| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Release Announcements
=====================
Samba 3.5.7, 3.4.12 and 3.3.15 are security releases in order to
address CVE-2011-0719.
o CVE-2011-0719:
All current released versions of Samba are vulnerable to
a denial of service caused by memory corruption. Range
checks on file descriptors being used in the FD_SET macro
were not present allowing stack corruption. This can cause
the Samba code to crash or to loop attempting to select
on a bad file descriptor set.
A connection to a file share, or a local account is needed
to exploit this problem, either authenticated or unauthenticated
(guest connection).
Currently we do not believe this flaw is exploitable
beyond a crash or causing the code to loop, but on the
advice of our security reviewers we are releasing fixes
in case an exploit is discovered at a later date.
Changes
-------
o Jeremy Allison <jra at samba.org>
* BUG 7949: Fix DoS in Winbind and smbd with many file descriptors open.
|
|
bump pkg revision
|
|
==============================
Release Notes for Samba 3.3.14
September 14, 2010
==============================
This is a security release in order to address CVE-2010-3069.
o CVE-2010-3069:
All current released versions of Samba are vulnerable to
a buffer overrun vulnerability. The sid_parse() function
(and related dom_sid_parse() function in the source4 code)
do not correctly check their input lengths when reading a
binary representation of a Windows SID (Security ID). This
allows a malicious client to send a sid that can overflow
the stack variable that is being used to store the SID in the
Samba smbd server.
|
|
Changes since 3.3.12
--------------------
o Jeremy Allison <jra@samba.org>
* BUG 7494: Fix for CVE-2010-2063.
|
|
|
|
|
|
|
|
o CVE-2010-0728:
In Samba releases 3.5.0, 3.4.6 and 3.3.11, new code
was added to fix a problem with Linux asynchronous IO handling.
This code introduced a bad security flaw on Linux platforms if the
binaries were built on Linux platforms with libcap support.
The flaw caused all smbd processes to inherit CAP_DAC_OVERRIDE
capabilities, allowing all file system access to be allowed
even when permissions should have denied access.
|
|
Samba 3.0 and 3.3. They were completely broken before this.
Bump PKGREVISION for both samba and samba33.
Fix from PR pkg/38961 by Makoto Fujiwara <makoto at ki dot nu>.
|
|
Changes since 3.3.10
--------------------
o Jeremy Allison <jra@samba.org>
* BUG 6557: Fix vfs_full_audit.
* BUG 7036: Fix 'net rpc getsid' in hardened Windows environments.
* BUG 7045: Fix bad (non memory copying) interfaces in smbc_setXXXX calls.
* BUG 7067: Fix failing of smbd to respond to a read or a write caused by
Linux asynchronous IO (aio).
* BUG 7072: Fix unlocking of accounts from ldap.
* BUG 7104: "wide links" and "unix extensions" are incompatible.
* BUG 7122: Fix reading of large browselist.
* BUG 7154: "mangling method = hash" can crash storing a name containing
a '.'.
* BUG 7155: Valgrind Conditional jump or move depends on uninitialised
value(s) error when "mangling method = hash".
o Gunther Deschner <gd@samba.org>
* BUG 7043: Fix crash bug in "SMBC_parse_path".
o Volker Lendecke <vl@samba.org>
* BUG 5626: Fix build on AIX.
* BUG 5885: Fix bogus ip address in SWAT.
* BUG 7046: Fix a crash in libsmbclient used against the OpenSolaris CIFS
server.
o Stefan Metzmacher <metze@samba.org>
* BUG 7098: Fix results of 'smbclient -L' with a large browse list.
* BUG 7170: Fix handling of external domains in setups with one way trusts.
o William Jojo <w.jojo@hvcc.edu>
* BUG 7052: Fix DFS on AIX (maybe others).
o Bo Yang <boyang@samba.org>
* BUG 7106: Fix malformed require_membership_of_sid.
|
|
|
|
Bump PKGREVISION to prevent broken binary package.
|
|
This isn't latest release, but diffrence from current package is minimal
supported release.
Since changes are too huge to write here, please refer each release notes:
http://www.samba.org/samba/history/
And this pacakge already contain fix for CVE-2009-3297.
|
