[SCM] Samba Shared Repository - annotated tag samba-4.17.5 created

Thu Jan 26 17:48:13 UTC 2023

The annotated tag, samba-4.17.5 has been created
        at  9b4d0aeebae1ac027af7360caf91bdf05462c9d5 (tag)
   tagging  420b9e67870c41023fe89bdf9b4e99b61120b0cc (commit)
  replaces  samba-4.17.4
 tagged by  Jule Anger
        on  Thu Jan 26 18:46:16 2023 +0100

- Log -----------------------------------------------------------------
samba: tag release samba-4.17.5
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEgfXigyvSVFoYl7cTqplEL7aAtiAFAmPSvGgACgkQqplEL7aA
tiAf/xAAj8BGpktxIl4xkBrZ87Lv7Gnf1h47SWDqnPjvuw7Y7CGF6I/7/ZgWR0Yb
UV+rs3vtBVxyhv6EDRUd50ba5MIOiFXV0pz/7SzPLf15n9m/YUzYKdpaUGXXJiJo
vA/GoYihfVBRz3Y1NSVwq09dcC1hPdP76WqIU8qfKmXGYBIg8exmD5bKLDK355hC
KFzVEodvss0LLT2Knp1gwB9GPKmc6vRM9GUlA6mQ0VPxZXjLIASMXAoPAtHN7BWp
BPy6+0qEFWl80Z9hQBGj5JrES8gNTRscfC+0YG/q9vu2kuGWCKGKeeNZdXeg9Ei9
vpgIHt/u31sMHaTZQKd1QQNtSvFxkZPX33Vv+Y1Sqdvr2J7fo4cNbri9aB24W4CW
CuqjYoBKj57BlsNkTjC6ulDthcAbU0MBXQVnNC+k/OwSQaQbMY5hWQvYCyjYrC/l
7zA3uOm7iq61XwT5jduBDF88LdkDRTQ8sfFPaPJxtGpY07M7ipky5PbIQH3hONvu
l8Q6wrGKeiYD92F/IbXETpE3plCDeCOQvKgQqDo90+QmfASkBYuoMldoRRfuryzG
Ke3Z1ToVrD1kL3yNHNgLoaqWTVocrvXegWHudlfdb/3sqTlwOpVARTzWFHP3a0My
elQYcQPOmKNDUrBb9EGOUtJWWuqQcdP1nXayLkgs3N8AjWNfPac=
=kKr1
-----END PGP SIGNATURE-----

Andreas Schneider (2):
      s3:script: Improve test_chdir_cache.sh
      s3:client: Fix a use-after-free issue in smbclient

Andrew (1):
      rpc_server:srvsvc - retrieve share ACL via root context

Andrew Walker (3):
      s3:params:lp_do_section - protect against NULL deref
      nsswitch:libwbclient - fix leak in wbcCtxPingDc2
      lib/replace - add extra check to bsd_attr_list

Florian Weimer (3):
      buildtools/wafsamba: Avoid calling lib_func without a prototype
      source3/wscript: Fix detection of major/minor macros
      source3/wscript: Remove implicit int and implicit function declarations

Jeremy Allison (13):
      s3: smbd: Strip any leading '\\' characters if the SMB2 DFS flag is set.
      s4: torture: Show return value for smbc_getxattr() is incorrect (returns >0 for success, should return zero).
      s3: libsmbclient: Fix smbc_getxattr() to return 0 on success.
      s4: torture: Add an async SMB2_OP_FLUSH + SMB2_OP_CLOSE test to smb2.compound_async.
      s4: torture: Add an async SMB2_OP_FLUSH + SMB2_OP_FLUSH test to smb2.compound_async.
      s3: smbd: Add utility function smbd_smb2_is_last_in_compound().
      s3: smbd: Cause SMB2_OP_FLUSH to go synchronous in a compound anywhere but the last operation in the list.
      s3: smbd: In synthetic_pathref() change DBG_ERR -> DBG_NOTICE to avoid spamming the logs.
      s4: libcli: Ignore errors when getting A records after fetching AAAA records.
      selftest: Show vfs_virusscanner crashes when traversing a 2-level directory tree.
      s3: smbd: Tweak openat_pathref_dirfsp_nosymlink() to NULL out fsp->fsp_name after calling fd_close() on intermediate directories, rather than before.
      s3: smbd: Add test to show smbd crashes when doing an FSCTL on a named stream handle.
      s3: smbd: Always use metadata_fsp() when processing fsctls.

Jones Syue (1):
      s3:smbstatus: go to cmdline_messaging_context_free

Jule Anger (3):
      VERSION: Bump version up to Samba 4.17.5...
      WHATSNEW: Add release notes for Samba 4.17.5.
      VERSION: Disable GIT_SNAPSHOT for the 4.17.5 release.

Samuel Cabrero (9):
      CVE-2022-38023 s3:rpc_server/netlogon: 'server schannel != yes' warning to dcesrv_interface_netlogon_bind
      CVE-2022-38023 selftest:Samba3: avoid global 'server schannel = auto'
      CVE-2022-38023 s4:rpc_server:wscript: Reformat following pycodestyle
      CVE-2022-38023 s4:rpc_server/netlogon: Move schannel and credentials check functions to librpc
      CVE-2022-38023 s3:rpc_server/netlogon: Use dcesrv_netr_creds_server_step_check()
      CVE-2022-38023 s3:rpc_server/netlogon: make sure all _netr_LogonSamLogon*() calls go through dcesrv_netr_check_schannel()
      CVE-2022-38023 s3:rpc_server/netlogon: Check for global "server schannel require seal"
      CVE-2022-38023 docs-xml/smbdotconf: The "server schannel require seal[:COMPUTERACCOUNT]" options are also honoured by s3 netlogon server.
      CVE-2022-38023 s3:rpc_server/netlogon: Avoid unnecessary loadparm_context allocations

Stefan Metzmacher (4):
      selftest: add samba3.blackbox.registry_share
      s3:rpc_server/srvsvc: make sure we (re-)load all shares as root.
      s4:lib/messaging: fix interaction between imessaging_context_destructor and irpc_destructor
      s3:auth: call wbcFreeMemory(info) in auth3_generate_session_info_pac()

Volker Lendecke (2):
      ctdb: Fix a use-after-free in run_proc
      testprogs: Add testit_grep_count() helper

-----------------------------------------------------------------------


-- 
Samba Shared Repository