[SCM] Samba Shared Repository - annotated tag samba-4.15.9 created

Jule Anger janger at samba.org
Wed Jul 27 10:00:20 UTC 2022 

The annotated tag, samba-4.15.9 has been created
        at  942fa02ef7c41d80de299b0f035ca162467cf1c8 (tag)
   tagging  c8fc01ca36445e87c3e503026a446416d66cd1bf (commit)
  replaces  ldb-2.4.4
 tagged by  Jule Anger
        on  Wed Jul 27 09:25:35 2022 +0200

- Log -----------------------------------------------------------------
samba: tag release samba-4.15.9
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEgfXigyvSVFoYl7cTqplEL7aAtiAFAmLg6G8ACgkQqplEL7aA
tiA/3Q//R0Bs4nuSJQP1vj+kCRgCr4/5RwSqG5GUeJGxNrCgB14GZQiiWLX74Obd
i03tjCTda1KMsBqxGFx9K3S0T39xWs3eW9ULXt/MAYb6mwYP1ExivQBBbYR5rNfW
9E9U2RA+gU6clbxPIvdQwAR7YICfgPY2sjYj0zzIhe0HtEfXE3CI8QXTDbIfxuxP
CLgnO4Bm0aJHKMd/aH6Ajb32Ml7UEj/oJQ4etU9g/DlY9zrj+JvfOAPYEQ6W+0H8
ZKuDvq2h1qjYpMq7D5VSyyi6lS0pxKG86DGYrWxwy+hempRj2k8jHefIb6KmnZAr
leJOIomBLv4T+LMfuamxoIr411RooDpi99Yw5ddhhjHCRrzhr/7Go6ImMOupG7/4
M0trrmO1Q1qvmYRY3Rp2XBtHBjiotAP3yhUvTfvLj3Dc9wTRRd89/jz6QSqRa5t7
9O+aGAqX87zV+LV0eO8FDlsiB1IQEOPRYTDyVqSKnR9PO3sCIlV6VPYT1grypHGV
JMaMniheZgkcxzb6z7Rx+NVNwBOcyvpMOwRIH5Uu9nHJAWb7l7mOSCVDe3ym2UJt
SbRFMQW+Vpk1eaKXMHrG8FlPu9Uw0U5O6QIgSSj0VvFKDPNubWoF2Fp2sugnAZ8N
btBm1phP6OrndNZSvI5v4jRjI7sEQmx7DnHJUWOgMjAY/0CzNZo=
=cAqD
-----END PGP SIGNATURE-----

Andreas Schneider (4):
      s4:kdc: Also cannoicalize krbtgt principals when enforcing canonicalization
      CVE-2022-2031 testprogs: Fix auth with smbclient and krb5 ccache
      CVE-2022-2031 testprogs: Add kadmin/changepw canonicalization test with MIT kpasswd
      CVE-2022-2031 s4:kdc: Implement is_kadmin_changepw() helper function

Isaac Boukris (1):
      s4:mit-kdb: Force canonicalization for looking up principals

Jeremy Allison (2):
      CVE-2022-32742: s4: torture: Add raw.write.bad-write test.
      CVE-2022-32742: s3: smbd: Harden the smbreq_bufrem() macro.

