[SCM] Samba Shared Repository - annotated tag samba-4.15.3 created

Jule Anger janger at samba.org
Wed Dec 8 14:38:33 UTC 2021


The annotated tag, samba-4.15.3 has been created
        at  579069ee4ec96d45215e791062624a3e3e3a80bd (tag)
   tagging  0c85a0adaa57df2541ec2d395d1f7cf936bc2e43 (commit)
  replaces  samba-4.15.2
 tagged by  Jule Anger
        on  Wed Dec 8 15:37:57 2021 +0100

- Log -----------------------------------------------------------------
samba: tag release samba-4.15.3
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEgfXigyvSVFoYl7cTqplEL7aAtiAFAmGww0UACgkQqplEL7aA
tiCWrhAAumxyIGrnervT06lZzt1LnJYSSYnowgwqfXazwyHH8/BIoS7vkl6mr8qS
Yv2XmmV1647vBe9jhfJtmAFdLuxj3mjcbElMhHBR6AVIwUkPN4Ij4M9SebHg4dyf
297ygHJfdMff30uT6dMk7F7TjouRXydVI8syIB69d74hHsz5sRRu/irHJZ3wKHjy
RZP0nRgOeGUa4Ua9vHF2qF+nl/8azjvpWa7j2m22AUC8mgpHkYvnqjeuydJykTw9
pEUBdEdtLsTCypC6ONoKKUz0nq+340WnA5fg5DIh5ObTooceYXE/9lYXK8x29ezh
h3ba/PjbCd8FcVbfrA1mnScH1xkFKuzwsBYFoz3VIKwkX1GeOCHTviROWxiTf5b+
6OhiAPByi7VEwmpl6Wj7ZM20cvCk98aFrW4M/IrXhNvi2HQfXzCbxt6HS5qmuU+S
xzUxClY3HhGLdM7ZXSnYVZ43t0ESL7gvbBcx0064zG7yvjEg1pXWBRnzOsJqHyoj
ZYVoCHu6iDhKb/9DwX9WpKKfh04ee3F9o7Rjofv7fFzz6zIXEMTWpgImHvEClcrs
YbYoVttgAb3biF8BqkfTwRpt5nmYv6trpOvD4A1jIK3DaOhA8cZm7v8B8ppPbLyy
MjB5RBAypR5soMI1aXX+jyF6JQB770QZQWC2yiruxuYkhXAZVGI=
=369D
-----END PGP SIGNATURE-----

Alexander Bokovoy (1):
      IPA DC: add missing checks

Andreas Schneider (11):
      testprogs: Use new cmdline option for kerberos
      lib:cmdline: Fix -k option which doesn't expect anything
      auth:creds: Guess the username first via getpwuid(my_id)
      s3:winbind: Fix possible NULL pointer dereference
      testprogs: Add rpcclient schannel tests
      s3:rpc_client: Remove trailing white spaces from cli_pipe.c
      s3:rpcclient: Remove trailing white spaces in rpcclient.c
      s3:libnet: Remove tailing whitespaces in libnet_join.c
      s3:libsmb: Remove trailing white spaces from passchange.c
      s3:rpc_client: Add remote name and socket to cli_rpc_pipe_open_bind_schannel()
      libcli:auth: Allow to connect to netlogon server offering only AES

Andrew Bartlett (6):
      CVE-2020-25717: s3:auth: Fallback to a SID/UID based mapping if the named based lookup fails
      CVE-2021-3670 ldb: Confirm the request has not yet timed out in ldb filter processing
      CVE-2021-3670 ldap_server: Remove duplicate print of LDAP search details
      CVE-2021-3670 dsdb/anr: Do a copy of the potentially anr query before starting to modify it
      CVE-2021-3670 ldap_server: Clearly log LDAP queries and timeouts
      dsdb: Use DSDB_SEARCH_SHOW_EXTENDED_DN when searching for the local replicated object

Andrew Walker (1):
      s3:modules:recycle - fix crash in recycle_unlink_internal

Günther Deschner (5):
      s3-winexe: Fix winexe core dump (use-after-free)
      s3:rpc_client: Pass remote name and socket to cli_rpc_pipe_open()
      s3:rpc_client: Pass remote name and socket to cli_rpc_pipe_open_noauth_transport()
      s3:rpc_client: Pass remote name and socket to cli_rpc_pipe_open_with_creds()
      s3:rpc_client: Pass remote name and socket to cli_rpc_pipe_open_schannel_with_creds()

