[Pkg-samba-maint] r1671 - in branches/samba/upstream: . packaging/RHEL source source/auth source/include source/lib source/libsmb source/nmbd
vorlon at alioth.debian.org
vorlon at alioth.debian.org
Wed Dec 12 00:23:47 UTC 2007
Author: vorlon
Date: 2007-12-12 00:23:46 +0000 (Wed, 12 Dec 2007)
New Revision: 1671
Added:
branches/samba/upstream/.gitignore
Modified:
branches/samba/upstream/WHATSNEW.txt
branches/samba/upstream/packaging/RHEL/makerpms.sh
branches/samba/upstream/packaging/RHEL/samba.spec
branches/samba/upstream/source/VERSION
branches/samba/upstream/source/auth/auth_util.c
branches/samba/upstream/source/include/version.h
branches/samba/upstream/source/lib/version.c
branches/samba/upstream/source/libsmb/clidgram.c
branches/samba/upstream/source/nmbd/nmbd_packets.c
Log:
Load samba-3.0.28 into branches/samba/upstream.
Added: branches/samba/upstream/.gitignore
===================================================================
--- branches/samba/upstream/.gitignore (rev 0)
+++ branches/samba/upstream/.gitignore 2007-12-12 00:23:46 UTC (rev 1671)
@@ -0,0 +1,31 @@
+*.o
+*.po
+source/client/client_proto.h
+source/include/build_env.h
+source/include/config.h
+source/include/config.h.in
+source/include/proto.h
+source/include/stamp-h
+source/include/version.h
+source/Makefile
+source/config.log
+source/config.status
+source/configure
+source/smbadduser
+source/bin/*
+source/script/findsmb
+source/script/gen-8bit-gap.sh
+source/script/installbin.sh
+source/script/uninstallbin.sh
+source/smbd/build_options.c
+source/utils/net_proto.h
+source/utils/ntlm_auth_proto.h
+source/web/swat_proto.h
+source/tags
+source/utils/passwd_proto.h
+source/include/includes.h.gch
+source/config.cache
+source/library-versions
+source/nsswitch/*.so
+source/proto_exists
+source/winbindd/winbindd_proto.h
Modified: branches/samba/upstream/WHATSNEW.txt
===================================================================
--- branches/samba/upstream/WHATSNEW.txt 2007-12-11 19:03:25 UTC (rev 1670)
+++ branches/samba/upstream/WHATSNEW.txt 2007-12-12 00:23:46 UTC (rev 1671)
@@ -1,3 +1,38 @@
+ ==============================
+ Release Notes for Samba 3.0.28
+ Dec 10, 2007
+ ==============================
+
+Samba 3.0.28 is a security release in order to address the following
+defect:
+
+ o CVE-2007-6015
+ Boundary failure in GETDC mailslot processing can result in
+ a buffer overrun
+
+The original security announcement for this and past advisories can
+be found http://www.samba.org/samba/security/
+
+######################################################################
+Changes
+#######
+
+Changes since 3.0.27a
+---------------------
+
+o Jeremy Allison <jra at samba.org>
+ * Fix for CVE-2007-6015.
+
+o Volker Lendecke <vl at samba.org>
+ * Fix for CVE-2007-6015.
+ * Add missing unbecome_root() calls in error path processing
+ when failing to add local groups in create_local_nt_token().
+
+
+Release notes for older releases follow:
+
+ --------------------------------------------------
+
===============================
Release Notes for Samba 3.0.27a
Nov 20, 2007
@@ -86,8 +121,6 @@
-Release notes for older releases follow:
-
--------------------------------------------------
==============================
@@ -98,7 +131,7 @@
Samba 3.0.27 is a security release in order to address the following
defects:
- o CVS-2007-4572
+ o CVE-2007-4572
Stack buffer overflow in nmbd's logon request processing.
o CVE-2007-5398
@@ -116,16 +149,14 @@
---------------------
o Jeremy Allison <jra at samba.org>
- * Fix for CVS-2007-4572.
+ * Fix for CVE-2007-4572.
* Fix for CVE-2007-5398.
o Simo Sorce <idra at samba.org>
- * Additional fixes for CVS-2007-4572.
+ * Additional fixes for CVE-2007-4572.
