mirror of
https://github.com/samba-team/samba.git
synced 2025-03-10 12:58:35 +03:00
samba: tag release samba-4.17.12
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEgfXigyvSVFoYl7cTqplEL7aAtiAFAmUlDzgACgkQqplEL7aA tiASJQ//WxiQUbGR6gEZ4JHJHyU+KcUZp9McUdbFDqsvug+jotMUDP+sGGqYVtCV KN0LfJdqgrElAR+7Q25nJcYs/ra++cdNGgo+DO7vgRQgOBqOcZtaRs4pw/0n32Is RKgZPB26jkChKJupUauUlr8Gyg9mLJjac3UO5nIJ+MnlFJ/vWjaJ/mWnISRP3oeH 7Kl4oPV3ZH22cmK1xA9Bpnwn1UaNfaPDsmZ0urXtzEJ/qWnTJQ2HQNb1jMwlMNJk PCovqT74DkW1zCzwpu2TU9wcnM3+iobH2+wVsAfZtBtz9fUEhAUohpEvEqpc2mNx Q0q2+0n3tugvdAD+nkFSXmuOWwBK+7VEPMmWH9ATq/WofPTgJa9nj77notMEwq4A mUQLpdISsY1rWGh6p+N+yBmOTY8Wv+rb+E9iD7sbUWnGTPPFUVGQyDTkdPJqYtPV vsSJkrbs4XwuDX06eR3ZuB398Zcc/V2ZxmwYIhnJ67LtihfecKEN70z6+d6YRbdF hjp6JvQGgoYFtIS/KaRtWqpU1ybrmsbS0kqZm+jk5uBAT7dpF/KBHf4TYCNnqEFv U4ZDUg9wKULQIvSrDC7pTxMe/NB1B4eHIJX/8/yhNplTVeN2jdTcIjUfTKQBDsBS Mu5dDwF2p2n9Xbyyx/O/p54GhJoj7AOvk9EQJDaL3VbMkEfCYnA= =eRgP -----END PGP SIGNATURE----- Merge tag 'samba-4.17.12' into v4-17-stable samba: tag release samba-4.17.12
This commit is contained in:
Jule Anger
commit
1006203e49
2
VERSION
2
VERSION
@ -25,7 +25,7 @@
|
||||
########################################################
|
||||
SAMBA_VERSION_MAJOR=4
|
||||
SAMBA_VERSION_MINOR=17
|
||||
SAMBA_VERSION_RELEASE=11
|
||||
SAMBA_VERSION_RELEASE=12
|
||||
|
||||
########################################################
|
||||
# If a official release has a serious bug #
|
||||
|
||||
87
WHATSNEW.txt
87
WHATSNEW.txt
@ -1,3 +1,87 @@
|
||||
===============================
|
||||
Release Notes for Samba 4.17.12
|
||||
October 10, 2023
|
||||
===============================
|
||||
|
||||
|
||||
This is a security release in order to address the following defects:
|
||||
|
||||
|
||||
o CVE-2023-3961: Unsanitized pipe names allow SMB clients to connect as root to
|
||||
existing unix domain sockets on the file system.
|
||||
https://www.samba.org/samba/security/CVE-2023-3961.html
|
||||
|
||||
o CVE-2023-4091: SMB client can truncate files to 0 bytes by opening files with
|
||||
OVERWRITE disposition when using the acl_xattr Samba VFS
|
||||
module with the smb.conf setting
|
||||
"acl_xattr:ignore system acls = yes"
|
||||
https://www.samba.org/samba/security/CVE-2023-4091.html
|
||||
|
||||
o CVE-2023-4154: An RODC and a user with the GET_CHANGES right can view all
|
||||
attributes, including secrets and passwords. Additionally,
|
||||
the access check fails open on error conditions.
|
||||
https://www.samba.org/samba/security/CVE-2023-4154.html
|
||||
|
||||
o CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the
|
||||
server block for a user-defined amount of time, denying
|
||||
service.
|
||||
https://www.samba.org/samba/security/CVE-2023-42669.html
|
||||
|
||||
o CVE-2023-42670: Samba can be made to start multiple incompatible RPC
|
||||
listeners, disrupting service on the AD DC.
|
||||
https://www.samba.org/samba/security/CVE-2023-42670.html
|
||||
|
||||
|
||||
Changes since 4.17.11
|
||||
---------------------
|
||||
|
||||
o Jeremy Allison <jra@samba.org>
|
||||
* BUG 15422: CVE-2023-3961.
|
||||
|
||||
o Andrew Bartlett <abartlet@samba.org>
|
||||
* BUG 15424: CVE-2023-4154.
|
||||
* BUG 15473: CVE-2023-42670.
|
||||
* BUG 15474: CVE-2023-42669.
|
||||
|
||||
o Ralph Boehme <slow@samba.org>
|
||||
* BUG 15439: CVE-2023-4091.
|
||||
|
||||
o Christian Merten <christian@merten.dev>
|
||||
* BUG 15424: CVE-2023-4154.
|
||||
|
||||
o Stefan Metzmacher <metze@samba.org>
|
||||
* BUG 15424: CVE-2023-4154.
|
||||
|
||||
o Andreas Schneider <asn@samba.org>
|
||||
* BUG 15424: CVE-2023-4154.
|
||||
|
||||
o Joseph Sutton <josephsutton@catalyst.net.nz>
|
||||
* BUG 15424: CVE-2023-4154.
|
||||
|
||||
|
||||
#######################################
|
||||
Reporting bugs & Development Discussion
|
||||
#######################################
|
||||
|
||||
Please discuss this release on the samba-technical mailing list or by
|
||||
joining the #samba-technical:matrix.org matrix room, or
|
||||
#samba-technical IRC channel on irc.libera.chat.
|
||||
|
||||
If you do report problems then please try to send high quality
|
||||
feedback. If you don't provide vital information to help us track down
|
||||
the problem then you will probably be ignored. All bug reports should
|
||||
be filed under the Samba 4.1 and newer product in the project's Bugzilla
|
||||
database (https://bugzilla.samba.org/).
|
||||
|
||||
|
||||
======================================================================
|
||||
== Our Code, Our Bugs, Our Responsibility.
|
||||
== The Samba Team
|
||||
======================================================================
|
||||
|
||||
|
||||
Release notes for older releases follow:
|
||||
----------------------------------------
|
||||
===============================
|
||||
Release Notes for Samba 4.17.11
|
||||
September 07, 2023
|
||||
@ -85,8 +169,7 @@ database (https://bugzilla.samba.org/).
|
||||
======================================================================
|
||||
|
||||
|
||||
Release notes for older releases follow:
|
||||
----------------------------------------
|
||||
----------------------------------------------------------------------
|
||||
===============================
|
||||
Release Notes for Samba 4.17.10
|
||||
July 19, 2023
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user