[SCM] Samba Shared Repository - annotated tag samba-4.19.8 created

Jule Anger janger at samba.org
Thu Aug 15 12:02:38 UTC 2024


The annotated tag, samba-4.19.8 has been created
        at  084fbf672ced46a582eddb6fcea6e8831b8e8915 (tag)
   tagging  204b0f2d2f7bcdfac41b96f499920c3980088665 (commit)
  replaces  samba-4.19.7
 tagged by  Jule Anger
        on  Thu Aug 15 14:02:02 2024 +0200

- Log -----------------------------------------------------------------
samba: tag release samba-4.19.8
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEgfXigyvSVFoYl7cTqplEL7aAtiAFAma97joACgkQqplEL7aA
tiBl3Q/7BJxRid5eaZMVs3LNNqm249jB821syGn69hT8tdch0Z97asBrCN8ExYV/
bAkvJMxfkDqVR/nRQ/abHuh79BYzu6heX9d5cM0yd6Z10RaVEO3V5jQAbYTeyQSN
QoWBpdbL7H4KkEMG2sb9o4aLsZMiaLvU/jO3kbyZCDdxGPHIs0X7sTmxV2898uhk
gFT/b99T0Eu2Nz/ZrQCvu5twDiq2L+RHCwGjf2vvgkOE0d24nRHu2bxw9xUEAMO5
zg1DIIpO1Grr6hROkYW+hNU6RbGw+z4vZEtuE4Tq6DPY/4xD9mYj5VS6szu9XgDj
cGMwxkHj/V82h32cneaCOa/XNZ833QCBA2rqW4ls7rSuuOHsxO9M1AMAzaCjAOHP
ljwXrl8hDb5zfMuCo13/2JSGVK/VYRchE0gFl08DKWFhf8GNtkM8HOitp/xiR67z
LvolDMxWu9XCYRtiYjrnVWjyWLXQMomFat1ZeKTMP7HVhWC9mrEPciwyWBgvPF1/
b8Q4B2MoNN9q9Vr4J0d/xdUvZicgmCR7yOgt4zcEtBAZXMh4j6mo2Xb3P/a8CUAw
wcaJnonbiExI1A6ikrcBg1IfjQ402njpLRuBPHIvHgf5NcaoCPgNFExvh+U33ZJ3
iNkORV+0aS+mDjSixzzx5WWGt0AyezWSfU3I9IgyQoTm5hBvMoI=
=h3mD
-----END PGP SIGNATURE-----

Andreas Schneider (8):
      bootstrap: Fix runner tags
      bootstrap: Set git safe.directory
      bootstrap: Fix building CentOS 8 Stream container images
      gitlab-ci: Set git safe.directory for devel repo
      third_party: Update uid_wrapper to version 1.3.1
      third_party: Update socket_wrapper to version 1.4.3
      gitlab-ci: Also add the git directory for pipeline in the main mirror
      wafsamba: Fix ABI symbol name generation

Andrew Bartlett (6):
      build: Add --vendor-name --vendor-patch-revision options to ./configure
      script/autobuild.py: Add test for --vendor-name and --vendor-patch-revision
      dsdb: Reduce minimum maxPwdAge from 1 day to nil
      python/tests/krb5: Prepare for PKINIT tests with UF_SMARTCARD_REQUIRED
      .gitlab-ci: Allow ext4 jobs to run on shared runners
      selftest: Allow MIT Krb5 1.21 to still start to fl2000dc

Douglas Bagnall (18):
      buildtools: sanitise strange characters in vendor strings
      build: --vendor-suffix instead of --vendor-patch-revision --vendor-name
      docs-xml:manpages: allow for longer version strings
      cmdline:burn: '-U' does not imply secrets without '%'
      selftest: run the cmdline tests that we already have
      cmdline:tests: extend cmdline_burn tests
      cmdline:burn: do not retain false memories
      cmdline:burn: handle arguments separated from their --options
      cmdline:burn: always return true if burnt
      cmdline:burn: localise some variables
      cmdline:burn: do not burn options starting --user-*, --password-*
      cmdline: test_cmdline tests more burning
      cmdline:burn: use allowlist to ensure more passwords burn
      cmdline:burn: explicitly burn --username
      cmdline:burn: add a note about short option combinations
      cmdline: samba-tool test for bad option warning
      cmdline:burn: list commands to always burn; warn on unknown
      libcli:security: allow spaces after BAD:

Günther Deschner (2):
      ctdb/ceph: Add optional namespace support for mutex helper
      ctdb/docs: Include ceph rados namespace support in man page

Jo Sutton (6):
      tests/krb5: Add method to perform an armored AS‐REQ
      tests/krb5: Use __slots__ to indicate which attributes are used by classes
      tests/krb5: Fix PK-INIT test framework to allow expired password keys
      tests/krb5: Allow creation of disabled accounts for testing
      tests/krb5: Add tests for errors produced when logging in with unusable accounts
      third_party/heimdal: Import lorikeet-heimdal-202406240121 (commit 4315286377278234be2f3b6d52225a17b6116d54)

Jones Syue (1):
      s3:ntlm_auth: make logs more consistent with length check

Jule Anger (3):
      VERSION: Bump version up to Samba 4.19.8...
      WHATSNEW: Add release notes for Samba 4.19.8.
      VERSION: Disable GIT_SNAPSHOT for the 4.19.8 release.