-Release notes for older releases follow:
-
--------------------------------------------------
===============================
Release Notes for Samba 3.0.26a
Modified: branches/samba/upstream/packaging/RHEL/makerpms.sh
===================================================================
--- branches/samba/upstream/packaging/RHEL/makerpms.sh 2007-12-11 19:03:25 UTC (rev 1670)
+++ branches/samba/upstream/packaging/RHEL/makerpms.sh 2007-12-12 00:23:46 UTC (rev 1671)
@@ -20,7 +20,7 @@
USERID=`id -u`
GRPID=`id -g`
-VERSION='3.0.27a'
+VERSION='3.0.28'
REVISION=''
SPECFILE="samba.spec"
RPMVER=`rpm --version | awk '{print $3}'`
Modified: branches/samba/upstream/packaging/RHEL/samba.spec
===================================================================
--- branches/samba/upstream/packaging/RHEL/samba.spec 2007-12-11 19:03:25 UTC (rev 1670)
+++ branches/samba/upstream/packaging/RHEL/samba.spec 2007-12-12 00:23:46 UTC (rev 1671)
@@ -5,7 +5,7 @@
Vendor: Samba Team
Packager: Samba Team <samba at samba.org>
Name: samba
-Version: 3.0.27a
+Version: 3.0.28
Release: 1
Epoch: 0
License: GNU GPL version 2
Modified: branches/samba/upstream/source/VERSION
===================================================================
--- branches/samba/upstream/source/VERSION 2007-12-11 19:03:25 UTC (rev 1670)
+++ branches/samba/upstream/source/VERSION 2007-12-12 00:23:46 UTC (rev 1671)
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=3
SAMBA_VERSION_MINOR=0
-SAMBA_VERSION_RELEASE=27
+SAMBA_VERSION_RELEASE=28
########################################################
# Bug fix releases use a letter for the patch revision #
@@ -36,7 +36,7 @@
# e.g. SAMBA_VERSION_REVISION=a #
# -> "2.2.8a" #
########################################################
-SAMBA_VERSION_REVISION=a
+SAMBA_VERSION_REVISION=
########################################################
# For 'pre' releases the version will be #
@@ -96,4 +96,4 @@
# -> "CVS 3.0.0rc2-VendorVersion" #
########################################################
SAMBA_VERSION_VENDOR_SUFFIX=
-SAMBA_VENDOR_PATCH=
+SAMBA_VERSION_VENDOR_PATCH=
Modified: branches/samba/upstream/source/auth/auth_util.c
===================================================================
--- branches/samba/upstream/source/auth/auth_util.c 2007-12-11 19:03:25 UTC (rev 1670)
+++ branches/samba/upstream/source/auth/auth_util.c 2007-12-12 00:23:46 UTC (rev 1671)
@@ -956,6 +956,7 @@
status = add_aliases(get_global_sam_sid(), result);
if (!NT_STATUS_IS_OK(status)) {
+ unbecome_root();
TALLOC_FREE(result);
return NULL;
}
@@ -965,6 +966,7 @@
status = add_aliases(&global_sid_Builtin, result);
if (!NT_STATUS_IS_OK(status)) {
+ unbecome_root();
TALLOC_FREE(result);
return NULL;
}
Modified: branches/samba/upstream/source/include/version.h
===================================================================
--- branches/samba/upstream/source/include/version.h 2007-12-11 19:03:25 UTC (rev 1670)
+++ branches/samba/upstream/source/include/version.h 2007-12-12 00:23:46 UTC (rev 1671)
@@ -1,7 +1,6 @@
/* Autogenerated by script/mkversion.sh */
#define SAMBA_VERSION_MAJOR 3
#define SAMBA_VERSION_MINOR 0
-#define SAMBA_VERSION_RELEASE 27
-#define SAMBA_VERSION_REVISION "a"
-#define SAMBA_VERSION_OFFICIAL_STRING "3.0.27a"
+#define SAMBA_VERSION_RELEASE 28
+#define SAMBA_VERSION_OFFICIAL_STRING "3.0.28"
#define SAMBA_VERSION_STRING samba_version_string()
Modified: branches/samba/upstream/source/lib/version.c
===================================================================
--- branches/samba/upstream/source/lib/version.c 2007-12-11 19:03:25 UTC (rev 1670)
+++ branches/samba/upstream/source/lib/version.c 2007-12-12 00:23:46 UTC (rev 1671)
@@ -28,7 +28,7 @@
#else
static fstring samba_version;
static BOOL init_samba_version;
-#ifdef SAMBA_VENDOR_PATCH
+#ifdef SAMBA_VERSION_VENDOR_PATCH
fstring tmp_version;
size_t remaining;
#endif
@@ -40,9 +40,9 @@
SAMBA_VERSION_OFFICIAL_STRING,
SAMBA_VERSION_VENDOR_SUFFIX);
-#ifdef SAMBA_VENDOR_PATCH
+#ifdef SAMBA_VERSION_VENDOR_PATCH
remaining = sizeof(samba_version)-strlen(samba_version);
- snprintf( tmp_version, sizeof(tmp_version), "-%d", SAMBA_VENDOR_PATCH );
+ snprintf( tmp_version, sizeof(tmp_version), "-%d", SAMBA_VERSION_VENDOR_PATCH);
strlcat( samba_version, tmp_version, remaining-1 );
#endif
Modified: branches/samba/upstream/source/libsmb/clidgram.c
===================================================================
--- branches/samba/upstream/source/libsmb/clidgram.c 2007-12-11 19:03:25 UTC (rev 1670)
+++ branches/samba/upstream/source/libsmb/clidgram.c 2007-12-12 00:23:46 UTC (rev 1671)
@@ -72,6 +72,12 @@
/* Setup the smb part. */
ptr -= 4; /* XXX Ugliness because of handling of tcp SMB length. */
memcpy(tmp,ptr,4);
+
+ if (smb_size + 17*2 + strlen(mailslot) + 1 + len > MAX_DGRAM_SIZE) {
+ DEBUG(0, ("cli_send_mailslot: Cannot write beyond end of packet\n"));
+ return False;
+ }
+
set_message(ptr,17,strlen(mailslot) + 1 + len,True);
memcpy(ptr,tmp,4);
Modified: branches/samba/upstream/source/nmbd/nmbd_packets.c
===================================================================
--- branches/samba/upstream/source/nmbd/nmbd_packets.c 2007-12-11 19:03:25 UTC (rev 1670)
+++ branches/samba/upstream/source/nmbd/nmbd_packets.c 2007-12-12 00:23:46 UTC (rev 1671)
@@ -1892,6 +1892,12 @@
/* Setup the smb part. */
ptr -= 4; /* XXX Ugliness because of handling of tcp SMB length. */
memcpy(tmp,ptr,4);
+
+ if (smb_size + 17*2 + strlen(mailslot) + 1 + len > MAX_DGRAM_SIZE) {
+ DEBUG(0, ("send_mailslot: Cannot write beyond end of packet\n"));
+ return False;
+ }
+
set_message(ptr,17,strlen(mailslot) + 1 + len,True);
memcpy(ptr,tmp,4);
More information about the Pkg-samba-maint
mailing list