ELSA-2018-1860

Описание

[3.6.23-51.0.1]

• Remove use-after-free talloc_tos() inlined function problem (John Haxby) [orabug 18253258]

[3.6.24-51]

• resolves: #1513877 - Fix memory leak in winbind

[3.6.24-50]

• resolves: #1553018 - Fix CVE-2018-1050

[3.6.24-49]

• resolves: #1536053 - Fix regression with non-wide symlinks to directories

[3.6.24-48]

• resolves: #1519884 - Fix segfault in winbind when querying groups

[3.6.24-47]

• resolves: #1413484 - Fix guest login with signing required

[3.6.24-46]

• resolves: #1509455 - Fix regression of CVE-2017-2619

[3.6.24-45]

• resolves: #1491211 - CVE-2017-2619 CVE-2017-12150 CVE-2017-12163

[3.6.24-44]

• resolves: #1451105 - Fix trusted domain handling in winbind
• resolves: #1431000 - Fix crash while trying to authenticate with a disabled account
• resolves: #1467395 - Add 'winbind request timeout' option

[3.6.23-43]

• resolves: #1450783 - Fix CVE-2017-7494

[3.6.23-42]

• resolves: #1391256 - Performance issues with vfs_dirsort and extended attributes

[3.6.23-41]

• resolves: #1413672 - Auth regression after secret changed

[3.6.23-40]

• resolves: #1405356 - CVE-2016-2125 CVE-2016-2126

[3.6.23-39]

• resolves: #1297805 - Fix issues with printer unpublishing from AD

[3.6.23-38]

• resolves: #1347843 - Fix RPC queryUserList returning NO_MEMORY for empty list

[3.6.23-37]

• resolves: #1380151 - Fix memory leak in idmap_ad module
• resolves: #1333561 - Fix smbclient connection issues to DFS shares
• resolves: #1372611 - Allow ntlmsssp session key setup without signing (Workaround for broken NetApp and EMC NAS)

[3.6.23-35]

• resolves: #1282289 - Fix winbind memory leak with each cached creds login

[3.6.23-34]

• resolves: #1327697 - Fix netlogon credential checks
• resolves: #1327746 - Fix dcerpc trailer verificaton

[3.6.23-33]

• related: #1322687 - Update CVE patchset

[3.6.23-32]

• related: #1322687 - Update manpages

[3.6.23-31]

• related: #1322687 - Update CVE patchset

[3.6.23-30]

• related: #1322687 - Update CVE patchset

[3.6.23-29]

• resolves: #1322687 - Fix CVE-2015-5370
• resolves: #1322687 - Fix CVE-2016-2110
• resolves: #1322687 - Fix CVE-2016-2111
• resolves: #1322687 - Fix CVE-2016-2112
• resolves: #1322687 - Fix CVE-2016-2115
• resolves: #1322687 - Fix CVE-2016-2118 (Known as Badlock)

[3.6.23-28]

• resolves: #1305870 - Fix symlink verification

[3.6.23-27]

• resolves: #1314671 - Fix CVE-2015-7560

[3.6.23-26]

• resolves: #1211744 - Fix DFS client access with Windows Server 2008

[3.6.23-25]

• resolves: #1242614 - Fix unmappable S-1-18-1 sid truncates group lookups

[3.6.23-24]

• resolves: #1271763 - Fix segfault in NTLMv2_generate_names_blob()
• resolves: #1261265 - Add '--no-dns-updates' option for 'net ads join'

[3.6.23-23]

• resolves: #1290707 - CVE-2015-5299
• related: #1290707 - CVE-2015-5296
• related: #1290707 - CVE-2015-5252
• related: #1290707 - CVE-2015-5330

[3.6.23-22]

• resolves: #1232021 - Do not overwrite smb.conf manpage
• resolves: #1216060 - Document netbios name length limitations
• resolves: #1234249 - Fix 'map to guest = Bad Uid' option
• resolves: #1219570 - Fix 'secuirtiy = server' (obsolete) share access
• resolves: #1211657 - Fix stale cache entries if a printer gets renamed

[3.6.23-21]

• resolves: #1252180 - Fix 'force group' with 'winbind use default domain'.
• resolves: #1250100 - Fix segfault in pam_winbind if option parsing fails
• resolves: #1222985 - Fix segfault with 'mangling method = hash' option

[3.6.23-20]

• resolves: #1164269 - Fix rpcclient timeout command.

