=============================
Release Notes for Samba 4.9.3
November 27, 2018
=============================
This is a security release in order to address the following defects:
o CVE-2018-14629 (Unprivileged adding of CNAME record causing loop in AD
Internal DNS server)
o CVE-2018-16841 (Double-free in Samba AD DC KDC with PKINIT)
o CVE-2018-16851 (NULL pointer de-reference in Samba AD DC LDAP server)
o CVE-2018-16852 (NULL pointer de-reference in Samba AD DC DNS servers)
o CVE-2018-16853 (Samba AD DC S4U2Self crash in experimental MIT Kerberos
configuration (unsupported))
o CVE-2018-16857 (Bad password count in AD DC not always effective)
=======
Details
=======
o CVE-2018-14629:
All versions of Samba from 4.0.0 onwards are vulnerable to infinite
query recursion caused by CNAME loops. Any dns record can be added via
ldap by an unprivileged user using the ldbadd tool, so this is a
security issue.
o CVE-2018-16841:
When configured to accept smart-card authentication, Samba's KDC will call
talloc_free() twice on the same memory if the principal in a validly signed
certificate does not match the principal in the AS-REQ.
This is only possible after authentication with a trusted certificate.
talloc is robust against further corruption from a double-free with
talloc_free() and directly calls abort(), terminating the KDC process.
There is no further vulnerability associated with this issue, merely a
denial of service.
o CVE-2018-16851:
During the processing of an LDAP search before Samba's AD DC returns
the LDAP entries to the client, the entries are cached in a single
memory object with a maximum size of 256MB. When this size is
reached, the Samba process providing the LDAP service will follow the
NULL pointer, terminating the process.
There is no further vulnerability associated with this issue, merely a
denial of service.
o CVE-2018-16852:
During the processing of an DNS zone in the DNS management DCE/RPC server,
the internal DNS server or the Samba DLZ plugin for BIND9, if the
DSPROPERTY_ZONE_MASTER_SERVERS property or DSPROPERTY_ZONE_SCAVENGING_SERVERS
property is set, the server will follow a NULL pointer and terminate.
There is no further vulnerability associated with this issue, merely a
denial of service.
o CVE-2018-16853:
A user in a Samba AD domain can crash the KDC when Samba is built in the
non-default MIT Kerberos configuration.
With this advisory we clarify that the MIT Kerberos build of the Samba
AD DC is considered experimental. Therefore the Samba Team will not
issue security patches for this configuration.
o CVE-2018-16857:
AD DC Configurations watching for bad passwords (to restrict brute forcing
of passwords) in a window of more than 3 minutes may not watch for bad
passwords at all.
For more details and workarounds, please refer to the security advisories.
Performing substitutions during post-patch breaks tools such as mkpatches,
making it very difficult to regenerate correct patches after making changes,
and often leading to substituted string replacements being committed.
I'd like to install net/samba4 and net/freeradius on the same server.
But devel/talloc on which net/freeradius depends conflicts bundled talloc
library used in net/samba.
net/samba also should use devel/talloc package.
Bump PKGREVISION.
This should be the last part of the renaming operation for print/cups to
print/cups-base.
Rationale: packages depending on CUPS but not relying on a functional
printing setup only need to depend on print/cups-base (equivalent to the
former print/cups). The new print/cups now depends on print/cups-base
and on print/cups-filters, thus directly providing a functional printing
setup. This bump reflects this change of dependency.
As discussed on tech-pkg@
This is with the notable exception of meta-pkgs/desktop-gnome, which I
believe implies a fully functional cups.
This is still missing revision bumps - I'll be right there (first time I
am doing this on so many packages at a time).
As discussed on tech-pkg@
=============================
Release Notes for Samba 4.6.8
September 20, 2017
=============================
This is a security release in order to address the following defects:
o CVE-2017-12150 (SMB1/2/3 connections may not require signing where they
should)
o CVE-2017-12151 (SMB3 connections don't keep encryption across DFS redirects)
o CVE-2017-12163 (Server memory information leak over SMB1)
=======
Details
=======
o CVE-2017-12150:
A man in the middle attack may hijack client connections.
o CVE-2017-12151:
A man in the middle attack can read and may alter confidential
documents transferred via a client connection, which are reached
via DFS redirect when the original connection used SMB3.
o CVE-2017-12163:
Client with write access to a share can cause server memory contents to be
written into a file or printer.
