[Samba] Changelogs of latest packages on repo for 4.10.15/4.11.8/4.12.2

L.P.H. van Belle belle at bazuin.nl
Thu Apr 30 12:45:41 UTC 2020 

Hai, 
 
The change logs of the the latest builds. ( note, buster 4.12.2 is still running ) 
Sorry for the separeted mails.. 

!Note! After Buster 4.12 build is finished, raspbian next. 

Changes the latest builds. 

4.10.15 changes  .
    * Non-maintainer upload.
    * Build from samba.org sources
    * Security release, info:
      - CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ
      - CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD DC
      Full release notes: https://www.samba.org/samba/history/samba-4.10.15.html
    * Bumped d/control ldb >= 1.5.7


4.11.8 changes 
    * Non-maintainer upload.
    * New upstream release builded from samba.org sources
    * Security release, info:
      - CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ
      - CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD DC
      Full release notes: https://www.samba.org/samba/history/samba-4.11.8.html
    * d/control Bump ldb >= 2.0.10
    * d/patches, added bugzilla 14359 fix
      - pass DCE RPC handle type to create_policy_hnd
        This fix is a pre-requisite for FreeIPA-FreeIPA forest trust.

4.12.2 
    * Non-maintainer upload.
    * Build from samba.org sources
    * Security release, info:
      - CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ
      - CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD DC
      Full release notes: https://www.samba.org/samba/history/samba-4.12.2.html
    * Bumped d/control ldb >= 2.1.2, talloc >= 2.3.1, tdb => 1.4.3,
      tevent >= 0.10.2
    * d/patches, added bugzilla fixes
      - bz14359 : pass DCE RPC handle type to create_policy_hnd
            This fix is a pre-requisite for FreeIPA-FreeIPA forest trust.
      - bz14343: fix vfs_full_audit panics when accessing Samba :
      - fix:  SyntaxWarning: "is" with a literal. Did you mean "=="? :
        patch temp-fix-is-is-litteral.patch
     - bz14336 s3:libads: Fix ads_get_upn
     - bz14343 s3: VFS: Add cmocka test for vfs_full_audit to make sure
         all arrays are correct.


------------ 
 
Current Repo info: 
Jessie - any version. Not supported anymore
Stretch - 4.10.x only security updates  (amd64/i386/sources) below 4.10 no more updates. 
Buster  -  4.10 4.11 4.12   (amd64/i386/sources) (! armhf as of 4.11.x and up. )
Bionic  -  4.10 4.11  (amd64/i386/sources)
Focal   - 4.12 (amd64/sources)	Dropped i386, hardly used, not? Let me know. 
Raspbian - 4.11 (armhf)..  Now im not sure if i can keep maintaining this one. 
Because, Debian Buster runs fine on Pi4 with the armhf packages. 
No worries, 4.11 is in and stays untill EOL of 4.11, but i dont think i'll do 4.12 for it. 

If i can find a way to speed up the builds, then maybe.. 

Not samba related but worth mentioning.. 
Squid Proxy 4.11 with ssl support for Buster. Repo buster-squid411
Strongswan VPN 5.8.2 (sid rebuild) for Buster. Repo buster-strongswan58

Why these, i use them in my setups at the office. 

Suggestions, idea's, mail me, i'll think about it.

Other info : https://apt.van-belle.nl 


Greetz, 

Louis

More information about the samba mailing list