Joseph Sutton (78):
      CVE-2022-32745 s4/dsdb/samldb: Check for empty values array
      CVE-2022-32745 s4/dsdb/util: Use correct value for loop count limit
      CVE-2022-32745 s4/dsdb/util: Don't call memcpy() with a NULL pointer
      CVE-2022-32745 s4/dsdb/util: Correctly copy values into message element
      selftest: Check received LDB error code when STRICT_CHECKING=0
      tests/krb5: Remove unused variable
      tests/krb5: Deduplicate AS-REQ tests
      tests/krb5: Run test_rpc against member server
      tests/krb5: Allow PasswordKey_create() to use s2kparams
      tests/krb5: Split out methods to create renewable or invalid tickets
      tests/krb5: Adjust error codes to better match Windows with PacRequestorEnforcement=2
      tests/krb5: Remove unnecessary expect_pac arguments
      tests/krb5: Add tests for invalid TGTs
      tests/krb5: Add tests for TGS requests with a non-TGT
      tests/krb5: Add TGS-REQ tests with FAST
      tests/krb5: Align PAC buffer checking to more closely match Windows with PacRequestorEnforcement=2
      tests/krb5: Add tests for validation with requester SID PAC buffer
      tests/krb5: Add comments for tests that fail against Windows
      heimdal:kdc: Fix error message for user-to-user
      s4:torture: Fix typo
      heimdal:kdc: Adjust no-PAC error code to match Windows
      kdc: Adjust SID mismatch error code to match Windows
      tests/krb5: Add test for S4U2Self with wrong sname
      kdc: Match Windows error code for mismatching sname
      kdc: Always add the PAC if the header TGT is from an RODC
      tests/krb5: Add tests for renewal and validation of RODC TGTs with PAC requests
      Revert "CVE-2020-25719 s4/torture: Expect additional PAC buffers"
      kdc: Don't include extra PAC buffers in service tickets
      kdc: Remove PAC_TYPE_ATTRIBUTES_INFO from RODC-issued tickets
      tests/krb5: Add a test for S4U2Self with no authorization data required
      heimdal:kdc: Always generate a PAC for S4U2Self
      selftest: Properly check extra PAC buffers with Heimdal
      heimdal:kdc: Do not generate extra PAC buffers for S4U2Self service ticket
      kdc: Require that PAC_REQUESTER_SID buffer is present for TGTs
      kdc: Canonicalize realm for enterprise principals
      tests/krb5: Correctly determine whether tickets are service tickets
      tests/krb5: Add helper function to modify ticket flags
      selftest: Simplify krb5 test environments
      CVE-2022-2031 s4:kdc: Add MIT support for ATTRIBUTES_INFO and REQUESTER_SID PAC buffers
      heimdal:kdc: Accommodate NULL data parameter in krb5_pac_get_buffer()
      CVE-2022-2031 s4:kpasswd: Account for missing target principal
      CVE-2022-2031 s4:kpasswd: Add MIT fallback for decoding setpw structure
      CVE-2022-32744 tests/krb5: Correctly handle specifying account kvno
      CVE-2022-2031 tests/krb5: Split out _make_tgs_request()
      CVE-2022-32744 tests/krb5: Correctly calculate salt for pre-existing accounts
      CVE-2022-2031 tests/krb5: Add new definitions for kpasswd
      CVE-2022-2031 tests/krb5: Add methods to create ASN1 kpasswd structures
      CVE-2022-2031 tests/krb5: Add 'port' parameter to connect()
      CVE-2022-2031 tests/krb5: Add methods to send and receive generic messages
      tests/krb5: Fix enum typo
      tests/krb5: Add option for creating accounts with expired passwords
      CVE-2022-2031 tests/krb5: Allow requesting a TGT to a different sname and realm
      CVE-2022-2031 tests/krb5: Add kpasswd_exchange() method
      CVE-2022-32744 selftest: Specify Administrator kvno for Python krb5 tests
      CVE-2022-2031 tests/krb5: Add tests for kpasswd service
      CVE-2022-2031 s4:kpasswd: Correctly generate error strings
      CVE-2022-2031 s4:kpasswd: Don't return AP-REP on failure
      CVE-2022-2031 lib:krb5_wrap: Generate valid error codes in smb_krb5_mk_error()
      CVE-2022-2031 s4:kpasswd: Return a kpasswd error code in KRB-ERROR
      CVE-2022-2031 gensec_krb5: Add helper function to check if client sent an initial ticket
      CVE-2022-2031 s4:kpasswd: Require an initial ticket
      s4:kpasswd: Restructure code for clarity
      CVE-2022-2031 s4:kdc: Split out a samba_kdc_get_entry_principal() function
      CVE-2022-2031 s4:kdc: Refactor samba_kdc_get_entry_principal()
      CVE-2022-2031 s4:kdc: Fix canonicalisation of kadmin/changepw principal
      CVE-2022-2031 s4:kdc: Limit kpasswd ticket lifetime to two minutes or less
      CVE-2022-2031 s4:kdc: Reject tickets during the last two minutes of their life
      CVE-2022-2031 tests/krb5: Test truncated forms of server principals
      CVE-2022-2031 s4:kdc: Don't use strncmp to compare principal components
      CVE-2022-32744 s4:kdc: Rename keytab_name -> kpasswd_keytab_name
      s4:kdc: Remove kadmin mode from HDB plugin
      CVE-2022-32744 s4:kdc: Modify HDB plugin to only look up kpasswd principal
      CVE-2022-32744 s4:kpasswd: Ensure we pass the kpasswd server principal into krb5_rd_req_ctx()
      CVE-2022-2031 tests/krb5: Add test that we cannot provide a TGT to kpasswd
      CVE-2022-2031 auth: Add ticket type field to auth_user_info_dc and auth_session_info
      CVE-2022-2031 s4:auth: Use PAC to determine whether ticket is a TGT
      CVE-2022-2031 s4:kpasswd: Do not accept TGTs as kpasswd tickets
      CVE-2022-2031 testprogs: Add test for short-lived ticket across an incoming trust

Jule Anger (2):
      WHATSNEW: Add release notes for Samba 4.15.9.
      VERSION: Disable GIT_SNAPSHOT for the 4.15.9 release.

-----------------------------------------------------------------------


-- 
Samba Shared Repository

More information about the samba-cvs mailing list