diff options
author | Jule Anger <janger@samba.org> | 2021-11-08 11:57:45 +0100 |
---|---|---|
committer | Jule Anger <janger@samba.org> | 2021-11-08 12:14:32 +0100 |
commit | b643df361ed3943d5e30ebe48831715073231b58 (patch) | |
tree | c41b2fb7037d8f4aae35970056753c013e1aa7e9 | |
parent | 25c944643f3d6ea55767a389423571a1136c68bc (diff) | |
download | samba-b643df361ed3943d5e30ebe48831715073231b58.tar.gz |
WHATSNEW: Add release notes for Samba 4.14.10.
Signed-off-by: Jule Anger <janger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Karolin Seeger <kseeger@samba.org>
-rw-r--r-- | WHATSNEW.txt | 113 |
1 files changed, 111 insertions, 2 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt index e41ee1dabb4..f81a31d49b0 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,3 +1,112 @@ + =============================== + Release Notes for Samba 4.14.10 + November 9, 2021 + =============================== + + +This is a security release in order to address the following defects: + +o CVE-2016-2124: SMB1 client connections can be downgraded to plaintext + authentication. + https://www.samba.org/samba/security/CVE-2016-2124.html + +o CVE-2020-25717: A user on the domain can become root on domain members. + https://www.samba.org/samba/security/CVE-2020-25717.html + (PLEASE READ! There are important behaviour changes described) + +o CVE-2020-25718: Samba AD DC did not correctly sandbox Kerberos tickets issued + by an RODC. + https://www.samba.org/samba/security/CVE-2020-25718.html + +o CVE-2020-25719: Samba AD DC did not always rely on the SID and PAC in Kerberos + tickets. + https://www.samba.org/samba/security/CVE-2020-25719.html + +o CVE-2020-25721: Kerberos acceptors need easy access to stable AD identifiers + (eg objectSid). + https://www.samba.org/samba/security/CVE-2020-25721.html + +o CVE-2020-25722: Samba AD DC did not do suffienct access and conformance + checking of data stored. + https://www.samba.org/samba/security/CVE-2020-25722.html + +o CVE-2021-3738: Use after free in Samba AD DC RPC server. + https://www.samba.org/samba/security/CVE-2021-3738.html + +o CVE-2021-23192: Subsequent DCE/RPC fragment injection vulnerability. + https://www.samba.org/samba/security/CVE-2021-23192.html + + +Changes since 4.14.9 +-------------------- + +o Douglas Bagnall <douglas.bagnall@catalyst.net.nz> + * CVE-2020-25722 + +o Andrew Bartlett <abartlet@samba.org> + * CVE-2020-25718 + * CVE-2020-25719 + * CVE-2020-25721 + * CVE-2020-25722 + +o Ralph Boehme <slow@samba.org> + * CVE-2020-25717 + +o Alexander Bokovoy <ab@samba.org> + * CVE-2020-25717 + +o Samuel Cabrero <scabrero@samba.org> + * CVE-2020-25717 + +o Nadezhda Ivanova <nivanova@symas.com> + * CVE-2020-25722 + +o Stefan Metzmacher <metze@samba.org> + * CVE-2016-2124 + * CVE-2020-25717 + * CVE-2020-25719 + * CVE-2020-25722 + * CVE-2021-23192 + * CVE-2021-3738 + * ldb: version 2.3.2 + +o Andreas Schneider <asn@samba.org> + * CVE-2020-25719 + +o Joseph Sutton <josephsutton@catalyst.net.nz> + * CVE-2020-17049 + * CVE-2020-25718 + * CVE-2020-25719 + * CVE-2020-25721 + * CVE-2020-25722 + * MS CVE-2020-17049 + + +####################################### +Reporting bugs & Development Discussion +####################################### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.libera.chat or the +#samba-technical:matrix.org matrix channel. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 4.1 and newer product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +====================================================================== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +====================================================================== + + +Release notes for older releases follow: +---------------------------------------- + + ============================== Release Notes for Samba 4.14.9 October 27, 2021 @@ -97,8 +206,8 @@ database (https://bugzilla.samba.org/). ====================================================================== -Release notes for older releases follow: ----------------------------------------- +---------------------------------------------------------------------- + ============================== Release Notes for Samba 4.14.8 October 05, 2021 |