For more details and workarounds, please see the security advisories:
o https://www.samba.org/samba/security/CVE-2017-12150.html
o https://www.samba.org/samba/security/CVE-2017-12151.html
o https://www.samba.org/samba/security/CVE-2017-12163.html
Changes since 4.6.7:
--------------------
o Jeremy Allison <jra@samba.org>
* BUG 12836: s3: smbd: Fix a read after free if a chained SMB1 call goes
async.
* BUG 13020: CVE-2017-12163: s3:smbd: Prevent client short SMB1 write from
writing server memory to file.
o Ralph Boehme <slow@samba.org>
* BUG 12885: s3/smbd: Let non_widelink_open() chdir() to directories
directly.
o Stefan Metzmacher <metze@samba.org>
* BUG 12996: CVE-2017-12151: Keep required encryption across SMB3 dfs
redirects.
* BUG 12997: CVE-2017-12150: Some code path don't enforce smb signing
when they should.
4.6.7 (2017/08/09): the latest stable release of the Samba 4.6 release series.
Changes since 4.6.6
---------------------
o Jeremy Allison <jra@samba.org>
* BUG 12836: s3: smbd: Fix a read after free if a chained SMB1 call goes async.
o Andrew Bartlett <abartlet@samba.org>
* BUG 11392: s4-cldap/netlogon: Match Windows 2012R2 and return
NETLOGON_NT_VERSION_5 when version unspecified.
o Ralph Boehme <slow@samba.org>
* BUG 12885: s3/smbd: Let non_widelink_open() chdir() to directories directly.
* BUG 12910: s3/notifyd: Ensure notifyd doesn't return from
smbd_notifyd_init.
o Günther Deschner <gd@samba.org>
* BUG 12840: vfs_fruit: Add fruit:model = <modelname> parametric option.
o David Disseldorp <ddiss@samba.org>
* BUG 12911: vfs_ceph: Fix cephwrap_chdir().
o Dustin L. Howett
* BUG 12720: idmap_ad: Retry query_user exactly once if we get
TLDAP_SERVER_DOWN.
o Thomas Jarosch <thomas.jarosch@intra2net.com>
* BUG 12927: s3: libsmb: Fix use-after-free when accessing pointer *p.
o Volker Lendecke <vl@samba.org>
* BUG 12925: smbd: Fix a connection run-down race condition.
o Stefan Metzmacher <metze@samba.org>
* BUG 12782: winbindd changes the local password and gets
NT_STATUS_WRONG_PASSWORD for the remote change.
* BUG 12890: s3:smbd: consistently use talloc_tos() memory for
rpc_pipe_open_interface().
o Noel Power <noel.power@suse.com>
* BUG 12937: smbcacls: Don't fail against a directory on Windows using SMB2.
o Arvid Requate <requate@univention.de>
* BUG 11392: s4-dsdb/netlogon: Allow missing ntver in cldap ping.
o Garming Sam <garming@catalyst.net.nz>
* BUG 12813: dnsserver: Stop dns_name_equal doing OOB read.
o Andreas Schneider <asn@samba.org>
* BUG 12886: s3:client: The smbspool krb5 wrapper needs negotiate for
authentication.
o Martin Schwenke <martin@meltin.net>
* BUG 12898: ctdb-common: Set close-on-exec when creating PID file.
4.6.6 (2017/07/12): security release in order to address the following defect:
o CVE-2017-11103 (Orpheus' Lyre mutual authentication validation bypass)
Changes since 4.6.5:
---------------------
o Jeffrey Altman <jaltman@secure-endpoints.com>
* BUG 12894: CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation
4.6.5 (2017/06/06): the latest stable release of the Samba 4.6 release series.
Changes since 4.6.4:
---------------------
o Jeremy Allison <jra@samba.org>
* BUG 12804: s3: VFS: Catia: Ensure path name is also converted.
o Christian Ambach <ambi@samba.org>
* BUG 12765: s3:smbcacls add prompt for password.
o Ralph Boehme <slow@samba.org>
* BUG 12562: vfs_acl_xattr|tdb: Ensure create mask is at least 0666 if
ignore_system_acls is set.
