[SCM] Samba Shared Repository - annotated tag ldb-2.7.2 created

Wed Mar 29 13:52:04 UTC 2023

The annotated tag, ldb-2.7.2 has been created
        at  928e39c84c55a6bf36d7b77d7657495575bd33f0 (tag)
   tagging  12617e0ec483d9308714e6e6f2f3ad8c69adeec6 (commit)
  replaces  samba-4.18.0
 tagged by  Jule Anger
        on  Wed Mar 29 15:45:36 2023 +0200

- Log -----------------------------------------------------------------
ldb: tag release ldb-2.7.2
-----BEGIN PGP SIGNATURE-----

iQEzBAABCgAdFiEEkUejOXGVGO6QEby1R5ORYRMIQCUFAmQkQQAACgkQR5ORYRMI
QCW/5QgAitkiKnnY0WdBdfpMF1nJ7XV68199C3kFJmKA/M85BgUIhzhnhfY4tuGi
8ZLnodb2pL4/FLNvD/P/BocTRnc5bmKfoK/WtBOamWbNxV82so2QC2aYNK+oF9OU
RRnK8786GEYtBTM49qskhVCh9filWcSKpacYhh60UJUCYJBorXZLXf+ngyphIxCf
VOQC61KpaQ56IKIbzWBogbhTYk3byfLikSzPC4Ppc/gRERJdH7aHifXZvvwBZ+Ex
zMQLG127jgc9DXRl2idAyRuqegnqnlg9LnJocCd77MBThM408v3C+nqnA5nlStZS
M683KcZ4Frak8gdUDcgfNd9gttyUQQ==
=tyz1
-----END PGP SIGNATURE-----

Andrew Bartlett (8):
      CVE-2023-0614 lib/ldb: Avoid allocation and memcpy() for every wildcard match candidate
      CVE-2023-0614 selftest: Use setUpClass() to reduce "make test TESTS=large_ldap" time
      CVE-2023-0614 dsdb: Alter timeout test in large_ldap.py to be slower by matching on large objects
      CVE-2023-0614 dsdb: Add DSDB_MARK_REQ_UNTRUSTED
      CVE-2023-0614 dsdb: Add pre-cleanup and self.addCleanup() of OU created in match_rules tests
      CVE-2023-0614 lib/ldb-samba: Add test for SAMBA_LDAP_MATCH_RULE_TRANSITIVE_EVAL / LDAP_MATCHING_RULE_IN_CHAIN with and ACL hidden attributes
      CVE-2023-0614 lib/ldb-samba Ensure ACLs are evaluated on SAMBA_LDAP_MATCH_RULE_TRANSITIVE_EVAL / LDAP_MATCHING_RULE_IN_CHAIN
      CVE-2023-0614 ldb: Release LDB 2.7.2

Joseph Sutton (27):
      CVE-2023-0614 libcli/security: Make some parameters const
      CVE-2023-0614 s4:dsdb: Use talloc_get_type_abort() more consistently
      CVE-2023-0614 s4-acl: Make some parameters const
      CVE-2023-0614 ldb: Add functions for handling inaccessible message elements
      CVE-2023-0614 s4-acl: Use ldb functions for handling inaccessible message elements
      CVE-2023-0614 ldb:tests: Ensure ldb_val data is zero-terminated
      CVE-2023-0614 ldb:tests: Ensure all tests are accounted for
      CVE-2023-0614 ldb: Add function to take ownership of an ldb message
      CVE-2023-0614 ldb: Add function to remove excess capacity from an ldb message
      CVE-2023-0614 ldb: Add function to add distinguishedName to message
      CVE-2023-0614 ldb: Add function to filter message in place
      CVE-2023-0614 ldb: Make ldb_filter_attrs_in_place() work in place
      CVE-2023-0614 ldb: Make use of ldb_filter_attrs_in_place()
      CVE-2023-0614 s4:dsdb/extended_dn_in: Don't modify a search tree we don't own
      CVE-2023-0614 s4:dsdb:tests: Fix <GUID={}> search in confidential attributes test
      CVE-2023-0614 schema_samba4.ldif: Allocate previously added OID
      CVE-2023-0614 tests/krb5: Add test for confidential attributes timing differences
      CVE-2023-0614 ldb: Add ldb_parse_tree_get_attr()
      CVE-2023-0614 s4-acl: Split out logic to remove access checking attributes
      CVE-2023-0614 s4-dsdb: Add samdb_result_dom_sid_buf()
      CVE-2023-0614 s4-acl: Split out function to set up access checking variables
      CVE-2023-0614 ldb: Prevent disclosure of confidential attributes
      CVE-2023-0614 s4-acl: Avoid calling dsdb_module_am_system() if we can help it
      CVE-2023-0614 ldb: Use binary search to check whether attribute is secret
      CVE-2023-0614 ldb: Centralise checking for inaccessible matches
      CVE-2023-0614 ldb: Filter on search base before redacting message
      CVE-2023-0614 s4-dsdb: Treat confidential attributes as unindexed

Jule Anger (1):
      VERSION: Bump version up to Samba 4.18.1...

-----------------------------------------------------------------------


-- 
Samba Shared Repository