Noel Power (2):
      selftest: Add a python blackbox test for some misc (widelink) DFS tests
      s3/smbd: fix nested chdir into msdfs links on (widelinks = yes) share

Pavel Filipenský (1):
      .gitlab-ci-main.yml: Add safe.directory '*'

Ralph Boehme (1):
      third_party/heimdal: Import lorikeet-heimdal-202407041740 (commit 42ba2a6e5dd1bc14a8b5ada8c9b8ace85956f6a0)

Stefan Metzmacher (49):
      BUG 15569 ldb: add missing ABI/pyldb-util-2.8.1.sigs
      python:tests/dns_base: generate a real signature in bad_sign_packet()
      python:tests/dns_base: use ndr_deepcopy() and ndr_pack() in verify_packet()
      python:tests/dns_base: let dns_transaction_tcp() handle short receives
      python:tests/dns_base: add self.assert_echoed_dns_error()
      python:tests/dns_tkey: make use of self.assert_echoed_dns_error()
      python:tests/dns_base: let tkey_trans() and sign_packet() take algorithm_name as argument
      python:tests/dns_base: let tkey_trans() take tkey_req_in_answers
      python:tests/dns_base: pass tkey_trans(expected_rcode)
      python:tests/dns_base: let dns_transaction_udp() take allow_{remaining,truncated}=True
      python:tests/dns_base: maintain a dict with tkey related state
      python:tests/dns_tkey: test TKEY with gss-tsig, gss.microsoft.com and invalid algorithms
      python:tests/dns_tkey: let us have test_update_gss_tsig_tkey_req_{additional,answers}()
      python:tests/dns_tkey: add gss.microsoft.com tsig updates
      python:tests/dns_tkey: test bad and changing tsig algorithms
      python:tests/dns_base: let verify_packet() work against Windows
      python:tests/dns_tkey: let test_update_tsig_windows() actually pass against windows 2022
      python:tests/dns_base: add get_unpriv_creds() helper
      s4:selftest/tests: pass USERNAME_UNPRIV=$DOMAIN_USER to samba.tests.dns_tkey
      python:tests/dns_tkey: add test_update_tsig_record_access_denied()
      s4:dns_server: failed dns updates should result in REFUSED for ACCESS_DENIED
      s4:dns_server: only allow gss-tsig and gss.microsoft.com for TKEY
      s4:dns_server: only allow gss-tsig and gss.microsoft.com for TSIG
      s4:dns_server: use the client provided algorithm for the fake TSIG structure
      s4:dns_server: use tkey->algorithm if available in dns_sign_tsig()
      s4:dns_server: also search DNS_QTYPE_TKEY in the answers section if it's the last section
      s4:dns_server: dns_verify_tsig should return REFUSED on error
      s4:dns_server: correctly sign dns update responses with gss-tsig like Windows
      s4:dns_server: no-op dns updates with ACCESS_DENIED should be ignored
      s3:include: let nameserv.h be useable on its own
      s3:include: split out fstring.h
      s3:wscript: LIBNMB requires lp_ functions
      s3:libsmb/unexpected: don't use talloc_tos() in async code
      s3:libsmb/unexpected: pass nmbd_socket_dir from the callers of nb_packet_{server_create,reader_send}()
      s3:libsmb/dsgetdcname: use NETLOGON_NT_VERSION_AVOID_NT4EMUL
      libcli/nbt: add nbt_name_send_raw()
      s4:libcli/dgram: let the generic incoming handler also get unexpected mailslot messages
      s4:libcli/dgram: make use of socket_address_copy()
      s4:libcli/dgram: add nbt_dgram_send_raw() to send raw blobs
      s4:nbt_server: simulate nmbd and provide unexpected handling
      s4:torture/smb2: add smb2.ioctl.copy_chunk_bug15644
      vfs_default: also call vfs_offload_token_ctx_init in vfswrap_offload_write_send
      testprogs/blackbox: let test_trust_token.sh check for S-1-18-1 with kerberos
      testprogs/blackbox: add test_ldap_token.sh to test "client use kerberos" and --use-kerberos
      auth/credentials: add cli_credentials_get_kerberos_state_obtained() helper
      auth/credentials: add tests for cli_credentials_get_kerberos_state[_obtained]()
      auth/credentials: don't ignore "client use kerberos" and --use-kerberos for machine accounts
      .gitlab-ci: make it explicit that some tests require ext4/5.15 kernel
      [v4-19-only] selftest: support for MIT krb5 1.21

Xavi Hernandez (1):
      Fix starvation of pending writes in CTDB queues

-----------------------------------------------------------------------


-- 
Samba Shared Repository



More information about the samba-cvs mailing list