samba-mirror

mirror of https://github.com/samba-team/samba.git synced 2025-01-06 13:18:07 +03:00

History

Andrew Bartlett 07f9a85a16 CVE-2020-25722 Ensure the structural objectclass cannot be changed If the structural objectclass is allowed to change, then the restrictions locking an object to remaining a user or computer will not be enforcable. Likewise other LDAP inheritance rules, which allow only certain child objects can be bypassed, which can in turn allow creation of (unprivileged) users where only DNS objects were expected. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14753 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14889 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>		2021-11-08 10:46:45 +01:00
..
auth	CVE-2020-25718 kdc: Confirm the RODC was allowed to issue a particular ticket	2021-11-08 10:46:45 +01:00
build/pasn1
cldap_server	s4: rename source4/smbd/ to source4/samba/	2020-11-27 10:07:18 +00:00
client	lib/util: remove extra safe_string.h file	2020-08-28 02:18:40 +00:00
cluster	dbwrap: Remove calls to loadparm	2018-04-24 01:53:19 +02:00
dns_server	dns_update.c: handle DNS_QTYPE_ALL	2020-12-19 18:20:30 +00:00
dsdb	CVE-2020-25722 Ensure the structural objectclass cannot be changed	2021-11-08 10:46:45 +01:00
echo_server	s4: rename source4/smbd/ to source4/samba/	2020-11-27 10:07:18 +00:00
heimdal	CVE-2020-25719 kdc: Avoid races and multiple DB lookups in s4u2self check	2021-11-08 10:46:45 +01:00
heimdal_build	kdc: sign ticket using Windows PAC	2021-10-26 12:00:27 +00:00
include	lib: Remove global xfile.h includes	2016-11-20 06:23:19 +01:00
kdc	CVE-2020-25721 auth: Fill in the new HAS_SAM_NAME_AND_SID values	2021-11-08 10:46:45 +01:00
ldap_server	s4: rename source4/smbd/ to source4/samba/	2020-11-27 10:07:18 +00:00
lib	auth:creds: Rename CRED_USE_KERBEROS values	2020-11-03 15:25:37 +00:00
libcli	smb: rename NTCREATEX_OPTIONS_PRIVATE_DENY_FCB to NTCREATEX_FLAG_DENY_FCB	2020-10-23 17:44:33 +00:00
libnet	s4:libnet:py_net - free event context in dealloc fn	2020-11-06 04:58:31 +00:00
librpc	CVE-2020-25721 ndrdump: Add tests for PAC with UPN_DNS_INFO	2021-11-08 10:46:43 +01:00
nbt_server	s4: rename source4/smbd/ to source4/samba/	2020-11-27 10:07:18 +00:00
ntp_signd	s4: rename source4/smbd/ to source4/samba/	2020-11-27 10:07:18 +00:00
ntvfs	python: Ensure reference counts are properly incremented	2021-09-16 06:50:11 +00:00
param	s4:param: Add 'weak crypto' getter to pyparam	2020-10-29 14:19:36 +00:00
rpc_server	CVE-2020-25718 kdc: Confirm the RODC was allowed to issue a particular ticket	2021-11-08 10:46:45 +01:00
samba	Happy New Year 2021!	2021-01-01 11:56:23 +00:00
script	PY3: change shebang to python3 in source4/dsdb dir	2018-12-14 14:40:20 +01:00
scripting	gpo: Apply Group Policy Sudo Rights from VGP	2020-12-19 08:11:50 +00:00
selftest	CVE-2020-25719 tests/krb5: Add EXPECT_PAC environment variable to expect pac from all TGS tickets	2021-11-08 10:46:44 +01:00
setup	CVE-2020-25722 blackbox/upgrades tests: ignore SPN for ldapcmp	2021-11-08 10:46:44 +01:00
smb_server	CVE-2020-25717: s4:smb_server: start with authoritative = 1	2021-11-08 10:46:43 +01:00
torture	CVE-2020-25719 s4/torture: Expect additional PAC buffers	2021-11-08 10:46:44 +01:00
utils	lib/util: remove extra safe_string.h file	2020-08-28 02:18:40 +00:00
winbind	s4: rename source4/smbd/ to source4/samba/	2020-11-27 10:07:18 +00:00
wrepl_server	s4: rename source4/smbd/ to source4/samba/	2020-11-27 10:07:18 +00:00
.clang_complete
.valgrind_suppressions
wscript_build