<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<h3>

Mathieu Parent pushed to branch upstream_4.11

at <a href="https://salsa.debian.org/samba-team/samba">Debian Samba Team / samba</a>

</h3>

<h4>

Commits:

</h4>

<ul>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/193d6f5e8cc074370bafa282218e1991506a9edc">193d6f5e</a></strong>

<div>

<span>by Karolin Seeger</span>

<i>at 2019-10-24T08:52:36Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">VERSION: Bump version up to 4.11.2...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

(cherry picked from commit 7b8309398beab679cd4068da497661ce33616edc)

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/07df3dfa6bf081c3f2ad7777995325d834ad3129">07df3dfa</a></strong>

<div>

<span>by Jeremy Allison</span>

<i>at 2019-10-24T08:52:36Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2019-10218 - s3: libsmb: Protect SMB1 client code from evil server returned names.

Disconnect with NT_STATUS_INVALID_NETWORK_RESPONSE if so.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14071

Signed-off-by: Jeremy Allison <jra@samba.org>

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/914c985e66adc63d54b3e17dab324f376f84e349">914c985e</a></strong>

<div>

<span>by Jeremy Allison</span>

<i>at 2019-10-24T08:52:36Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2019-10218 - s3: libsmb: Protect SMB2 client code from evil server returned names.

Disconnect with NT_STATUS_INVALID_NETWORK_RESPONSE if so.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14071

Signed-off-by: Jeremy Allison <jra@samba.org>

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/e0e8830b88e45e3e954b1e5074cef8c8bf5406a8">e0e8830b</a></strong>

<div>

<span>by Andrew Bartlett</span>

<i>at 2019-10-24T08:52:36Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2019-14833: Use utf8 characters in the unacceptable password

This shows that the "check password script" handling has a bug.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12438

Signed-off-by: Andrew Bartlett <abartlet@samba.org>

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/b3a71bf847e3797582a2c657720726694fe424ba">b3a71bf8</a></strong>

<div>

<span>by Björn Baumbach</span>

<i>at 2019-10-24T08:52:36Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2019-14833 dsdb: send full password to check password script

utf8_len represents the number of characters (not bytes) of the

password. If the password includes multi-byte characters it is required

to write the total number of bytes to the check password script.

Otherwise the last bytes of the password string would be ignored.

Therefore we rename utf8_len to be clear what it does and does

not represent.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12438

Signed-off-by: Björn Baumbach <bb@sernet.de>

Signed-off-by: Andrew Bartlett <abartlet@samba.org>

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/4087d16945f97479b46a2d5fbfc883f813959fd9">4087d169</a></strong>

<div>

<span>by Andrew Bartlett</span>

<i>at 2019-10-24T08:52:36Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2019-14847 dsdb: Demonstrate the correct interaction of ranged_results style attributes and dirsync

Incremental results are provided by a flag on the dirsync control, not

by changing the attribute name.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14040

Signed-off-by: Andrew Bartlett <abartlet@samba.org>

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/e33b8c5651032b82ffa3631b37ddb93f2bfe3b8d">e33b8c56</a></strong>

<div>

<span>by Andrew Bartlett</span>

<i>at 2019-10-24T08:52:36Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2019-14847 dsdb: Correct behaviour of ranged_results when combined with dirsync

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14040

Signed-off-by: Andrew Bartlett <abartlet@samba.org>

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/3815f9bfda8137f33b5f24e81cc61d1027a01748">3815f9bf</a></strong>

<div>

<span>by Karolin Seeger</span>

<i>at 2019-10-24T08:52:36Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">WHATSNEW: Add release notes for Samba 4.11.2.

* Bug 14071: CVE-2019-10218: Client code can return filenames containing path

  separators.

* Bug 12438: CVE-2019-14833: Samba AD DC check password script does not receive

  the full password.

