[Pkg-samba-maint] [samba] annotated tag upstream/4.6.7+dfsg created (now d4c9927)
Mathieu Parent
sathieu at moszumanska.debian.org
Wed Nov 8 20:15:17 UTC 2017
This is an automated email from the git hooks/post-receive script.
sathieu pushed a change to annotated tag upstream/4.6.7+dfsg
in repository samba.
at d4c9927 (tag)
tagging 2bea4ff0a56aa825e185796017b87c120beb0450 (commit)
replaces upstream/4.6.5+dfsg
tagged by Mathieu Parent
on Tue Aug 15 21:59:05 2017 +0200
- Log -----------------------------------------------------------------
Upstream version 4.6.7+dfsg
Amitay Isaacs (7):
ctdb-scripts: Don't send empty argument string to logger
ctdb-recovery: Assign banning credits if database fails to freeze
ctdb-recovery: Setting up of recmode should be idempotent
ctdb-recovery: Simplify logging of recovery mode setting
ctdb-recovery: Finish processing for recovery mode ACTIVE first
ctdb-recovery: Get recmode unconditionally in the main_loop
ctdb-recovery: Do not run local ip verification when in recovery
Andreas Schneider (10):
replace: Use the same size as d_name member of struct dirent
waf: Do not trhow a format-truncation error for test/snprintf.c
s4:torture: Fix comparison between pointer and zero character constant
libcli:smb2: Gracefully handle not supported for FSCTL_VALIDATE_NEGOTIATE_INFO
s3:popt_common: Reparse the username in popt_common_credentials_post()
s3:tests: Add test for smbclient -UDOMAIN+username
s3:tests: Do not delete the contets of LOCAL_PATH with tarmode test
selftest: Do *NOT* flush the complete gencache!
s3:tests: Do *NOT* flush the complete gencache!
s3:client: The smbspool krb5 wrapper needs negotiate for authentication
Andrew Bartlett (5):
selftest: Also wait for winbindd to start
WHATSNEW: Add release notes for Samba 4.6.6.
VERSION: Release Samba 4.6.6 for CVE-2017-11103
selftest: Do not enable inbound replication during replica_sync
s4-cldap/netlogon: Match Windows 2012R2 and return NETLOGON_NT_VERSION_5 when version unspecified
Arvid Requate (2):
s4:torture/ldap: Test netlogon without NtVer
s4-dsdb/netlogon: allow missing ntver in cldap ping
Bernhard M. Wiedemann via samba-technical (1):
docs-xml: Sort input file list
Bob Campbell (1):
selftest: Do not force run of kcc at start of selftest
Daniel Kobras (1):
s3: smbd: fix regression with non-wide symlinks to directories over SMB3.
David Disseldorp (1):
vfs_ceph: fix cephwrap_chdir()
David Mulder via samba-technical (1):
messaging: fix net command failure due to unhandled return code
Douglas Bagnall (2):
ndr tests: silence a harmless warning
shadow_copy_get_shadow_copy_data: fix GCC snprintf warning
Dustin L. Howett via samba-technical (1):
idmap_ad: Retry query_user exactly once if we get TLDAP_SERVER_DOWN
Garming Sam (1):
dnsserver: Stop dns_name_equal doing OOB read
Günther Deschner (1):
vfs_fruit: add fruit:model = <modelname> parametric option
Jeffrey Altman (1):
CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation
Jeremy Allison (11):
s3: smbd: When deleting an fsp pointer ensure we don't keep any references to it around.
libcli: smb: Add smbXcli_tcon_copy().
libcli: smb: Add smb2cli_tcon_set_id().
s3: libsmb: Add cli_state_save_tcon() / cli_state_restore_tcon().
s3: smbtorture: Show correct use of cli_state_save_tcon() / cli_state_restore_tcon().
s3: libsmb: Widen cli_state_get_tid() / cli_state_set_tid() to 32-bits.
s3: libsmb: Fix cli_state_has_tcon() to cope with SMB2 connections.
s3: libsmb: Correctly do lifecycle management on cli->smb1.tcon and cli->smb2.tcon.
s3: libsmb: Correctly save and restore connection tcon in smbclient, smbcacls and smbtorture3.
s3: smbd: Add regression test for non-wide symlinks to directories fail over SMB3.
s3: smbd: Fix a read after free if a chained SMB1 call goes async.
Karolin Seeger (3):
VERSION: Bump version up to 4.6.6...
WHATSNEW: Add release notes for Samba 4.6.7.
VERSION: Disable GIT_SNAPSHOTS for the 4.6.7 release.
Martin Schwenke (3):
ctdb-scripts: NFS call-out failures should cause event failure
ctdb-tests: Add more NFS eventscript tests for call-out failures
ctdb-common: Set close-on-exec when creating PID file
Mathieu Parent (1):
New upstream version 4.6.7+dfsg
Michael Saxl (1):
s3:gse_krb5: fix a possible crash in fill_mem_keytab_from_system_keytab()
Noel Power (1):
s3/utils: smbcacls failed to detect DIRECTORIES using SMB2 (windows only)
Ralph Boehme (4):
s3/smbd: let non_widelink_open() chdir() to directories directly
selftest: add a test for accessing previous version of directories with snapdirseverywhere
vfs_fruit: don't use MS NFS ACEs with Windows clients
s3/notifyd: ensure notifyd doesn't return from smbd_notifyd_init
Richard Sharpe (1):
Bug 15852. There are valid paths where conn->lsa_pipe_tcp->transport is NULL. Protect against this.
