[SCM] Samba Shared Repository - annotated tag samba-4.12.4 created

Karolin Seeger kseeger at samba.org
Thu Jul 2 07:41:59 UTC 2020

The annotated tag, samba-4.12.4 has been created
        at  e604581537ac9a7fbd7cab73e0605aeb801527d7 (tag)
   tagging  6ecd05dfbc201c60346d2ae486663ae0dfc0c09c (commit)
  replaces  samba-4.12.3
 tagged by  Karolin Seeger
        on  Thu Jun 25 12:59:41 2020 +0200

- Log -----------------------------------------------------------------
samba: tag release samba-4.12.4


Andrew Bartlett (10):
      CVE-2020-10730: vlv: Use strcmp(), not strncmp() checking the NULL terminated control OIDs
      CVE-2020-10730: vlv: Do not re-ASQ search the results of an ASQ search with VLV
      CVE-2020-10730: selftest: Add test to confirm VLV interaction with ASQ
      CVE-2020-10730: vlv: Another workaround for mixing ASQ and VLV
      CVE-2020-10730: selftest: Add test to show that VLV and paged_results are incompatible
      CVE-2020-10730: dsdb: Fix crash when vlv and paged_results are combined
      CVE-2020-10730: dsdb: Ban the combination of paged_results and VLV
      CVE-2020-14303 Ensure an empty packet will not DoS the NBT server
      CVE-2020-10760 dsdb: Ensure a proper talloc tree for saved controls
      CVE-2020-10760 dsdb: Add tests for paged_results and VLV over the Global Catalog port

Douglas Bagnall (7):
      CVE-2020-10745: pytests: hand-rolled invalid dns/nbt packet tests
      CVE-2020-10745: librpc/tests: cmocka tests of dns and ndr strings
      CVE-2020-10745: ndr_dns: move ndr_push_dns_string core into sharable function
      CVE-2020-10745: ndr/dns_utils: correct a comment
      CVE-2020-10745: ndr_dns: do not allow consecutive dots
      CVE-2020-10745: dns_util/push: forbid names longer than 255 bytes
      CVE-2020-10745: ndr/dns-utils: prepare for NBT compatibility

Gary Lockyer (5):
      CVE-2020-10730: s4 dsdb paged_results: Prevent repeat call of ldb_module_done
      CVE-2020-10730: s4 dsdb vlv_pagination: Prevent repeat call of ldb_module_done
      CVE-2020-10730: lib ldb: Check if ldb_lock_backend_callback called twice
      ldb: Bump version to 2.1.4
      CVE-2020-14303: s4 nbt: fix busy loop on empty UDP packet

Karolin Seeger (3):
      VERSION: Bump version up to 4.12.4...
      WHATSNEW: Add release notes for Samba 4.12.4.
      VERSION: Disable GIT_SNAPSHOT for the 4.12.4 release.


Samba Shared Repository

More information about the samba-cvs mailing list