[SCM] Samba Shared Repository - branch v4-13-stable updated
Karolin Seeger
kseeger at samba.org
Wed Mar 24 10:02:36 UTC 2021
The branch, v4-13-stable has been updated
via bf1d38a7a16 WHATSNEW: Add release notes for Samba 4.13.7.
from 2afbb6d42e6 VERSION: Bump version for Samba 4.13.7 release.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-13-stable
- Log -----------------------------------------------------------------
commit bf1d38a7a1624fd75eb763f8bc55733016b6f607
Author: Karolin Seeger <kseeger at samba.org>
Date: Wed Mar 24 10:59:29 2021 +0100
WHATSNEW: Add release notes for Samba 4.13.7.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
-----------------------------------------------------------------------
Summary of changes:
WHATSNEW.txt | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 62 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 4083894bcbb..7df21d367c1 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,64 @@
+ ==============================
+ Release Notes for Samba 4.13.7
+ March 24, 2021
+ ==============================
+
+
+This is a follow-up release to depend on the correct ldb version. This is only
+needed when building against a system ldb library.
+
+This is a security release in order to address the following defects:
+
+o CVE-2020-27840: Heap corruption via crafted DN strings.
+o CVE-2021-20277: Out of bounds read in AD DC LDAP server.
+
+
+=======
+Details
+=======
+
+o CVE-2020-27840:
+ An anonymous attacker can crash the Samba AD DC LDAP server by sending easily
+ crafted DNs as part of a bind request. More serious heap corruption is likely
+ also possible.
+
+o CVE-2021-20277:
+ User-controlled LDAP filter strings against the AD DC LDAP server may crash
+ the LDAP server.
+
+For more details, please refer to the security advisories.
+
+
+Changes since 4.13.6
+--------------------
+
+o Release with dependency on ldb version 2.2.1.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
+
==============================
Release Notes for Samba 4.13.6
March 24, 2021
@@ -58,8 +119,7 @@ database (https://bugzilla.samba.org/).
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
==============================
--
Samba Shared Repository
More information about the samba-cvs
mailing list