* BUG 12702: Wrong sid->uid mapping for SIDs residing in sIDHistory.
* BUG 12749: vfs_fruit: lp_case_sensitive() does not return a bool.
* BUG 12766: s3/smbd: Update exclusive oplock optimisation to the lease area.
* BUG 12798: s3/smbd: Fix exclusive lease optimisation.
o Alexander Bokovoy <ab@samba.org>
* BUG 12751: Allow passing trusted domain password as plain-text to PASSDB
layer.
* BUG 12764: systemd: Fix detection of libsystemd.
o Amitay Isaacs <amitay@gmail.com>
* BUG 12697: ctdb-readonly: Avoid a tight loop waiting for revoke to
complete.
* BUG 12770: ctdb-logging: Initialize DEBUGLEVEL before changing the value.
o Shilpa Krishnareddy <skrishnareddy@panzura.com>
* BUG 12756: notify: Fix ordering of events in notifyd.
o Volker Lendecke <vl@samba.org>
* BUG 12757: idmap_rfc2307: Lookup of more than two SIDs fails.
o Stefan Metzmacher <metze@samba.org>
* BUG 12767: samba-tool: Let 'samba-tool user syncpasswords' report deletions
immediately.
o Doug Nazar <nazard@nazar.ca>
* BUG 12760: s3: smbd: inotify_map_mask_to_filter incorrectly indexes an
array.
o Andreas Schneider <asn@samba.org>
* BUG 12687: vfs_expand_msdfs tries to open the remote address as a file
path.
o Martin Schwenke <martin@meltin.net>
* BUG 12802: 'ctdb nodestatus' incorrectly displays status for all nodes with
wrong exit code.
* BUG 12814: ctdb-common: Fix crash in logging initialisation.
Pkgsrc changes:
* Adapt PLIST, new .so installed.
Upstream changes:
Changes since 4.6.3:
---------------------
o Volker Lendecke <vl@samba.org>
* BUG 12780: CVE-2017-7494: Avoid remote code execution from a writable
share.
Changes since 4.6.2:
--------------------
o Michael Adam <obnox@samba.org>
* BUG 12743: s3:vfs:shadow_copy2: vfs_shadow_copy2 fails to list snapshots
from shares with GlusterFS backend.
o Jeremy Allison <jra@samba.org>
* BUG 12559: Fix for Solaris C compiler.
* BUG 12628: s3: locking: Update oplock optimization for the leases era.
* BUG 12693: Make the Solaris C compiler happy.
* BUG 12695: s3: libgpo: Allow skipping GPO objects that don't have the
expected LDAP attributes.
* BUG 12747: Fix buffer overflow caused by wrong use of getgroups.
o Hanno Boeck <hanno@hboeck.de>
* BUG 12746: lib: debug: Avoid negative array access.
* BUG 12748: cleanupdb: Fix a memory read error.
o Ralph Boehme <slow@samba.org>
* BUG 7537: streams_xattr and kernel oplocks results in
NT_STATUS_NETWORK_BUSY.
* BUG 11961: winbindd: idmap_autorid allocates ids for unknown SIDs from
other backends.
* BUG 12565: vfs_fruit: Resource fork open request with
flags=O_CREAT|O_RDONLY.
* BUG 12615: manpages/vfs_fruit: Document global options.
* BUG 12624: lib/pthreadpool: Fix a memory leak.
* BUG 12727: Lookup-domain for well-known SIDs on a DC.
* BUG 12728: winbindd: Fix error handling in rpc_lookup_sids().
* BUG 12729: winbindd: Trigger possible passdb_dsdb initialisation.
o Alexander Bokovoy <ab@samba.org>
* BUG 12611: credentials_krb5: use gss_acquire_cred for client-side GSSAPI
use case.
* BUG 12690: lib/crypto: Implement samba.crypto Python module for RC4.
o Amitay Isaacs <amitay@gmail.com>
* BUG 12697: ctdb-readonly: Avoid a tight loop waiting for revoke to
complete.
* BUG 12723: ctdb_event monitor command crashes if event is not specified.
