[Pkg-samba-maint] [samba] annotated tag upstream/4.3.3+dfsg created (now a4397e4)

Jelmer Vernooij jelmer at moszumanska.debian.org
Fri Dec 18 13:08:33 UTC 2015 

This is an automated email from the git hooks/post-receive script.

jelmer pushed a change to annotated tag upstream/4.3.3+dfsg
in repository samba.

        at  a4397e4   (tag)
   tagging  bad8819ef254386e7935720bbe78e0ee8b6fd696 (commit)
  replaces  upstream/4.3.1+dfsg
 tagged by  Jelmer Vernooij
        on  Fri Dec 18 01:18:19 2015 +0000

- Log -----------------------------------------------------------------
Upstream version 4.3.3+dfsg

Andreas Schneider (2):
      s3-smbd: Fix use after issue in smbd_smb2_request_dispatch()
      nss_wins: Use lp_global_no_reinit()

Andrew Bartlett (1):
      CVE-2015-8467: samdb: Match MS15-096 behaviour for userAccountControl

Douglas Bagnall (6):
      CVE-2015-5330: ldb_dn: simplify and fix ldb_dn_escape_internal()
      CVE-2015-5330: ldb_dn_escape_value: use known string length, not strlen()
      CVE-2015-5330: Fix handling of unicode near string endings
      CVE-2015-5330: strupper_talloc_n_handle(): properly count characters
      CVE-2015-5330: next_codepoint_handle_ext: don't short-circuit UTF16 low bytes
      CVE-2015-5330: ldb_dn_explode: copy strings by length, not terminators

Jelmer Vernooij (2):
      Imported Upstream version 4.3.2+dfsg
      Imported Upstream version 4.3.3+dfsg

Jeremy Allison (11):
      s3-smbd: Fix old DOS client doing wildcard delete - gives a attribute type of zero
      s3-torture: Add WILDDELETE test to smbtorture3 to test old wildcard delete with zero attribute
      s3-torture: Remove (incorrect) samba3-specific behavior in samba3.raw.unlink now the server is correct
      auth: gensec: Parameters out_mem_ctx and ev are passed in the wrong order to gensec_spnego_server_try_fallback().
      lib: util: Make non-critical message a warning.
      s3: smbd: If EA's are turned off on a share don't allow an SMB2 create containing them.
      s3: smbd: have_file_open_below() fails to enumerate open files below an open directory handle.
      CVE-2015-3223: lib: ldb: Cope with canonicalise_fn returning string "", length 0.
      CVE-2015-3223: lib: ldb: Use memmem binary search, not strstr text search.
      CVE-2015-5252: s3: smbd: Fix symlink verification (file access outside the share).
      CVE-2015-5299: s3-shadow-copy2: fix missing access check on snapdir

Karolin Seeger (6):
      VERSION: Bump version up to 4.3.2...
      WHATSNEW: Add release notes for Samba 4.3.2.
      VERSION: Disable git snapshot for the 4.3.2 release.
      VERSION: Bump version up to 4.3.3...
      WHATSNEW: Add release notes for Samba 4.3.3.
      VERSION: Disable git snapshots for the 4.3.3 release.

Marc Muehlfeld (1):
      Changing log level of two entries to DBG_NOTICE

Michael Adam (1):
      ctdb: open the RO tracking db with perms 0600 instead of 0000

Noel Power (7):
      s3: rpcclient: Prevent null ptr access by returning error if no creds available
      s3: winbind: Prevent null ptr access by returning error if no creds available
      remove many valgrind errors for base.lock test
      fix uninitialised read in process_host_announce
      fix writev(vector[...]) points to uninitialised bytes in call_trans2findnext
      fix 'Invalid read of size 1' in reply_search
      fix writev(vector[...]) points to uninitialised bytes in call_trans2findfirst

Ralph Boehme (4):
      s4:lib/messaging: use correct path for names.tdb
      selftest: add a test for async_connect_send()
      async_req: fix non-blocking connect()
      ldb: bump version of the required system ldb to 1.1.24

Stefan Metzmacher (7):
      dcerpc.idl: accept invalid dcerpc_bind_nak pdus
      script/release.sh: make it possible to create stable .0 releases
      script/release.sh: make it possible to create stable .x releases (x >= 1)
      s3:smb2_server: make the logic of SMB2_CANCEL DLIST_REMOVE() clearer
      CVE-2015-5296: s3:libsmb: force signing when requiring encryption in do_connect()
      CVE-2015-5296: s3:libsmb: force signing when requiring encryption in SMBC_server_internal()
      CVE-2015-5296: libcli/smb: make sure we require signing when we demand encryption on a session

Tom Schulz (2):
      s4: fix linking smbtorture on Solaris.
      texpect: undefined symbol rep_fprintf

Uri Simchoni (6):
      selftest: Avoid system krb5.conf in testenv provisioning
      selftest: Avoid system krb5.conf in some test envs that don't use kerberos
      selftest: Avoid system krb5.conf in "none" test env
      auth: remove a line that has no effect
      auth: consistent handling of well-known alias as primary gid
      selftest: add test for force user and well-known primary group

Volker Lendecke (3):
      smbd: Send SMB2 oplock breaks unencrypted
      vfs_gpfs: Re-enable share modes
      winbind: Don't crash on invalid idmap configs

YvanM (1):
      manpage: corrected small typo error

-----------------------------------------------------------------------

This annotated tag includes the following new commits:

       new  bdcbd0f   VERSION: Bump version up to 4.3.3...
       new  3e7e136   CVE-2015-3223: lib: ldb: Cope with canonicalise_fn returning string "", length 0.
       new  ef6f151   CVE-2015-3223: lib: ldb: Use memmem binary search, not strstr text search.
       new  8f25f5d   CVE-2015-5330: ldb_dn: simplify and fix ldb_dn_escape_internal()
       new  eaec452   CVE-2015-5330: ldb_dn_escape_value: use known string length, not strlen()
       new  fc9e504   CVE-2015-5330: Fix handling of unicode near string endings
       new  8d71858   CVE-2015-5330: strupper_talloc_n_handle(): properly count characters
       new  4b8de77   CVE-2015-5330: next_codepoint_handle_ext: don't short-circuit UTF16 low bytes
       new  d3beacd   CVE-2015-5330: ldb_dn_explode: copy strings by length, not terminators
       new  5b730ab   ldb: bump version of the required system ldb to 1.1.24
       new  4278ef2   CVE-2015-5252: s3: smbd: Fix symlink verification (file access outside the share).
       new  675fd8d   CVE-2015-5299: s3-shadow-copy2: fix missing access check on snapdir
       new  d724f83   CVE-2015-5296: s3:libsmb: force signing when requiring encryption in do_connect()
       new  1ba49b8   CVE-2015-5296: s3:libsmb: force signing when requiring encryption in SMBC_server_internal()
       new  a819d2b   CVE-2015-5296: libcli/smb: make sure we require signing when we demand encryption on a session
       new  b000da1   CVE-2015-8467: samdb: Match MS15-096 behaviour for userAccountControl
       new  a706fae   WHATSNEW: Add release notes for Samba 4.3.3.
       new  b7676d1   VERSION: Disable git snapshots for the 4.3.3 release.
       new  bad8819   Imported Upstream version 4.3.3+dfsg

The 19 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.


-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-samba/samba.git

More information about the Pkg-samba-maint mailing list