* Bug 14040: CVE-2019-14847: User with "get changes" permission can crash AD DC

  LDAP server via dirsync.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/df2b97d12e6d5d36dc152896a21ba44bc7531654">df2b97d1</a></strong>

<div>

<span>by Karolin Seeger</span>

<i>at 2019-10-24T08:52:52Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">VERSION: Disable GIT_SNAPSHOT for the 4.11.2 release.

* Bug 14071: CVE-2019-10218: Client code can return filenames containing path

  separators.

* Bug 12438: CVE-2019-14833: Samba AD DC check password script does not receive

  the full password.

* Bug 14040: CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP

  server via dirsync.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/dff88803584fd1c6871e95bd5dbfad8584104554">dff88803</a></strong>

<div>

<span>by Karolin Seeger</span>

<i>at 2019-12-03T12:10:21Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">VERSION: Bump version up to 4.11.3.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

(cherry picked from commit e704eee3083658f7dcdd4238295f8e0b229a1688)

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/026fd23cf916f8e5479af31490b5c8813966796c">026fd23c</a></strong>

<div>

<span>by Karolin Seeger</span>

<i>at 2019-12-03T12:10:21Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">VERSION: Re-enable GIT_SNAPSHOT.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/9324b7a9e4ce358832ca882671c25c2afe677121">9324b7a9</a></strong>

<div>

<span>by Andrew Bartlett</span>

<i>at 2019-12-03T12:10:21Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2019-14861: s4-rpc/dnsserver: Confirm sort behaviour in dcesrv_DnssrvEnumRecords

The sort behaviour for child records is not correct in Samba so

we add a flapping entry.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14138

Signed-off-by: Andrew Bartlett <abartlet@samba.org>

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/678888b41bd07898399b5a66739796b04dbdf33a">678888b4</a></strong>

<div>

<span>by Andrew Bartlett</span>

<i>at 2019-12-03T12:10:21Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2019-14861: s4-rpc_server: Remove special case for @ in dns_build_tree()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14138

Signed-off-by: Andrew Bartlett <abartlet@samba.org>

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/2318a4a7233d63a262d3e095dd2ea2b87b047bd6">2318a4a7</a></strong>

<div>

<span>by Andrew Bartlett</span>

<i>at 2019-12-03T12:10:21Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2019-14861: s4-rpc/dnsserver: Avoid crash in ldb_qsort() via dcesrv_DnssrvEnumRecords)

dns_name_compare() had logic to put @ and the top record in the tree being

enumerated first, but if a domain had both then this would break the

older qsort() implementation in ldb_qsort() and cause a read of memory

before the base pointer.

By removing this special case (not required as the base pointer

is already seperatly located, no matter were it is in the

returned records) the crash is avoided.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14138

Signed-off-by: Andrew Bartlett <abartlet@samba.org>

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/fae319523b07ba7a53bf7cfdbb4ea7f9d7d01981">fae31952</a></strong>

<div>

<span>by Andrew Bartlett</span>

<i>at 2019-12-03T12:10:21Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2019-14861: Test to demonstrate the bug

This test does not fail every time, but when it does it casues a segfault which

takes out the rpc_server master process, as this hosts the dnsserver pipe.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14138

Signed-off-by: Andrew Bartlett <abartlet@samba.org>

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/b69ee283de5de1f560a73ad63c10f7974afeb9f8">b69ee283</a></strong>

<div>

<span>by Andrew Bartlett</span>

<i>at 2019-12-03T12:10:21Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">s4-torture: Reduce flapping in SambaToolDrsTests.test_samba_tool_replicate_local

This test often flaps in Samba 4.9 (where more tests and DCs run in the environment)

with obj_1 being 3.  This is quite OK, we just need to see some changes get

replicated, not 0 changes.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>

Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

(cherry picked from commit 4ae0f9ce0f5ada99cf1d236377e5a1234c879ae3)

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/fbd7a4c08fdb1988d2657760e3d4578785724c45">fbd7a4c0</a></strong>

<div>

<span>by Isaac Boukris</span>

<i>at 2019-12-03T12:10:21Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">samba-tool: add user-sensitive command to set not-delegated flag