[3.6.23-19]

• resolves: #1201611 - Fix 'force user' with 'winbind use default domain'.

[3.6.23-18]

• resolves: #1194549 - Fix winbind caching issue and support SID compression.

[3.6.23-17]

• resolves: #1192211 - Fix restoring shadow copy snapshot with SMB2.

[3.6.23-16]

• resolves: #1117059 - Fix nss group enumeration with unresolved groups.

[3.6.23-15]

• resolves: #1165750 - Fix guid retrieval for published printers.
• resolves: #1163383 - Fix 'net ads join -k' with existing keytab entries.
• resolves: #1195456 - Fix starting daemons on read only filesystems.
• resolves: #1138552 - Fix CPU utilization when re-reading the printcap info.
• resolves: #1144916 - Fix smbclient NTLMv2 authentication.
• resolves: #1164336 - Document 'sharesec' command for 'access based share enum' option.

[3.6.23-14]

• related: #1191339 - Update patchset for CVE-2015-0240.

[3.6.23-13]

• resolves: #1191339 - CVE-2015-0240: RCE in netlogon.

[3.6.23-12]

• resolves: #1127723 - Fix samlogon secure channel recovery.

[3.6.23-11]

• resolves: #1129006 - Add config variables to set spoolss os version.

[3.6.23-10]

• resolves: #1124835 - Fix dropbox share.

[3.6.23-9]

• related: #1053886 - Fix receiving the gecos field with winbind.

[3.6.23-8]

• resolves: #1110733 - Fix write operations as guest with 'security = share'.
• resolves: #1053886 - Fix receiving the gecos field with winbind.

[3.6.23-7]

• resolves: #1107777 - Fix SMB2 with 'case sensitive = True'

[3.6.23-6]

• resolves: #1105500 - CVE-2014-0244: DoS in nmbd.
• resolves: #1108841 - CVE-2014-3493: DoS in smbd with unicode path names.

[3.6.23-5]

• related: #1061301 - Only link glusterfs libraries to vfs module.

[3.6.23-4]

• resolves: #1051656 - Fix gecos field copy debug warning.
• resolves: #1061301 - Add glusterfs vfs module.
• resolves: #1087472 - Fix libsmbclient crash when HOME variable isnt set.
• resolves: #1099443 - 'net ads testjoin' fails with IPv6.
• resolves: #1100670 - Fix 'force user' with 'security = ads'.
• resolves: #1096522 - Fix enabling SMB2 causes file operations to fail.

[3.6.23-3]

• resolves: #1081539 - Add timeout option to smbclient.

[3.6.23-2]

• resolves: #1022534 - Do not build Samba with fam support.
• resolves: #1059301 - Fix nbt query with many components.
• resolves: #1057332 - Fix force user with guest account.
• resolves: #1021706 - Fix %G substitution in 'template homedir'.
• resolves: #1040472 - Fix group expansion in service path.
• resolves: #1069570 - Fix memory leak reading printer list.
• resolves: #1067607 - Fix wbinfo -i with one-way trusts.
• resolves: #1050887 - Fix 100% CPU utilization in winbindd when trying to free memory in winbindd_reinit_after_fork.
• resolves: #1029000 - Fix 'force user' with 'security = ads'.

[3.6.23-1]

• resolves: #1073356 - Fix CVE-2013-4496, CVE-2012-6150 and CVE-2013-6442.
• resolves: #1018038 - Fix CVE-2013-4408.

[3.6.22-1]

• resolves: #1003921 - Rebase Samba to 3.6.22.
• resolves: #1035332 - Fix force user with 'security = user'.