* BUG 12733: ctdb-docs: Fix documentation of "-n" option to 'ctdb tool'.
o Volker Lendecke <vl@samba.org>
* BUG 12558: smbd: Fix smb1 findfirst with DFS.
* BUG 12610: smbd: Do an early exit on negprot failure.
* BUG 12699: winbindd: Fix substitution for 'template homedir'.
o Stefan Metzmacher <metze@samba.org>
* BUG 12554: s4:kdc: Disable principal based autodetected referral detection.
* BUG 12613: idmap_autorid: Allocate new domain range if the callers knows
the sid is valid.
* BUG 12724: LINKFLAGS_PYEMBED should not contain -L/some/path.
* BUG 12725: PAM auth with WBFLAG_PAM_GET_PWD_POLICY returns wrong policy for
trusted domain.
* BUG 12731: rpcclient: Allow -U'OTHERDOMAIN\user' again.
o Christof Schmitt <cs@samba.org>
* BUG 12725: winbindd: Fix password policy for pam authentication.
o Andreas Schneider <asn@samba.org>
* BUG 12554: s3:gse: Correctly handle external trusts with MIT.
* BUG 12611: auth/credentials: Always set the realm if we set the principal
from the ccache.
* BUG 12686: replace: Include sysmacros.h.
* BUG 12687: s3:vfs_expand_msdfs: Do not open the remote address as a file.
* BUG 12704: s3:libsmb: Only print error message if kerberos use is forced.
* BUG 12708: winbindd: Child process crashes when kerberos-authenticating
a user with wrong password.
o Uri Simchoni <uri@samba.org>
* BUG 12715: vfs_fruit: Office document opens as read-only on macOS due to
CNID semantics.
* BUG 12737: vfs_acl_xattr: Fix failure to get ACL on Linux if memory is
fragmented.
* Use internal heimdal
Changelog:
Changes since 4.6.1:
--------------------
o Jeremy Allison <jra@samba.org>
* BUG 12721: Fix regression with "follow symlinks = no".
Changes since 4.6.0:
--------------------
o Jeremy Allison <jra@samba.org>
* BUG 12496: CVE-2017-2619: Symlink race permits opening files outside share
directory.
o Ralph Boehme <slow@samba.org>
* BUG 12496: CVE-2017-2619: Symlink race permits opening files outside share
directory.
CHANGES SINCE 4.6.0rc4
======================
o Jeremy Allison <jra@samba.org>
* BUG 12592: Fix several issues found by covscan.
* BUG 12608: s3: smbd: Restart reading the incoming SMB2 fd when the send
queue is drained.
o Ralph Boehme <slow@samba.org>
* BUG 12427: vfs_fruit doesn't work with fruit:metadata=stream.
* BUG 12526: vfs_fruit: Only veto AppleDouble files if "fruit:resource" is
set to "file".
* BUG 12604: vfs_fruit: Enabling AAPL extensions must be a global switch.
o Volker Lendecke <vl@samba.org>
* BUG 12612: Re-enable token groups fallback.
o Stefan Metzmacher <metze@samba.org>
* BUG 9048: Samba4 ldap error codes.
* BUG 12557: gensec:spnego: Add debug message for the failed principal.
* BUG 12605: s3:winbindd: Fix endless forest trust scan.
* BUG 12612: winbindd: Find the domain based on the sid within
wb_lookupusergroups_send().
o Andreas Schneider <asn@samba.org>
* BUG 12557: s3:librpc: Handle gss_min in gse_get_client_auth_token()
correctly.
* BUG 12582: idmap_hash: Add a deprecation message, improve the idmap_hash
manpage.
* BUG 12592: Fix several issues found by covscan.
o Martin Schwenke <martin@meltin.net>
* BUG 12592: ctdb-logging: CID 1396883 Dereference null return value
(NULL_RETURNS).
CHANGES SINCE 4.6.0rc3
======================
o Jeremy Allison <jra@samba.org>
* BUG 12545: s3: rpc_server/mdssvc: Add attribute "kMDItemContentType".
* BUG 12572: s3: smbd: Don't loop infinitely on bad-symlink resolution.
o Ralph Boehme <slow@samba.org>
* BUG 12490: vfs_fruit: Correct Netatalk metadata xattr on FreeBSD.
