Small Error in change log of 4.8.10 ldb 1.3.7/1.3.8
Andrew Bartlett
abartlet at samba.org
Fri Apr 5 18:29:42 UTC 2019
On Fri, 2019-04-05 at 10:16 +0200, L.P.H. van Belle via samba-technical
wrote:
> Hai,
>
> I just noticed a small thing, just reporting it.
>
> https://www.samba.org/samba/history/samba-4.8.10.html
> Change log shows version bump to ldb 1.3.7.
>
> A version check on wscript shows you need ldb 1.3.8
> lib/ldb/wscript:VERSION = '1.3.8'
The version bumped twice, see also:
o Gary Lockyer <gary at catalyst.net.nz>
* BUG 13773: CVE-2019-3824 ldb: Release ldb 1.3.8, ldb: Out of bound
read in
ldb_wildcard_compare.
Because of the nature of the LDAP server in 4.8 (being a pure forking
mode by default) we didn't do a security release for the CVE in that
version, but we did fix the issue with this release.
A big thanks to Karolin for pushing out one last maintenance release!
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical
mailing list