Stefan Metzmacher (70):
libcli/smb: Fix alignment problems of smb_bytes_pull_str()
s3:libsmb: add cli_state_update_after_sesssetup() helper function
s3:smb2_tcon: allow a compound request after a TreeConnect
s3:smb2_sesssetup: allow a compound request after a SessionSetup
auth/ntlmssp: enforce NTLMSSP_NEGOTIATE_NTLM2 for the NTLMv2 client case
samba-tool: fix log message of 'samba-tool user syncpasswords'
s3:smbd: unimplement FSCTL_VALIDATE_NEGOTIATE_INFO with "server max protocol = SMB2_02"
auth/spnego: fix gensec_update_ev() argument order for the SPNEGO_FALLBACK case
s3:smb2_create: avoid reusing the 'tevent_req' within smbd_smb2_create_send()
wafsamba: add maxversion and version_blacklist to CHECK_BUNDLED_SYSTEM[_PKG]()
ldb: protect Samba < 4.7 against incompatible ldb versions and require ldb < 1.2.0
Merge branch 'v4-6-stable' into v4-6-test
VERSION: Bump version up to 4.6.7...
s3:smbd: consistently use talloc_tos() memory for rpc_pipe_open_interface()
pidl:NDR/Parser: add missing {start,end}_flags() to ParseElementPrint()
librpc/ndr: align the definition of LIBNDR_STRING_FLAGS with currently defined flags
librpc/ndr: add LIBNDR_FLAG_IS_SECRET handling
idl_types.h: add NDR_SECRET shortcut
s3:librpc: let NDR_SECRETS depend on NDR_SECURITY
s3:libads: remove unused kerberos_secrets_store_salting_principal()
krb5_wrap: add smb_krb5_salt_principal()
krb5_wrap: add smb_krb5_salt_principal2data()
s3:libnet_join: remove dead code from libnet_join_connect_ads()
s3:libnet_join: calculate r->out.account_name in libnet_join_pre_processing()
s3:libnet_join.idl: return the domain_guid in libnet_JoinCtx
s3:libnet_join: remember the domain_guid for AD domains
s3:libnet_join.idl: add krb5_salt to libnet_JoinCtx
s3:libnet_join: remember r->out.krb5_salt in libnet_join_derive_salting_principal()
s3:libnet_join: move kerberos_secrets_store_des_salt() out of libnet_join_derive_salting_principal()
s3:libnet_join: split libnet_join_post_processing_ads() into modify/sync
s3:libnet_join: call do_JoinConfig() after we did remote changes on the server
s3:libnet_join: move libnet_join_joindomain_store_secrets() to libnet_join_post_processing()
s3:libnet_join: move kerberos_secrets_store_des_salt() to libnet_join_joindomain_store_secrets()
s3:libads: remove kerberos_secrets_fetch_salting_principal() fallback
s3:libads: provide a simpler kerberos_fetch_salt_princ() function
s3:gse_krb5: simplify fill_keytab_from_password() by using kerberos_fetch_salt_princ()
s3:libnet: make use of kerberos_secrets_fetch_salt_princ()
s3:libads: make use of kerberos_secrets_fetch_salt_princ() in ads_keytab_add_entry()
s3:libads: remove unused kerberos_fetch_salt_princ_for_host_princ()
s3:secrets: move kerberos_secrets_*salt related functions to machine_account_secrets.c
s3:secrets: rework des_salt_key() to take the realm as argument
s3:secrets: split out a domain_guid_keystr() function
s3:secrets: add some const to secrets_store_domain_guid()
s3:secrets: make use of des_salt_key() in secrets_store_machine_pw_sync()
s3:secrets: rename secrets_delete() to secrets_delete_entry()
s3:secrets: re-add secrets_delete() helper to simplify deleting optional keys
s3:secrets: make use of secrets_delete() in secrets_store_machine_pw_sync()
s3:secrets: let secrets_store_machine_pw_sync() delete the des_salt_key when there's no value
s3:secrets: replace secrets_delete_prev_machine_password() by secrets_delete()
s3:secrets: rewrite secrets_delete_machine_password_ex() using helper variables
s3:secrets: let secrets_delete_machine_password_ex() remove SID and GUID too
s3:secrets: let secrets_delete_machine_password_ex() also remove the des_salt key
s3:secrets: use secrets_delete for all keys in secrets_delete_machine_password_ex()
s3:trusts_util: pass dcname to trust_pw_change()
libcli/auth: pass an array of nt_hashes to netlogon_creds_cli_auth*()
libcli/auth: add const to set_pw_in_buffer()
libcli/auth: pass the cleartext blob to netlogon_creds_cli_ServerPasswordSet*()
s3:trusts_util: also pass the previous_nt_hash to netlogon_creds_cli_auth()
lsa.idl: make lsa_DnsDomainInfo [public]
netlogon.idl: make netr_TrustFlags [public]
netlogon.idl: use lsa_TrustType and lsa_TrustAttributes in netr_trust_extension
secrets.idl: add secrets_domain_info that will be used in secrets.tdb for machine account trusts
s3:secrets: add infrastructure to use secrets_domain_infoB to store credentials
net: add "net primarytrust dumpinfo" command that dumps the details of the workstation trust
s3:libnet: make use of secrets_store_JoinCtx()
s3:trusts_util: make use the workstation password change more robust
net: make use of secrets_*_password_change() for "net changesecretpw"
s3:libads: make use of secrets_*_password_change() in ads_change_trust_account_password()
s3:secrets: remove unused secrets_store_[prev_]machine_password()
selftest:Samba3: call "net primarytrust dumpinfo" setup_nt4_member() after the join
Thomas Jarosch (1):
s3: libsmb: Fix use-after-free when accessing pointer *p.
Volker Lendecke (1):
smbd: Fix a connection run-down race condition
-----------------------------------------------------------------------
No new revisions were added by this update.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-samba/samba.git
More information about the Pkg-samba-maint
mailing list