* BUG 12536: s3/smbd: Check for invalid access_mask
smbd_calculate_access_mask().
* BUG 12591: vfs_streams_xattr: use fsp, not base_fsp.
o Amitay Isaacs <amitay@gmail.com>
* BUG 12580: ctdb-common: Fix use-after-free error in comm_fd_handler().
* BUG 12595: build: Fix generation of CTDB manpages while creating tarball.
o Bryan Mason <bmason@redhat.com>
* BUG 12575: Modify smbspool_krb5_wrapper to just fall through to smbspool if
AUTH_INFO_REQUIRED is not set or is not "negotiate".
o Stefan Metzmacher <metze@samba.org>
* BUG 11830: s3:winbindd: Try a NETLOGON connection with noauth over NCACN_NP
against trusted domains.
* BUG 12262: 'net ads testjoin' and smb access fails after winbindd changed the
trust password.
* BUG 12585: librpc/rpc: fix regression in
NT_STATUS_RPC_ENUM_VALUE_OUT_OF_RANGE error mapping.
* BUG 12586: netlogon_creds_cli_LogonSamLogon doesn't work without
netr_LogonSamLogonEx.
* BUG 12587: winbindd child segfaults on connect to an NT4 domain.
* BUG 12588: s3:winbindd: Make sure cm_prepare_connection() only returns OK
with a valid tree connect.
* BUG 12598: winbindd (as member) requires kerberos against trusted ad domain,
while it shouldn't.
* BUG 12601: Backport pytalloc_GenericObject_reference() related changes to
4.6.
o Garming Sam <garming@catalyst.net.nz>
* BUG 12600: dbchecker: Stop ignoring linked cases where both objects are
alive.
o Andreas Schneider <asn@samba.org>
* BUG 12571: s3-vfs: Only walk the directory once in open_and_sort_dir().
o Martin Schwenke <martin@meltin.net>
* BUG 12589: CTDB statd-callout does not cause grace period when
CTDB_NFS_CALLOUT="".
* BUG 12595: ctdb-build: Fix RPM build.
CHANGES SINCE 4.6.0rc2
======================
o Jeremy Allison <jra@samba.org>
* BUG 12499: s3: vfs: dirsort doesn't handle opendir of "." correctly.
* BUG 12546: s3: VFS: vfs_streams_xattr.c: Make streams_xattr_open() store
the same path as streams_xattr_recheck().
* BUG 12531: Make vfs_shadow_copy2 cope with server changing directories.
o Andrew Bartlett <abartlet@samba.org>
* BUG 12543: samba-tool: Correct handling of default value for use_ntvfs and
use_xattrs.
* BUG 12573: Samba < 4.7 does not know about compatibleFeatures and
requiredFeatures.
* BUG 12577: 'samba-tool dbcheck' gives errors on one-way links after a
rename.
o Ralph Boehme <slow@samba.org>
* BUG 12184: s3/rpc_server: Shared rpc modules loading.
* BUG 12520: Ensure global "smb encrypt = off" is effective.
* BUG 12524: s3/rpc_server: Move rpc_modules.c to its own subsystem.
* BUG 12541: vfs_fruit: checks wrong AAPL config state and so always uses
readdirattr.
o Volker Lendecke <vl@samba.org>
* BUG 12551: smbd: Fix "map acl inherit" = yes.
o Stefan Metzmacher <metze@samba.org>
* BUG 12398: Replication with DRSUAPI_DRS_CRITICAL_ONLY and
DRSUAPI_DRS_GET_ANC results in WERR_DS_DRA_MISSING_PARENT S
* BUG 12540: s3:smbd: allow "server min protocol = SMB3_00" to go via "SMB
2.???" negprot.
o John Mulligan <jmulligan@nasuni.com>
* BUG 12542: docs: Improve description of "unix_primary_group" parameter in
idmap_ad manpage.
o Andreas Schneider <asn@samba.org>
* BUG 12552: waf: Do not install the unit test binary for krb5samba.
o Amitay Isaacs <amitay@gmail.com>
* BUG 12547: ctdb-build: Install CTDB tests correctly from toplevel.
