Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • lts-team/packages/samba
  • thctlo/samba-lintianfix
  • arnaudr/samba
  • jrwren/samba
  • paride/samba
  • athos/samba
  • henrich/samba
  • cnotin/samba
  • mimi89999/samba
  • samba-team/samba
  • ahasenack/samba
  • jrtc27/samba
  • noel/samba
13 results
Show changes
Commits on Source (38)
Showing with 151 additions and 48 deletions
......@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=8
SAMBA_VERSION_RELEASE=3
SAMBA_VERSION_RELEASE=4
########################################################
# If a official release has a serious bug #
......
=============================
Release Notes for Samba 4.8.4
August 14, 2018
=============================
This is a security release in order to address the following defects:
o CVE-2018-1139 (Weak authentication protocol allowed.)
o CVE-2018-1140 (Denial of Service Attack on DNS and LDAP server.)
o CVE-2018-10858 (Insufficient input validation on client directory
listing in libsmbclient.)
o CVE-2018-10918 (Denial of Service Attack on AD DC DRSUAPI server.)
o CVE-2018-10919 (Confidential attribute disclosure from the AD LDAP
server.)
=======
Details
=======
o CVE-2018-1139:
Vulnerability that allows authentication via NTLMv1 even if disabled.
o CVE-2018-1140:
Missing null pointer checks may crash the Samba AD DC, both over
DNS and LDAP.
o CVE-2018-10858:
A malicious server could return a directory entry that could corrupt
libsmbclient memory.
o CVE-2018-10918:
Missing null pointer checks may crash the Samba AD DC, over the
authenticated DRSUAPI RPC service.
o CVE-2018-10919:
Missing access control checks allow discovery of confidential attribute
values via authenticated LDAP search expressions.
Changes since 4.8.3:
--------------------
o Jeremy Allison <jra@samba.org>
* BUG 13453: CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against
returns from malicious servers.
o Andrew Bartlett <abartlet@samba.org>
* BUG 13374: CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query
with escapes crashes, ldb: Release LDB 1.3.5 for CVE-2018-1140
* BUG 13552: CVE-2018-10918: cracknames: Fix DoS (NULL pointer de-ref) when
not servicePrincipalName is set on a user.
o Tim Beale <timbeale@catalyst.net.nz>
* BUG 13434: CVE-2018-10919: acl_read: Fix unauthorized attribute access via
searches.
o Günther Deschner <gd@samba.org>
* BUG 13360: CVE-2018-1139 libcli/auth: Do not allow ntlmv1 over SMB1 when it
is disabled via "ntlm auth".
o Andrej Gessel <Andrej.Gessel@janztec.com>
* BUG 13374: CVE-2018-1140 Add NULL check for ldb_dn_get_casefold() in
ltdb_index_dn_attr().
#######################################
Reporting bugs & Development Discussion
#######################################
Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical IRC channel on irc.freenode.net.
If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored. All bug reports should
be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
database (https://bugzilla.samba.org/).
======================================================================
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
======================================================================
Release notes for older releases follow:
----------------------------------------
=============================
Release Notes for Samba 4.8.3
June 26, 2018
......@@ -84,8 +174,8 @@ database (https://bugzilla.samba.org/).
======================================================================
Release notes for older releases follow:
----------------------------------------
----------------------------------------------------------------------
=============================
Release Notes for Samba 4.8.2
......
......@@ -2,12 +2,12 @@
.\" Title: ctdb-etcd
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Date: 06/26/2018
.\" Date: 08/11/2018
.\" Manual: CTDB - clustered TDB database
.\" Source: ctdb
.\" Language: English
.\"
.TH "CTDB\-ETCD" "7" "06/26/2018" "ctdb" "CTDB \- clustered TDB database"
.TH "CTDB\-ETCD" "7" "08/11/2018" "ctdb" "CTDB \- clustered TDB database"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
......
......@@ -2,12 +2,12 @@
.\" Title: ctdb-statistics
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Date: 06/26/2018
.\" Date: 08/11/2018
.\" Manual: CTDB - clustered TDB database
.\" Source: ctdb
.\" Language: English
.\"
.TH "CTDB\-STATISTICS" "7" "06/26/2018" "ctdb" "CTDB \- clustered TDB database"
.TH "CTDB\-STATISTICS" "7" "08/11/2018" "ctdb" "CTDB \- clustered TDB database"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
......
......@@ -2,12 +2,12 @@
.\" Title: ctdb-tunables
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Date: 06/26/2018
.\" Date: 08/11/2018
.\" Manual: CTDB - clustered TDB database
.\" Source: ctdb
.\" Language: English
.\"
.TH "CTDB\-TUNABLES" "7" "06/26/2018" "ctdb" "CTDB \- clustered TDB database"
.TH "CTDB\-TUNABLES" "7" "08/11/2018" "ctdb" "CTDB \- clustered TDB database"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
......
