[SCM] Samba Shared Repository - annotated tag ldb-1.5.1 created

Stefan Metzmacher metze at samba.org
Thu Aug 16 08:44:33 UTC 2018

The annotated tag, ldb-1.5.1 has been created
        at  46e75c1db906219c5b53f67d2ee5d88521b4f732 (tag)
   tagging  bdbb9422c0430d74c3173822257e23a9dfb2713e (commit)
  replaces  ldb-1.5.0
 tagged by  Stefan Metzmacher
        on  Thu Aug 16 10:44:25 2018 +0200

- Log -----------------------------------------------------------------
ldb: tag release ldb-1.5.1


Andreas Schneider (1):
      s3:libads: Free addr before we free the context

Andrej Gessel (2):
      fix mem leak in ltdb_index_dn_base_dn and ltdb_search_indexed
      fix mem leak in ldbsearch

Andrew Bartlett (5):
      cracknames: Fix DoS (NULL pointer de-ref) when not servicePrincipalName is set on a user
      ldb_tdb: Remove pointless check of ldb_dn_is_valid()
      ldb: Add new function ldb_dn_add_child_val()
      ldb: extend API tests
      ldb: Release LDB 1.5.1

Gary Lockyer (1):
      CVE-2018-10919 tests: test ldap searches for non-existent attributes.

Jeremy Allison (2):
      libsmb: Ensure smbc_urlencode() can't overwrite passed in buffer.
      libsmb: Harden smbc_readdir_internal() against returns from malicious servers.

Joe Guo (1):
      ldb: no need to call del_transaction in ldb_transaction_commit

Kai Blin (1):
      CVE-2018-1140 dns: Add a test to trigger the LDB casefolding issue on invalid chars

Tim Beale (10):
      CVE-2018-10919 security: Move object-specific access checks into separate function
      CVE-2018-10919 security: Add more comments to the object-specific access checks
      CVE-2018-10919 tests: Add tests for guessing confidential attributes
      CVE-2018-10919 tests: Add test case for object visibility with limited rights
      CVE-2018-10919 security: Fix checking of object-specific CONTROL_ACCESS rights
      CVE-2018-10919 acl_read: Split access_mask logic out into helper function
      CVE-2018-10919 acl_read: Small refactor to aclread_callback()
      CVE-2018-10919 acl_read: Flip the logic in the dirsync check
      CVE-2018-10919 acl_read: Fix unauthorized attribute access via searches
      CVE-2018-10919 tests: Add extra test for dirsync deleted object corner-case

Timur I. Bakeyev (1):
      ldb tests: fix assertion on wrong pointer


Samba Shared Repository

More information about the samba-cvs mailing list