* BUG 12549: ctdb-common: ioctl(.. FIONREAD ..) returns an int value.
o Garming Sam <garming@catalyst.net.nz>
* BUG 12577: 'samba-tool dbcheck' gives errors on one-way links after a
rename.
o Uri Simchoni <uri@samba.org>
* BUG 12529: waf: Backport finding of pkg-config.
CHANGES SINCE 4.6.0rc1
======================
o Amitay Isaacs <amitay@gmail.com>
* BUG 12469: CTDB lock helper getting stuck trying to lock a record.
* BUG 12500: ctdb-common: Fix a bug in packet reading code for generic socket
I/O.
* BUG 12510: sock_daemon_test 4 crashes with SEGV.
* BUG 12513: ctdb-daemon: Remove stale eventd socket.
o Björn Jacke <bj@sernet.de>
* BUG 12535: vfs_default: Unlock the right file in copy chunk.
o Volker Lendecke <vl@samba.org>
* BUG 12509: messaging: Fix dead but not cleaned-up-yet destination sockets.
* BUG 12538: Backport winbind fixes.
o Stefan Metzmacher <metze@samba.org>
* BUG 12501: s3:winbindd: talloc_steal the extra_data in
winbindd_list_users_recv().
o Martin Schwenke <martin@meltin.net>
* BUG 12511: ctdb-takeover: Handle case where there are no RELEASE_IPs to
send.
* BUG 12512: ctdb-scripts: Fix remaining uses of "ctdb gratiousarp".
* BUG 12516: ctdb-scripts: /etc/iproute2/rt_tables gets populated with multiple
'default' entries.
of the pam_smbpass/samples directory regardless of shell and locale
(in particular when LC_COLLATE is not "C" and for example LANG=fr_FR.UTF-8).
Thanks to jnemeth@ for pointing this one out.
CVE-2016-2119.
Changes from 4.3.9 to 4.3.10 are too many to write here, please refer
WHATSNEW.txt file.
==============================
Release Notes for Samba 4.3.11
July 07, 2016
==============================
This is a security release in order to address the following defect:
o CVE-2016-2119 (Client side SMB2/3 required signing can be downgraded)
=======
Details
=======
o CVE-2016-2119:
It's possible for an attacker to downgrade the required signing for
an SMB2/3 client connection, by injecting the SMB2_SESSION_FLAG_IS_GUEST
or SMB2_SESSION_FLAG_IS_NULL flags.
This means that the attacker can impersonate a server being connected to by
Samba, and return malicious results.
The primary concern is with winbindd, as it uses DCERPC over SMB2 when talking
to domain controllers as a member server, and trusted domains as a domain
controller. These DCE/RPC connections were intended to protected by the
combination of "client ipc signing" and
"client ipc max protocol" in their effective default settings
("mandatory" and "SMB3_11").
Additionally, management tools like net, samba-tool and rpcclient use DCERPC
over SMB2/3 connections.
By default, other tools in Samba are unprotected, but rarely they are
configured to use smb signing, via the "client signing" parameter (the default
is "if_required"). Even more rarely the "client max protocol" is set to SMB2,
rather than the NT1 default.
If both these conditions are met, then this issue would also apply to these
other tools, including command line tools like smbcacls, smbcquota, smbclient,
smbget and applications using libsmbclient.
Changes since 4.3.10:
--------------------
o Stefan Metzmacher <metze@samba.org>
* BUG 11860: CVE-2016-2119: Fix client side SMB2 signing downgrade.
* BUG 11948: Total dcerpc response payload more than 0x400000.
#######################################
Reporting bugs & Development Discussion
#######################################
Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical IRC channel on irc.freenode.net.
If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored. All bug reports should
be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
database (https://bugzilla.samba.org/).
This release fixes some regressions introduced by the last security fixes.
Please see bug https://bugzilla.samba.org/show_bug.cgi?id=11849 for a list of
bugs addressing these regressions and more information.
Changes since 4.3.8:
--------------------
o Jeremy Allison <jra@samba.org>
* BUG 11742: lib: tevent: Fix memory leak when old signal action restored.
* BUG 11771: lib: tevent: Fix memory leak when old signal action restored.