......@@ -2,12 +2,12 @@
.\" Title: ctdb
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Date: 06/26/2018
.\" Date: 08/11/2018
.\" Manual: CTDB - clustered TDB database
.\" Source: ctdb
.\" Language: English
.\"
.TH "CTDB" "1" "06/26/2018" "ctdb" "CTDB \- clustered TDB database"
.TH "CTDB" "1" "08/11/2018" "ctdb" "CTDB \- clustered TDB database"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
......
......@@ -2,12 +2,12 @@
.\" Title: ctdb
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Date: 06/26/2018
.\" Date: 08/11/2018
.\" Manual: CTDB - clustered TDB database
.\" Source: ctdb
.\" Language: English
.\"
.TH "CTDB" "7" "06/26/2018" "ctdb" "CTDB \- clustered TDB database"
.TH "CTDB" "7" "08/11/2018" "ctdb" "CTDB \- clustered TDB database"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
......
......@@ -2,12 +2,12 @@
.\" Title: ctdb_diagnostics
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Date: 06/26/2018
.\" Date: 08/11/2018
.\" Manual: CTDB - clustered TDB database
.\" Source: ctdb
.\" Language: English
.\"
.TH "CTDB_DIAGNOSTICS" "1" "06/26/2018" "ctdb" "CTDB \- clustered TDB database"
.TH "CTDB_DIAGNOSTICS" "1" "08/11/2018" "ctdb" "CTDB \- clustered TDB database"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
......
......@@ -2,12 +2,12 @@
.\" Title: Ceph RADOS Mutex
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Date: 06/26/2018
.\" Date: 08/11/2018
.\" Manual: CTDB - clustered TDB database
.\" Source: ctdb
.\" Language: English
.\"
.TH "CEPH RADOS MUTEX" "7" "06/26/2018" "ctdb" "CTDB \- clustered TDB database"
.TH "CEPH RADOS MUTEX" "7" "08/11/2018" "ctdb" "CTDB \- clustered TDB database"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
......
......@@ -2,12 +2,12 @@
.\" Title: ctdbd
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Date: 06/26/2018
.\" Date: 08/11/2018
.\" Manual: CTDB - clustered TDB database
.\" Source: ctdb
.\" Language: English
.\"
.TH "CTDBD" "1" "06/26/2018" "ctdb" "CTDB \- clustered TDB database"
.TH "CTDBD" "1" "08/11/2018" "ctdb" "CTDB \- clustered TDB database"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
......
......@@ -2,12 +2,12 @@
.\" Title: ctdbd.conf
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Date: 06/26/2018
.\" Date: 08/11/2018
.\" Manual: CTDB - clustered TDB database
.\" Source: ctdb
.\" Language: English
.\"
.TH "CTDBD\&.CONF" "5" "06/26/2018" "ctdb" "CTDB \- clustered TDB database"
.TH "CTDBD\&.CONF" "5" "08/11/2018" "ctdb" "CTDB \- clustered TDB database"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
......
......@@ -2,12 +2,12 @@
.\" Title: ctdbd_wrapper
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Date: 06/26/2018
.\" Date: 08/11/2018
.\" Manual: CTDB - clustered TDB database
.\" Source: ctdb
.\" Language: English
.\"
.TH "CTDBD_WRAPPER" "1" "06/26/2018" "ctdb" "CTDB \- clustered TDB database"
.TH "CTDBD_WRAPPER" "1" "08/11/2018" "ctdb" "CTDB \- clustered TDB database"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
......
......@@ -2,12 +2,12 @@
.\" Title: ltdbtool
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Date: 06/26/2018
.\" Date: 08/11/2018
.\" Manual: CTDB - clustered TDB database
.\" Source: ctdb
.\" Language: English
.\"
.TH "LTDBTOOL" "1" "06/26/2018" "ctdb" "CTDB \- clustered TDB database"
.TH "LTDBTOOL" "1" "08/11/2018" "ctdb" "CTDB \- clustered TDB database"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
......
......@@ -2,12 +2,12 @@
.\" Title: onnode
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Date: 06/26/2018
.\" Date: 08/11/2018
.\" Manual: CTDB - clustered TDB database
.\" Source: ctdb
.\" Language: English
.\"
.TH "ONNODE" "1" "06/26/2018" "ctdb" "CTDB \- clustered TDB database"
.TH "ONNODE" "1" "08/11/2018" "ctdb" "CTDB \- clustered TDB database"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
......
......@@ -2,12 +2,12 @@
.\" Title: ping_pong
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Date: 06/26/2018
.\" Date: 08/11/2018
.\" Manual: CTDB - clustered TDB database
.\" Source: ctdb
.\" Language: English
.\"
.TH "PING_PONG" "1" "06/26/2018" "ctdb" "CTDB \- clustered TDB database"
.TH "PING_PONG" "1" "08/11/2018" "ctdb" "CTDB \- clustered TDB database"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
......
