[SCM] Samba Shared Repository - branch v4-12-stable updated
Karolin Seeger
kseeger at samba.org
Wed Mar 24 10:16:23 UTC 2021
The branch, v4-12-stable has been updated
via 94c36535bfd WHATSNEW: Add release notes for Samba 4.12.14.
from c7627de2c65 VERSION: Bump version for Samba 4.12.14 release.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-stable
- Log -----------------------------------------------------------------
commit 94c36535bfd4d25654cea80e1296a78f22cc2e71
Author: Karolin Seeger <kseeger at samba.org>
Date: Wed Mar 24 11:15:31 2021 +0100
WHATSNEW: Add release notes for Samba 4.12.14.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
-----------------------------------------------------------------------
Summary of changes:
WHATSNEW.txt | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 62 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 21db21b8de0..f3c64a7050c 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,64 @@
+ ===============================
+ Release Notes for Samba 4.12.14
+ March 24, 2021
+ ===============================
+
+
+This is a follow-up release to depend on the correct ldb version. This is only
+needed when building against a system ldb library.
+
+This is a security release in order to address the following defects:
+
+o CVE-2020-27840: Heap corruption via crafted DN strings.
+o CVE-2021-20277: Out of bounds read in AD DC LDAP server.
+
+
+=======
+Details
+=======
+
+o CVE-2020-27840:
+ An anonymous attacker can crash the Samba AD DC LDAP server by sending easily
+ crafted DNs as part of a bind request. More serious heap corruption is likely
+ also possible.
+
+o CVE-2021-20277:
+ User-controlled LDAP filter strings against the AD DC LDAP server may crash
+ the LDAP server.
+
+For more details, please refer to the security advisories.
+
+
+Changes since 4.12.13
+---------------------
+
+o Release with dependency on ldb version 2.1.5.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
+
===============================
Release Notes for Samba 4.12.13
March 24, 2021
@@ -58,8 +119,7 @@ database (https://bugzilla.samba.org/).
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
===============================
--
Samba Shared Repository
More information about the samba-cvs
mailing list