* BUG 11822: s3: libsmb: Fix error where short name length was read as 2
bytes, should be 1.
o Andrew Bartlett <abartlet@samba.org>
* BUG 11780: smbd: Only check dev/inode in open_directory, not the full
stat().
* BUG 11789: pydsdb: Fix returning of ldb.MessageElement.
o Berend De Schouwer <berend.de.schouwer@gmail.com>
* BUG 11643: docs: Add example for domain logins to smbspool man page.
o Günther Deschner <gd@samba.org>
* BUG 11789: libsmb/pysmb: Add pytalloc-util dependency to fix the build.
o Alberto Maria Fiaschi <alberto.fiaschi@estar.toscana.it>
* BUG 8093: access based share enum: Handle permission set in configuration
files.
o Volker Lendecke <vl@samba.org>
* BUG 11816: nwrap: Fix the build on Solaris.
* BUG 11827: vfs_catia: Fix memleak.
* BUG 11878: smbd: Avoid large reads beyond EOF.
o Stefan Metzmacher <metze@samba.org>
* BUG 11622: libcli/smb: Make sure we have a body size of 0x31 before
dereferencing an ioctl response.
* BUG 11623: libcli/smb: Fix BUFFER_OVERFLOW handling in tstream_smbXcli_np.
* BUG 11755: s3:libads: Setup the msDS-SupportedEncryptionTypes attribute on
ldap_add.
* BUG 11771: tevent: Version 0.9.28. Fix memory leak when old signal action
restored.
* BUG 11782: s3:winbindd: Don't include two '\0' at the end of the domain
list.
* BUG 11789: s3:wscript: pylibsmb depends on pycredentials.
* BUG 11841: Fix NT_STATUS_ACCESS_DENIED when accessing Windows public share.
* BUG 11847: Only validate MIC if "map to guest" is not being used.
* BUG 11849: auth/ntlmssp: Add ntlmssp_{client,server}:force_old_spnego
option for testing.
* BUG 11850: NetAPP SMB servers don't negotiate NTLMSSP_SIGN.
* BUG 11858: Allow anonymous smb connections.
* BUG 11870: Fix ads_sasl_spnego_gensec_bind(KRB5).
* BUG 11872: Fix 'wbinfo -u' and 'net ads search'.
o Noel Power <noel.power@suse.com>
* BUG 11738: libcli: Fix debug message, print sid string for new_ace trustee.
o Garming Sam <garming@catalyst.net.nz>
* BUG 11789: build: Mark explicit dependencies on pytalloc-util.
o Partha Sarathi <partha@exablox.com>
* BUG 11819: Fix the smb2_setinfo to handle FS info types and FSQUOTA
infolevel.
o Jorge Schrauwen <sjorge@blackdot.be>
* BUG 11816: configure: Don't check for inotify on illumos.
o Uri Simchoni <uri@samba.org>
* BUG 11691: winbindd: Return trust parameters when listing trusts.
* BUG 11753: smbd: Ignore SVHDX create context.
* BUG 11763: passdb: Add linefeed to debug message.
* BUG 11788: build: Fix disk-free quota support on Solaris 10.
* BUG 11798: build: Fix build when '--without-quota' specified.
* BUG 11806: vfs_acl_common: Avoid setting POSIX ACLs if "ignore system acls"
is set.
* BUG 11852: libads: Record session expiry for spnego sasl binds.
o Hemanth Thummala <hemanth.thummala@nutanix.com>
* BUG 11740: Real memory leak(buildup) issue in loadparm.
* BUG 11840: Mask general purpose signals for notifyd.
This fixes the Badlock bug (CVE-2016-2118) and others vulnerabilities:
o CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)
o CVE-2016-2115 (SMB IPC traffic is not integrity protected)
o CVE-2016-2114 ("server signing = mandatory" not enforced)
o CVE-2016-2113 (Missing TLS certificate validation)
o CVE-2016-2112 (LDAP client and server don't enforce integrity)
o CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
o CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
o CVE-2015-7560 (Incorrect ACL get/set allowed on symlink path)
o CVE-2016-0771 (Out-of-bounds read in internal DNS server)
o CVE-2015-5370 (Multiple errors in DCE-RPC code)