Jeremy Allison (12):
      s3: smbd: Add two tests showing recursive directory delete of a directory containing veto file and msdfs links over SMB2.
      s3: smbd: Fix recursive directory delete of a directory containing veto file and msdfs links.
      s3: smbd: Add two tests showing the ability to delete a directory containing a dangling symlink over SMB2 depends on "delete veto files" setting.
      s3: VFS: streams_depot. Allow unlinkat to cope with dangling symlinks.
      s3: VFS: xattr_tdb. Allow unlinkat to cope with dangling symlinks.
      s3: smbd: Fix rmdir_internals() to do an early return if lp_delete_veto_files() is not set.
      s3: smbd: Fix logic in rmdir_internals() to cope with dangling symlinks.
      s3: smbd: Fix logic in can_delete_directory_fsp() to cope with dangling symlinks.
      s3: docs-xml: Clarify the "delete veto files" paramter.
      s3: smbd: dirfsp is being used uninitialized inside rmdir_internals().
      s3: smbtorture3: Add test for setting delete on close on a directory, then creating a file within to see if delete succeeds.
      s3: smbd: Ensure in the directory scanning loops inside rmdir_internals() we don't overwrite the 'ret' variable.

Joseph Sutton (7):
      CVE-2020-25717: tests/krb5: Add method to automatically obtain server credentials
      CVE-2020-25717: nsswitch/nsstest.c: Lower 'non existent uid' to make room for new accounts
      CVE-2020-25717: selftest: turn ad_member_no_nss_wb into ad_member_idmap_nss
      CVE-2020-25717: tests/krb5: Add a test for idmap_nss mapping users to SIDs
      CVE-2021-3670 tests/krb5/test_ldap.py: Add test for LDAP timeouts
      CVE-2021-3670 ldap_server: Set timeout on requests based on MaxQueryDuration
      CVE-2021-3670 ldap_server: Ensure value of MaxQueryDuration is greater than zero

Jule Anger (2):
      WHATSNEW: Add release notes for Samba 4.15.3.
      VERSION: Disable GIT_SNAPSHOT for the 4.15.3 release.

Martin Schwenke (2):
      bootstrap: Add Debian 11
      bootstrap: Debian 11 has liburing-dev

Ralph Boehme (21):
      lib: add NTTIME_THAW
      lib: fix null_nttime() tests
      lib: use NTTIME_FREEZE in a null_nttime() test
      lib: update null_nttime() of -1: -1 is NTTIME_FREEZE
      lib: add a test for null_nttime(NTTIME_THAW)
      torture: add a test for NTTIME_FREEZE and NTTIME_THAW
      lib: handle NTTIME_THAW in nt_time_to_full_timespec()
      CI: add a test for bug 14882
      lib/dbwrap: reset deleted record to tdb_null
      vfs_fruit: remove a fsp check from ad_fset()
      source3: move lib/substitute.c functions out of proto.h
      samba-bgqd: fix startup and logging
      winbindd: remove is_default_dyn_LOGFILEBASE() logic
      lib/debug: fix fd check before dup'ing to stderr
      lib/debug: in debug_set_logfile() call reopen_logs_internal()
      lib/cmdline: fix indentation
      lib/cmdline: remember config_type in samba_cmdline_init()
      lib/cmdline: setup default file logging for servers
      smbd: get rid of get_file_handle_for_metadata()
      CVE-2020-25717: s3-auth: fix MIT Realm regression
      smbd: s3-dsgetdcname: handle num_ips == 0

Stefan Metzmacher (15):
      VERSION: Bump version up to Samba 4.15.3...
      s3/libsmb: check for global parametric option "libsmb:client_guid"
      s3:winbindd: fix "allow trusted domains = no" regression
      CVE-2020-25727: idmap_nss: verify that the name of the sid belongs to the configured domain
      libcli/smb: split out smb2cli_raw_tcon* from smb2cli_tcon*
      s4:torture/smb2: add smb2.ioctl.bug14788.VALIDATE_NEGOTIATE
      smb2_server: make sure in_ctl_code = IVAL(body, 0x04); reads valid bytes
      smb2_server: decouple IOCTL check from signing/encryption states
      smb2_server: skip tcon check and chdir_current_service() for FSCTL_VALIDATE_NEGOTIATE_INFO
      s4:torture/smb2: test FSCTL_QUERY_NETWORK_INTERFACE_INFO with BUFFER_TOO_SMALL
      smb2_ioctl: return BUFFER_TOO_SMALL in smbd_smb2_request_ioctl_done()
      s4:torture/smb2: FSCTL_QUERY_NETWORK_INTERFACE_INFO gives INVALID_PARAMETER with invalid file ids
      smb2_server: don't let SMB2_OP_IOCTL force FILE_CLOSED for invalid file ids
      s4:torture/smb2: FSCTL_QUERY_NETWORK_INTERFACE_INFO should work on noperm share
      smb2_server: skip tcon check and chdir_current_service() for FSCTL_QUERY_NETWORK_INTERFACE_INFO

Volker Lendecke (4):
      selftest: Add reproducer for bug 14908
      lib: Add required includes to source3/include/secrets.h
      cmdline: Add a callback to set the machine account details
      cmdline: Make -P work in clustered mode

-----------------------------------------------------------------------


-- 
Samba Shared Repository



More information about the samba-cvs mailing list