e1e3c943eb074e43cb41 (tag)
   tagging  5ad366eb3db510d7e2dd54a7a796180416dea315 (commit)
  replaces  samba-4.8.3
 tagged by  Stefan Metzmacher
        on  Tue Aug 14 10:54:14 2018 +0200

- Log -----------------------------------------------------------------
ldb: tag release ldb-1.3.5


Andrej Gessel (1):
      CVE-2018-1140 Add NULL check for ldb_dn_get_casefold() in ltdb_index_dn_attr()

Andrew Bartlett (7):
      CVE-2018-10918: cracknames: Fix DoS (NULL pointer de-ref) when not servicePrincipalName is set on a user
      CVE-2018-1139 libcli/auth: Add initial tests for ntlm_password_check()
      CVE-2018-1140 ldb: Check for ldb_dn_get_casefold() failure in ldb_sqlite
      CVE-2018-1140 ldb_tdb: Ensure the dn in distinguishedName= is valid before use
      CVE-2018-1140 ldb_tdb: Check for DN validity in add, rename and search
      CVE-2018-1140 ldb: Add tests for search add and rename with a bad dn= DN
      ldb: Release LDB 1.3.5 for CVE-2018-1140

Douglas Bagnall (1):
      selftest/tests.py: remove always-needed, never-set with_cmocka flag

Gary Lockyer (1):
      CVE-2018-10919 tests: test ldap searches for non-existent attributes.

G√ľnther Deschner (4):
      CVE-2018-1139 libcli/auth: fix debug messages in hash_password_check()
      CVE-2018-1139 s3-utils: use enum ntlm_auth_level in ntlm_password_check().
      CVE-2018-1139 selftest: verify whether ntlmv1 can be used via SMB1 when it is disabled.
      CVE-2018-1139 libcli/auth: Do not allow ntlmv1 over SMB1 when it is disabled via "ntlm auth".

Jeremy Allison (2):
      CVE-2018-10858: libsmb: Ensure smbc_urlencode() can't overwrite passed in buffer.
      CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against returns from malicious servers.

Karolin Seeger (1):
      VERSION: Bump version up to 4.8.4...

Tim Beale (10):
      CVE-2018-10919 security: Move object-specific access checks into separate function
      CVE-2018-10919 security: Add more comments to the object-specific access checks
      CVE-2018-10919 tests: Add tests for guessing confidential attributes
      CVE-2018-10919 tests: Add test case for object visibility with limited rights
      CVE-2018-10919 security: Fix checking of object-specific CONTROL_ACCESS rights
      CVE-2018-10919 acl_read: Split access_mask logic out into helper function
      CVE-2018-10919 acl_read: Small refactor to aclread_callback()
      CVE-2018-10919 acl_read: Flip the logic in the dirsync check
      CVE-2018-10919 acl_read: Fix unauthorized attribute access via searches
      CVE-2018-10919 tests: Add extra test for dirsync deleted object corner-case


Samba Shared Repository

More information about the samba-cvs mailing list