[Pkg-samba-maint] [samba] branch stretch updated (0275956 -> 8d18573)

Mathieu Parent sathieu at moszumanska.debian.org
Thu Oct 12 08:16:33 UTC 2017 

This is an automated email from the git hooks/post-receive script.

sathieu pushed a change to branch stretch
in repository samba.

      from  0275956   Re-release 2:4.5.12+dfsg-1
       new  54bc9c5   Patches for CVE-2017-12150, CVE-2017-12151 and CVE-2017-12163
       new  a047095   CVE-2017-12150: s3:lib: get_cmdline_auth_info_signing_state smb_encrypt SMB_SIGNING_REQUIRED
       new  6f4f39b   CVE-2017-12150: s3:pylibsmb: make use of SMB_SIGNING_DEFAULT for 'samba.samba3.libsmb_samba_internal'
       new  2471054   CVE-2017-12150: libgpo: make use of SMB_SIGNING_REQUIRED in gpo_connect_server()
       new  043fb7f   CVE-2017-12150: auth/credentials: cli_credentials_authentication_requested() should check for NTLM_CCACHE/SIGN/SEAL
       new  c66f05d   CVE-2017-12150: libcli/smb: add smbXcli_conn_signing_mandatory()
       new  3791d24   CVE-2017-12150: s3:libsmb: only fallback to anonymous if authentication was not requested
       new  61a692b   CVE-2017-12151: s3:libsmb: add cli_state_is_encryption_on() helper function
       new  8483981   CVE-2017-12151: s3:libsmb: make use of cli_state_is_encryption_on()
       new  20c2272   CVE-2017-12163: s3:smbd: Prevent client short SMB1 write from writing server memory to file.
       new  8d18573   Release 2:4.5.12+dfsg-2

The 11 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.


Summary of changes:
 auth/credentials/credentials.c                     |  16 ++
 debian/changelog                                   |   9 +
 .../CVE-2017-12150-v4-5.patches.metze02.txt        | 234 +++++++++++++++++++++
 .../CVE-2017-12151-v4-5.patches.metze02.txt        | 111 ++++++++++
 .../patches/CVE-2017-12163-all-metze01.patch.txt   | 141 +++++++++++++
 debian/patches/series                              |   3 +
 libcli/smb/smbXcli_base.c                          |   5 +
 libcli/smb/smbXcli_base.h                          |   1 +
 libgpo/gpo_fetch.c                                 |   2 +-
 source3/lib/util_cmdline.c                         |   3 +
 source3/libsmb/clidfs.c                            |   6 +-
 source3/libsmb/clientgen.c                         |  13 ++
 source3/libsmb/libsmb_context.c                    |   2 +-
 source3/libsmb/proto.h                             |   1 +
 source3/libsmb/pylibsmb.c                          |   2 +-
 source3/smbd/reply.c                               |  50 +++++
 16 files changed, 594 insertions(+), 5 deletions(-)
 create mode 100644 debian/patches/CVE-2017-12150-v4-5.patches.metze02.txt
 create mode 100644 debian/patches/CVE-2017-12151-v4-5.patches.metze02.txt
 create mode 100644 debian/patches/CVE-2017-12163-all-metze01.patch.txt

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-samba/samba.git

More information about the Pkg-samba-maint mailing list