[SCM] Samba Shared Repository - annotated tag samba-4.14.11 created
Jule Anger
janger at samba.org
Wed Dec 15 14:52:44 UTC 2021
The annotated tag, samba-4.14.11 has been created
at 8a8cde240a953ac46920742e628cd77b1837459e (tag)
tagging ae3229e76d04e79addb2fa03319365a2f7675a82 (commit)
replaces samba-4.14.10
tagged by Jule Anger
on Wed Dec 15 15:52:11 2021 +0100
- Log -----------------------------------------------------------------
samba: tag release samba-4.14.11
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEgfXigyvSVFoYl7cTqplEL7aAtiAFAmG6ARsACgkQqplEL7aA
tiAShQ//TZF4iO2dlExzmvgZnqn7XqsiJb6JXBaY5cIxvrdpOy+w61c4Ks3OIbqq
CZsJzqlBbuAkKbzL1TeDkfpWg70TmDNw0Etdt7pny/PD/og7T4AZ2wI5I6SucLb2
cDAxWZ7v/reZ6/7tZH1MgmUvpgU5czcFoeJ1jk06D/96ypOpMgVOnIW0Q64caDN2
1t7LmHb2eBudpO4hHGL0aFEqKHCHtIJVkRhQ2+qBT+aoss00QwKyZDfCgesKu6pj
IpgMFsTraIsYouqCxudpZ/oXQBNWzCJJjONA3d9m6caHpHpCjaSrq+q1nM74QFcp
Zep8hNQDJKLliZwtq8AUX/YzLhjhJiSQ46ak4ryPgozLDf69l+vnCGWNjLVbuhK1
d83nuP99u5oltTD1R9NAviPtT8vEzYt0NECe71OuV/0k+fIiP+j86NqQZChexMr/
+Dq036wtdsSJaPoYsoZ1m47efpQkQE5w0k4bGb0rLjCbWWQIWNi93UB4A8vpdRM1
JOu8Y4GBij8jxaS0414P086RmdM6GWV0KblA0vWEobaAZflD2PD/psnJOrmFImsX
owzjmvbjdiHOzDohzX8i/2vMobeWSimnUMl78YDDiCatDoE//tT6qvutdI7kEZNW
5PaFpuTAhoCheCmL03UvNNdD7M3wWy2lSYAojMAWSP6GplhLx6k=
=pTSX
-----END PGP SIGNATURE-----
Alexander Bokovoy (1):
IPA DC: add missing checks
Andrew Bartlett (6):
CVE-2020-25717: s3:auth: Fallback to a SID/UID based mapping if the named based lookup fails
CVE-2021-3670 ldb: Confirm the request has not yet timed out in ldb filter processing
CVE-2021-3670 ldap_server: Remove duplicate print of LDAP search details
CVE-2021-3670 dsdb/anr: Do a copy of the potentially anr query before starting to modify it
CVE-2021-3670 ldap_server: Clearly log LDAP queries and timeouts
dsdb: Use DSDB_SEARCH_SHOW_EXTENDED_DN when searching for the local replicated object
Jeremy Allison (8):
s3: smbd: Add two tests showing recursive directory delete of a directory containing veto file and msdfs links over SMB2.
s3: smbd: Add two tests showing the ability to delete a directory containing a dangling symlink over SMB2 depends on "delete veto files" setting.
s3: VFS: streams_depot. Allow unlinkat to cope with dangling symlinks.
s3: VFS: xattr_tdb. Allow unlinkat to cope with dangling symlinks.
s3: smbd: Fix rmdir_internals() to do an early return if lp_delete_veto_files() is not set.
s3: smbd: Fix logic in rmdir_internals() to cope with dangling symlinks.
s3: smbd: Fix logic in can_delete_directory_fsp() to cope with dangling symlinks.
s3: docs-xml: Clarify the "delete veto files" paramter.
Joseph Sutton (7):
CVE-2020-25717: tests/krb5: Add method to automatically obtain server credentials
CVE-2020-25717: nsswitch/nsstest.c: Lower 'non existent uid' to make room for new accounts
CVE-2020-25717: selftest: turn ad_member_no_nss_wb into ad_member_idmap_nss
CVE-2020-25717: tests/krb5: Add a test for idmap_nss mapping users to SIDs
CVE-2021-3670 tests/krb5/test_ldap.py: Add test for LDAP timeouts
CVE-2021-3670 ldap_server: Set timeout on requests based on MaxQueryDuration
CVE-2021-3670 ldap_server: Ensure value of MaxQueryDuration is greater than zero
Jule Anger (2):
WHATSNEW: Add release notes for Samba 4.14.11.
VERSION: Disable GIT_SNAPSHOT for the 4.14.11 release.
Ralph Boehme (9):
lib: add NTTIME_THAW
lib: fix null_nttime() tests
lib: use NTTIME_FREEZE in a null_nttime() test
lib: update null_nttime() of -1: -1 is NTTIME_FREEZE
lib: add a test for null_nttime(NTTIME_THAW)
torture: add a test for NTTIME_FREEZE and NTTIME_THAW
lib: handle NTTIME_THAW in nt_time_to_full_timespec()
CVE-2020-25717: s3-auth: fix MIT Realm regression
smbd: s3-dsgetdcname: handle num_ips == 0
Stefan Metzmacher (11):
VERSION: Bump version up to Samba 4.14.11...
s3:winbindd: fix "allow trusted domains = no" regression
CVE-2020-25727: idmap_nss: verify that the name of the sid belongs to the configured domain
s3:smbd: remove dead code from smbd_smb2_request_dispatch()
libcli/smb: split out smb2cli_raw_tcon* from smb2cli_tcon*
s4:torture/smb2: add smb2.ioctl.bug14788.VALIDATE_NEGOTIATE
smb2_server: make sure in_ctl_code = IVAL(body, 0x04); reads valid bytes
smb2_server: decouple IOCTL check from signing/encryption states
smb2_server: skip tcon check and chdir_current_service() for FSCTL_VALIDATE_NEGOTIATE_INFO
smb2_ioctl: return BUFFER_TOO_SMALL in smbd_smb2_request_ioctl_done()
smb2_server: don't let SMB2_OP_IOCTL force FILE_CLOSED for invalid file ids
-----------------------------------------------------------------------
--
Samba Shared Repository
More information about the samba-cvs
mailing list