[SCM] Samba Shared Repository - annotated tag samba-4.7.6 created

Karolin Seeger kseeger at samba.org
Tue Mar 13 09:16:28 UTC 2018

The annotated tag, samba-4.7.6 has been created
        at  d0f9f2878c8cdd1f41db9b3f89a85354de83ba39 (tag)
   tagging  5cfa947e5098bc361ff13fdad1b4fe3211a39154 (commit)
  replaces  samba-4.7.5
 tagged by  Karolin Seeger
        on  Mon Mar 12 09:55:57 2018 +0100

- Log -----------------------------------------------------------------
samba: tag release samba-4.7.6


Jeremy Allison (1):
      CVE-2018-1050: s3: RPC: spoolss server. Protect against null pointer derefs.

Karolin Seeger (3):
      VERSION: Bump version up to 4.7.6...
      WHATSNEW: Add release notes for Samba 4.7.6.
      VERSION: Disable GIT_SNAPSHOT for the 4.7.6 release.

Ralph Boehme (13):
      CVE-2018-1057: s4:dsdb/tests: add a test for password change with empty delete
      CVE-2018-1057: s4:dsdb/password_hash: add a helper variable for LDB_FLAG_MOD_TYPE
      CVE-2018-1057: s4:dsdb/password_hash: add a helper variable for passwordAttr->num_values
      CVE-2018-1057: s4:dsdb/acl: only call dsdb_acl_debug() if we checked the acl in acl_check_password_rights()
      CVE-2018-1057: s4:dsdb/acl: remove unused else branches in acl_check_password_rights()
      CVE-2018-1057: s4:dsdb/acl: check for internal controls before other checks
      CVE-2018-1057: s4:dsdb/acl: add check for DSDB_CONTROL_PASSWORD_HASH_VALUES_OID control
      CVE-2018-1057: s4:dsdb/acl: add a NULL check for talloc_new() in acl_check_password_rights()
      CVE-2018-1057: s4/dsdb: correctly detect password resets
      CVE-2018-1057: s4:dsdb/acl: run password checking only once
      CVE-2018-1057: s4:dsdb/samdb: define DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OID control
      CVE-2018-1057: s4:dsdb/acl: changing dBCSPwd is only allowed with a control


Samba Shared Repository

More information about the samba-cvs mailing list