Signed-off-by: Isaac Boukris <iboukris@gmail.com>

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/fc0127db4b9f2fb21cb72b6f4cddd8de6167f555">fc0127db</a></strong>

<div>

<span>by Isaac Boukris</span>

<i>at 2019-12-03T12:10:21Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2019-14870: heimdal: add S4U test for delegation_not_allowed

Signed-off-by: Isaac Boukris <iboukris@gmail.com>

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/fbc1f000cf76f2172d63c9cdf4889fd83a087b14">fbc1f000</a></strong>

<div>

<span>by Isaac Boukris</span>

<i>at 2019-12-03T12:10:21Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2019-14870: heimdal: enforce delegation_not_allowed in S4U2Self

Signed-off-by: Isaac Boukris <iboukris@gmail.com>

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/1ccab20c59b651173e76918a6b84290a5be4a27d">1ccab20c</a></strong>

<div>

<span>by Isaac Boukris</span>

<i>at 2019-12-03T12:10:21Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2019-14870: mit-kdc: enforce delegation_not_allowed flag

Signed-off-by: Isaac Boukris <iboukris@samba.org>

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/a694a00914754b4142db6abf8d3f661f86a6e969">a694a009</a></strong>

<div>

<span>by Karolin Seeger</span>

<i>at 2019-12-04T09:02:16Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">WHATSNEW: Add release notes for Samba 4.11.3.

o CVE-2019-14861: Samba AD DC zone-named record Denial of Service in DNS

                  management server (dnsserver).

o CVE-2019-14870: DelegationNotAllowed not being enforced in protocol transition

                  on Samba AD DC.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/7fc8563c2f6381c0389cdbb8c833e9bb89ec068b">7fc8563c</a></strong>

<div>

<span>by Karolin Seeger</span>

<i>at 2019-12-04T09:03:55Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">VERSION: Disable GIT_SNAPSHOT for the 4.11.3 release.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/samba-team/samba/commit/3719537fa3a3ae38c03daafd8d0acef09d99f223">3719537f</a></strong>

<div>

<span>by Mathieu Parent</span>

<i>at 2019-12-15T20:44:31Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">New upstream version 4.11.3+dfsg</pre>

