[SCM] Samba Shared Repository - annotated tag samba-4.14.13 created
Jule Anger
janger at samba.org
Mon Apr 4 12:48:39 UTC 2022
The annotated tag, samba-4.14.13 has been created
at 27559685f2f44c0575cee1fdcc22ee7da3814177 (tag)
tagging 744c4b0cc6955aab275da3f8cacee3d89d82d455 (commit)
replaces ldb-2.3.3
tagged by Jule Anger
on Mon Apr 4 14:48:16 2022 +0200
- Log -----------------------------------------------------------------
samba: tag release samba-4.14.13
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEgfXigyvSVFoYl7cTqplEL7aAtiAFAmJK6RAACgkQqplEL7aA
tiAANQ//R+Ph+1CMk2aDGg3UkYvdikD7O6ZwzacA2931+M/jY41RhaLFEvm10PlF
Kk/wKZ+nO8+KL5uYX0roAN/+e6gRoXT3JOEs/JHrVhe8EPwsbn0Y9JfdNnmQoL5D
nGqhAKLub/G5VXPT+onji+A7l5KCDk4d/8zjE6piDKWX0x5GDcXvy3Rvziozrs1h
JAZR38kEdjgN4vbcSOEXXqRFg4CVJPeI1oQ20wIN2jnMmGYeZRuLwMq7IfTvJP4b
mI7GTycHkU0iOeV8Gwl8NWHQScO/4y4Dw7Ug1Ei+PW7OJL/7PBrCKZ1rghMBHPPj
orUwaXTXrj0+AR2/yR8BapaUL6q0zFacrawNoLHkMeeJXZx7GImY4UZxBJe1eWd+
oeX53+FUprGG4X5fDWZ/U9FT/a9MHSA+0QAnrT6u2bNuU8tq9OhAfc7CgWW5QZZX
kcjHk2KcB7pgu2W19XrcJDVnZo8n7CohJ6zjNc5pnO4o8dPuSCD7eJZ01YEOjvnX
lUrkMdXfnqgZSuAPLN2D1R2/6U5oL9kWvNLx2Rsnv/oD+i4dbi7mvx5P4oBmTJy+
SaltjllnucjYcpDm8cqq5ISDQDvmBI4OIqtoirZBgMzeMtHanfbFnUJ7a1feTL3p
VmhyeB2M68qoa9+sFVl3cmXUtppbhQlBMPNG+MmkRAXovHdZ8AA=
=KsQh
-----END PGP SIGNATURE-----
Andreas Schneider (1):
builtools: Make abi_gen.sh less prone to errors
Andrew Bartlett (1):
WHATSNEW: Mention our matrix room as well
Björn Jacke (2):
readlink test: inverse return code
waf: re-add missing readlink test
Douglas Bagnall (2):
pytest:auth_log: expect TLS connections when using ldaps
s4/auth/simple_bind: correctly report TLS state
Elia Geretto (1):
s3:libsmb: Fix errno for failed authentication in SMBC_server_internal()
Garming Sam (1):
rodc: Add tests for simple BIND alongside NTLMSSP binds
Jeremy Allison (13):
s4: test: Add samba4.libsmbclient.rename test. Currently fails for SMB3.
lib: libsmbclient: Ensure cli_rename() always sets cli->raw_status.
s3: tests: Add a new test test_msdfs_hardlink() that does simple hardlinks on MSDFS root shares.
s3: tests: Add a new test test_msdfs_rename() that does simple renames on MSDFS root shares.
s3: libsmb: Add cli_dfs_target_check() function.
s3: libsmb: Call cli_dfs_target_check() from cli_smb2_hardlink_send().
s3: libsmb: Call cli_dfs_target_check() from cli_ntrename_internal_send().
s3: libsmb: Call cli_dfs_target_check() from cli_smb1_rename_send().
s3: libsmb: Call cli_dfs_target_check() from cli_cifs_rename_send().
s3: libsmb: Call cli_dfs_target_check() from cli_smb2_rename_send().
s4: torture: Add new SMB2 lease test test_lease_duplicate_create().
s4: torture: Add new SMB2 lease test test_lease_duplicate_open().
s3: smbd: Fix our leases code to return the correct error in the non-dynamic share case.
Joseph Sutton (3):
CVE-2022-0336: pytest: Add a test for an SPN conflict with a re-added SPN
CVE-2022-0336: s4/dsdb/samldb: Don't return early when an SPN is re-added to an object
provision: Decrease the length of random machine passwords
Jule Anger (6):
WHATSNEW: Add release notes for Samba 4.14.12.
VERSION: Disable GIT_SNAPSHOT for the 4.14.12 release.
Merge tag 'samba-4.14.12' into v4-14-test
VERSION: Bump version up to Samba 4.14.13...
WHATSNEW: Add release notes for Samba 4.14.13.
VERSION: Disable GIT_SNAPSHOT for the 4.14.13 release.
