[SCM] Samba Shared Repository - annotated tag samba-4.10.18 created

Karolin Seeger kseeger at samba.org
Fri Sep 18 11:50:42 UTC 2020


The annotated tag, samba-4.10.18 has been created
        at  92a34f2ca7318b4323e5dc36fd102417e911ec5a (tag)
   tagging  aa658ca962cfe9057741495ce9eda5d6b6965882 (commit)
  replaces  samba-4.10.17
 tagged by  Karolin Seeger
        on  Fri Sep 18 13:36:43 2020 +0200

- Log -----------------------------------------------------------------
samba: tag release samba-4.10.18
-----BEGIN PGP SIGNATURE-----

iF0EABECAB0WIQRS+8C4bZVLCEMyTNxvM5FbZWi36gUCX2SbywAKCRBvM5FbZWi3
6kHnAJ9bUdyDgkGISzNxR9wCacTjERzyYgCgtOoGW/iKrFRZMsehqz24zKspGys=
=HVCP
-----END PGP SIGNATURE-----

Bjoern Jacke (1):
      util: fix build on AIX by fixing the order of replace.h include

Gary Lockyer (2):
      CVE-2020-1472(ZeroLogon): s4 torture rpc: Test empty machine acct pwd
      CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated bytes in client challenge

Günther Deschner (3):
      CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: refactor dcesrv_netr_creds_server_step_check()
      CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: support "server require schannel:WORKSTATION$ = no"
      CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: log warnings about unsecure configurations

Jeremy Allison (1):
      CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: protect netr_ServerPasswordSet2 against unencrypted passwords

Karolin Seeger (5):
      VERSION: Bump version up to 4.10.17...
      Merge tag 'samba-4.10.17' into v4-10-test
      VERSION: Bump version up to 4.10.18.
      WHATSNEW: Add release notes for Samba 4.10.18.
      VERSION: Disable GIT_SNAPSHOT for the 4.10.18 release.

Martin Schwenke (3):
      util: Simplify input validation
      util: Fix build on FreeBSD by avoiding NSS_BUFLEN_PASSWD
      util: Reallocate larger buffer if getpwuid_r() returns ERANGE

Stefan Metzmacher (12):
      CVE-2020-1472(ZeroLogon): libcli/auth: add netlogon_creds_random_challenge()
      CVE-2020-1472(ZeroLogon): s4:torture/rpc: make use of netlogon_creds_random_challenge()
      CVE-2020-1472(ZeroLogon): libcli/auth: make use of netlogon_creds_random_challenge() in netlogon_creds_cli.c
      CVE-2020-1472(ZeroLogon): s3:rpc_server:netlogon: make use of netlogon_creds_random_challenge()
      CVE-2020-1472(ZeroLogon): s4:rpc_server:netlogon: make use of netlogon_creds_random_challenge()
      CVE-2020-1472(ZeroLogon): libcli/auth: add netlogon_creds_is_random_challenge() to avoid weak values
      CVE-2020-1472(ZeroLogon): libcli/auth: reject weak client challenges in netlogon_creds_server_init()
      CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: protect netr_ServerPasswordSet2 against unencrypted passwords
      CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: refactor dcesrv_netr_creds_server_step_check()
      CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: support "server require schannel:WORKSTATION$ = no"
      CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: log warnings about unsecure configurations
      CVE-2020-1472(ZeroLogon): docs-xml: document 'server require schannel:COMPUTERACCOUNT'

-----------------------------------------------------------------------


-- 
Samba Shared Repository



More information about the samba-cvs mailing list