</li>

</ul>

<h4>30 changed files:</h4>

<ul>

<li class="file-stats">

<a href="#b33892fbddeffc3368077b4904ad0b3d562a7312">

VERSION

</a>

</li>

<li class="file-stats">

<a href="#3277e12b5a9f9ff632d229e2629d34ad21dd93fc">

WHATSNEW.txt

</a>

</li>

<li class="file-stats">

<a href="#7621aa1ce515b0afdaffdf0eca777ff6f439e31a">

ctdb/doc/ctdb-etcd.7

</a>

</li>

<li class="file-stats">

<a href="#5cbe2af7f9551bd8ba760b3978da68f98bcca8d1">

ctdb/doc/ctdb-script.options.5

</a>

</li>

<li class="file-stats">

<a href="#6f372b1da785e9b62534d3ddc2b1cc994e1edea1">

ctdb/doc/ctdb-statistics.7

</a>

</li>

<li class="file-stats">

<a href="#bff45f5b0a1ff6f2cac0546191f2199bad760297">

ctdb/doc/ctdb-tunables.7

</a>

</li>

<li class="file-stats">

<a href="#cf03e1c00a6ff50094bf342fee6dbac15b3a4e0f">

ctdb/doc/ctdb.1

</a>

</li>

<li class="file-stats">

<a href="#ab0737fb37c5f24c1a655306d7f3cf9b28970fa1">

ctdb/doc/ctdb.7

</a>

</li>

<li class="file-stats">

<a href="#355570170158b89f755ad8c2655ff1b55be32cfb">

ctdb/doc/ctdb.conf.5

</a>

</li>

<li class="file-stats">

<a href="#f3298e106280fd2e988e57b01b9f5697370b66b1">

ctdb/doc/ctdb.sysconfig.5

</a>

</li>

<li class="file-stats">

<a href="#027f7ec3db27f736464febdb40a2f5784278e923">

ctdb/doc/ctdb_diagnostics.1

</a>

</li>

<li class="file-stats">

<a href="#944489b6fed794d85434d7748c57ff12c56034db">

ctdb/doc/ctdb_mutex_ceph_rados_helper.7

</a>

</li>

<li class="file-stats">

<a href="#b3f02388c7b39adb49f0f55dbc87a0b75e7f21c3">

ctdb/doc/ctdbd.1

</a>

</li>

<li class="file-stats">

<a href="#2097dbfda6f5cb780a636fd916929b31054ddd8c">

ctdb/doc/ctdbd_wrapper.1

</a>

</li>

<li class="file-stats">

<a href="#1abbc4563e217dafc807f4824b2e10419a31fcf7">

ctdb/doc/ltdbtool.1

</a>

</li>

<li class="file-stats">

<a href="#0a2e2417e72340b1b7bea2f903aa804c91c6386b">

ctdb/doc/onnode.1

</a>

</li>

<li class="file-stats">

<a href="#cfbec512f592346951273f1f00fd0300153259f8">

ctdb/doc/ping_pong.1

</a>

</li>

<li class="file-stats">

<a href="#3ffe9922012afbdd8d172aea0e4a744017a46c3e">

docs/manpages/cifsdd.8

</a>

</li>

<li class="file-stats">

<a href="#fb65349fa2f09806b79d9f359349e05a1a43aab9">

docs/manpages/dbwrap_tool.1

</a>

</li>

<li class="file-stats">

<a href="#eae12bb44b3ee724b1c740f12730f4c389df0b72">

docs/manpages/eventlogadm.8

</a>

</li>

<li class="file-stats">

<a href="#8b9d6931b4023500ead3431562d618ffd52466ff">

docs/manpages/findsmb.1

</a>

</li>

<li class="file-stats">

<a href="#28926762f13c3ce5a1de6e2d2e8068ffb67c6740">

docs/manpages/idmap_ad.8

</a>

</li>

<li class="file-stats">

<a href="#e777d8f0d1e98d8eb6b36fe3cecbf128683c39d6">

docs/manpages/idmap_autorid.8

</a>

</li>

<li class="file-stats">

<a href="#25cc1933670f40b62ff9a036acd111a74cd79767">

docs/manpages/idmap_hash.8

</a>

</li>

<li class="file-stats">

<a href="#5e94741d6f83b11f5f44b9534cb80852b6663b3b">

docs/manpages/idmap_ldap.8

</a>

</li>

<li class="file-stats">

<a href="#9866bbd092d8ac30b5d4d0b2c769014f00968de0">

docs/manpages/idmap_nss.8

</a>

</li>

<li class="file-stats">

<a href="#a656ad172d8f1be792355bac9e7b4c3bbd953e10">

docs/manpages/idmap_rfc2307.8

</a>

</li>

<li class="file-stats">

<a href="#292a9fb6acd638e1a952d4947275be44996f43e7">

docs/manpages/idmap_rid.8

</a>

</li>

<li class="file-stats">

<a href="#ac4355cdd58ceba6dc1b0a8d6c4419a277e15af1">

docs/manpages/idmap_script.8

</a>

</li>

<li class="file-stats">

<a href="#471721d5cfe533e7f628990cbf64f295d8eb6fc7">

docs/manpages/idmap_tdb.8

</a>

</li>

</ul>

<h5>The diff was not included because it is too large.</h5>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #777;">

—

<br>

<a href="https://salsa.debian.org/samba-team/samba/compare/6d3c629b703bfbb7a0c3053c89c691e68ac6f089...3719537fa3a3ae38c03daafd8d0acef09d99f223">View it on GitLab</a>.

<br>

You're receiving this email because of your account on salsa.debian.org.

If you'd like to receive fewer emails, you can

adjust your notification settings.

</p>

</div>

</body>

</html>