samba (2:4.8.3+dfsg-1) UNRELEASED; urgency=medium
samba (2:4.8.4+dfsg-1) unstable; urgency=high
[ Andreas Hasenack ]
* d/samba.logrotate: only try to reload the services if they are running
......@@ -6,12 +6,27 @@ samba (2:4.8.3+dfsg-1) UNRELEASED; urgency=medium
* Remove the deprecated "syslog" and "syslog only" options (Closes: #901138)
[ Mathieu Parent ]
* New upstream release
- Bump build-depends ldb >= 1.3.4
* New upstream security release
- CVE-2018-1139 Weak authentication protocol allowed
- CVE-2018-1140 Denial of Service Attack on DNS and LDAP server
- CVE-2018-10858 Insufficient input validation on client directory listing
in libsmbclient
- CVE-2018-10918 Denial of Service Attack on AD DC DRSUAPI server
- CVE-2018-10919 Confidential attribute disclosure from the AD LDAP server
- Urgency set to high
- Bump build-depends ldb >= 1.3.5 (actually 2:1.4.0+really1.3.5) for
CVE-2018-1140
* smb.conf: Remove "wins support" and "wins server" comments
* smb.conf: Improve "logging" comments
-- Mathieu Parent <sathieu@debian.org> Sun, 01 Jul 2018 14:43:08 +0200
* smb.conf: Remove "dns proxy = no", only usefull as a WINS server
* smb.conf: Propose better idmap config
* smb.conf: Remove "passdb backend = tdbsam" as this is the default
* smb.conf: Fix "usershare max shares" default (patched to 100 instead of 0)
* Standards-Version: 4.2.0
* Set Rules-Requires-Root: binary-targets as chmod is used
* Remove override_dh_strip target as dbgsym migration is complete
-- Mathieu Parent <sathieu@debian.org> Fri, 17 Aug 2018 16:30:18 +0200
samba (2:4.8.2+dfsg-2) unstable; urgency=medium
......
......@@ -8,7 +8,7 @@ Uploaders: Steve Langasek <vorlon@debian.org>,
Mathieu Parent <sathieu@debian.org>,
Andrew Bartlett <abartlet+debian@catalyst.net.nz>
Homepage: http://www.samba.org
Standards-Version: 4.1.4
Standards-Version: 4.2.0
Build-Depends: bison,
debhelper (>= 11),
dh-exec,
......@@ -33,7 +33,7 @@ Build-Depends: bison,
libgpgme11-dev,
libjansson-dev,
libldap2-dev,
libldb-dev (>= 2:1.3.4~),
libldb-dev (>= 2:1.4.0+really1.3.5~),
libncurses5-dev,
libpam0g-dev,
libparse-yapp-perl,
......@@ -49,8 +49,8 @@ Build-Depends: bison,
po-debconf,
python-all-dev (>= 2.6.6-3),
python-dnspython,
python-ldb (>= 2:1.3.4~),
python-ldb-dev (>= 2:1.3.4~),
python-ldb (>= 2:1.4.0+really1.3.5~),
python-ldb-dev (>= 2:1.4.0+really1.3.5~),
python-talloc-dev (>= 2.1.11~),
python-tdb (>= 1.3.15~),
python-testtools,
......@@ -58,6 +58,7 @@ Build-Depends: bison,
xfslibs-dev [linux-any],
xsltproc,
zlib1g-dev (>= 1:1.2.3)
Rules-Requires-Root: binary-targets
Vcs-Browser: https://salsa.debian.org/samba-team/samba
Vcs-Git: https://salsa.debian.org/samba-team/samba.git
......
......@@ -231,9 +231,6 @@ endif
override_dh_missing:
dh_missing --fail-missing
override_dh_strip:
dh_strip --dbgsym-migration='samba-dbg (<< 2:4.4.5+dfsg-3~)'
override_dh_makeshlibs:
# create symbols and shlibs files in separate wrapper script to deal with
# private libraries
......
......@@ -2,12 +2,12 @@
.\" Title: cifsdd
.\" Author: [see the "AUTHOR" section]
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Date: 06/26/2018
.\" Date: 08/11/2018
.\" Manual: System Administration tools
.\" Source: Samba 4.8.3
.\" Source: Samba 4.8.4
.\" Language: English
.\"
.TH "CIFSDD" "8" "06/26/2018" "Samba 4\&.8\&.3" "System Administration tools"
.TH "CIFSDD" "8" "08/11/2018" "Samba 4\&.8\&.4" "System Administration tools"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
......
......@@ -2,12 +2,12 @@
.\" Title: dbwrap_tool
.\" Author: [see the "AUTHOR" section]
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Date: 06/26/2018
.\" Date: 08/11/2018
.\" Manual: System Administration tools
.\" Source: Samba 4.8.3
.\" Source: Samba 4.8.4
.\" Language: English
.\"
.TH "DBWRAP_TOOL" "1" "06/26/2018" "Samba 4\&.8\&.3" "System Administration tools"
.TH "DBWRAP_TOOL" "1" "08/11/2018" "Samba 4\&.8\&.4" "System Administration tools"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
......@@ -301,7 +301,7 @@ dbwrap_tool
Use with caution!
.SH "VERSION"
.PP
This man page is part of version 4\&.8\&.3 of the Samba suite\&.
This man page is part of version 4\&.8\&.4 of the Samba suite\&.
.SH "SEE ALSO"
.PP
\fBsmbd\fR(8),
......