Pavel Filipenský (5):
s3:modules: Implement dummy virus scanner that uses filename matching
docs-xml:manpages: Document 'dummy' virusfilter and 'virusfilter:infected files'
selftest: Fix trailing whitespace in Samba3.pm
s3:selftest: Add test for virus scanner
s3:modules: Fix virusfilter_vfs_openat
Ralph Boehme (7):
CVE-2021-44142: libadouble: add defines for icon lengths
CVE-2021-44142: smbd: add Netatalk xattr used by vfs_fruit to the list of private Samba xattrs
CVE-2021-44142: libadouble: harden ad_unpack_xattrs()
CVE-2021-44142: libadouble: add basic cmocka tests
CVE-2021-44142: libadouble: harden parsing code
s3/libads: simplify storing existing ads->ldap.ss
s3/libads: ensure a sockaddr variable is correctly zero initialized
Samuel Cabrero (6):
s3:libads: Fix memory leak in kerberos_return_pac() error path
lib:krb5_wrap: Improve debug message and use newer debug macro
lib:krb5_wrap: Fix wrong debug message and use newer debug macro
s3:libads: Return canonical principal and realm from kerberos_return_pac()
s3:winbind: Store canonical principal and realm in ccache entry
s3:winbind: Use the canonical principal name to renew the credentials
Stefan Metzmacher (50):
s4:torture/rpc: test how CSDVersion="" wipes operatingSystemServicePack
s4:rpc_server/netlogon: let CSDVersion="" wipe operatingSystemServicePack
s4:dsdb/paged_results: fix segfault in paged_results()
s4:dsdb/vlv_pagination: fix segfault in vlv_results()
dcesrv_core: wrap gensec_*() calls in [un]become_root() calls
lib/util: split out a dump_data_block16() helper
blackbox.ndrdump: adjust example files to changed dump_data() output.
lib/util: add dump_data_diff*() helpers
ndrdump: make use of dump_data_file_diff() in order to show differences
blackbox.ndrdump: adjust example files to the usage of dump_data_diff output.
s4:torture/ndr: demonstrate the ndr_push_string(STR_NOTERM|REMAINING) of "" is wrong
librpc/ndr: let ndr_push_string() let s_len == 0 result in d_len = 0
blackbox.ndrdump: fix test_ndrdump_fuzzed_NULL_struct_ntlmssp_CHALLENGE_MESSAGE test
selftest/quick: add smb2.session
libcli/smb: fix error checking in smb2_signing_decrypt_pdu() invalid ptext_len
libcli/smb: let smb2_signing_decrypt_pdu() cope with gnutls_aead_cipher_decrypt() ptext_len bug
s4:sam: Don't use talloc_steal for msg attributes in authsam_make_user_info_dc()
provision: use 120 characters for the dns account password
upgradehelpers.py: let update_machine_account_password() use 120 character passwords
provision: add a comment that the value of krbtgtpass is ignored in the backend
upgradehelpers.py: add a comment to update_krbtgt_account_password()
s3:trusts_utils: use a password length of 120 for machine accounts
python:tests: let insta_creds() also copy the bind_dn from the template
dsdb/tests: passwords.py don't need to import BasePasswordTestCase
dsdb/tests: let all BasePasswordTestCase tests provide self.host_url[_ldaps]
dsdb/tests: make use of assertLoginFailure helper
dsdb/tests: introduce assertLoginSuccess
dsdb/tests: prepare BasePasswordTestCase for simple bind tests
dsdb/tests: add test_login_basics_simple()
s3:auth: let make_user_info_netlogon_interactive() set USER_INFO_INTERACTIVE_LOGON
s4:auth_sam: use USER_INFO_INTERACTIVE_LOGON as inducation for an interactive logon
s3:rpc_client: let rpccli_netlogon_network_logon() fallback to workstation = lp_netbios_name()
s4:auth: a simple bind uses the DCs name as workstation
s4:auth: encrypt_user_info() should set password_state instead of mapped_state
auth/ntlmssp: don't set mapped_state explicitly in auth_usersupplied_info
s4:smb_server: don't set mapped_state explicitly in auth_usersupplied_info
s4:dsdb: don't set mapped_state in auth_usersupplied_info for audit logging
s4:kdc: don't set mapped_state in auth_usersupplied_info for audit logging
s4:rpc_server/samr: don't set mapped_state in auth_usersupplied_info for audit logging
s4:auth: check for user_info->mapped.account_name if it needs to be filled
s4:auth: fix confusing DEBUG message in authsam_want_check()
s3:auth: make_user_info_map() should not set mapped_state
nsswitch: let test_wbinfo.sh also test wbinfo -a $USERNAME@$DOMAIN
winbindd: don't set mapped_state in winbindd_dual_auth_passdb()
s4:auth: rename user_info->mapped_state to user_info->cracknames_called
auth: let auth logging prefer user_info->orig_client.{account,domain}_name if available
s4:auth: let authenticate_ldap_simple_bind() pass down the mapped nt4names
HEIMDAL: allow HDB_AUTH_WRONG_PASSWORD to result in HDB_ERR_NOT_FOUND_HERE
s4:kdc: redirect pre-authentication failured to an RWDC
s4:kdc: strictly have 2 16-bit parts in krbtgt kvnos
Thomas Debesse (1):
WHATSNEW: IRC is irc.libera.chat according to https://www.samba.org/samba/irc.html
-----------------------------------------------------------------------
--
Samba Shared Repository
More information about the samba-cvs
mailing list