[SCM] Samba Shared Repository - annotated tag samba-4.11.13 created

Karolin Seeger kseeger at samba.org
Fri Sep 18 11:49:18 UTC 2020


The annotated tag, samba-4.11.13 has been created
        at  f7739096f0d3be4d92052d99dde8faecd5050b6c (tag)
   tagging  ef64fc24b31f057bd344e7135d32732c8b3057e2 (commit)
  replaces  samba-4.11.12
 tagged by  Karolin Seeger
        on  Fri Sep 18 13:34:24 2020 +0200

- Log -----------------------------------------------------------------
samba: tag release samba-4.11.13
-----BEGIN PGP SIGNATURE-----

iF0EABECAB0WIQRS+8C4bZVLCEMyTNxvM5FbZWi36gUCX2SbQAAKCRBvM5FbZWi3
6phtAKC51IqJ6oMo+Xqd6zA2qHprBSNJHACgnSkhTYi4hqdjbOE0jPItlE8eruE=
=LslU
-----END PGP SIGNATURE-----

Gary Lockyer (2):
      CVE-2020-1472(ZeroLogon): s4 torture rpc: Test empty machine acct pwd
      CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated bytes in client challenge

Günther Deschner (3):
      CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: refactor dcesrv_netr_creds_server_step_check()
      CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: support "server require schannel:WORKSTATION$ = no"
      CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: log warnings about unsecure configurations

Jeremy Allison (2):
      CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Fix mem leak onto p->mem_ctx in error path of _netr_ServerPasswordSet2().
      CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: protect netr_ServerPasswordSet2 against unencrypted passwords

Karolin Seeger (3):
      VERSION: Bump version up to 4.11.13...
      WHATSNEW: Add release notes for Samba 4.11.13.
      VERSION: Disable GIT_SNAPSHOT for the 4.11.13 release.

Stefan Metzmacher (12):
      CVE-2020-1472(ZeroLogon): libcli/auth: add netlogon_creds_random_challenge()
      CVE-2020-1472(ZeroLogon): s4:torture/rpc: make use of netlogon_creds_random_challenge()
      CVE-2020-1472(ZeroLogon): libcli/auth: make use of netlogon_creds_random_challenge() in netlogon_creds_cli.c
      CVE-2020-1472(ZeroLogon): s3:rpc_server:netlogon: make use of netlogon_creds_random_challenge()
      CVE-2020-1472(ZeroLogon): s4:rpc_server:netlogon: make use of netlogon_creds_random_challenge()
      CVE-2020-1472(ZeroLogon): libcli/auth: add netlogon_creds_is_random_challenge() to avoid weak values
      CVE-2020-1472(ZeroLogon): libcli/auth: reject weak client challenges in netlogon_creds_server_init()
      CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: protect netr_ServerPasswordSet2 against unencrypted passwords
      CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: refactor dcesrv_netr_creds_server_step_check()
      CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: support "server require schannel:WORKSTATION$ = no"
      CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: log warnings about unsecure configurations
      CVE-2020-1472(ZeroLogon): docs-xml: document 'server require schannel:COMPUTERACCOUNT'

-----------------------------------------------------------------------


-- 
Samba Shared Repository



More information about the samba-cvs mailing list