diff options
| author | Karolin Seeger <kseeger@samba.org> | 2017-11-17 11:29:01 +0100 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2017-11-17 12:13:04 +0100 |
| commit | f333815481d8f5354f605751b627379ed3b8ae6e (patch) | |
| tree | 8108e2483aa33183f09e5b55921e5dbd939a0dd5 | |
| parent | d7526d66f5412c3421a95e716183eea7c7f50d14 (diff) | |
| download | samba-4.5.15.tar.gz | |
VERSION: Disable GIT_SNAPSHOT for the 4.5.15 release.samba-4.5.15
Signed-off-by: Karolin Seeger <kseeger@samba.org>
| -rw-r--r-- | VERSION | 2 | ||||
| -rw-r--r-- | WHATSNEW.txt | 19 |
2 files changed, 18 insertions, 3 deletions
@@ -99,7 +99,7 @@ SAMBA_VERSION_RC_RELEASE= # e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes # # -> "3.0.0-SVN-build-199" # ######################################################## -SAMBA_VERSION_IS_GIT_SNAPSHOT=yes +SAMBA_VERSION_IS_GIT_SNAPSHOT=no ######################################################## # This is for specifying a release nickname # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 3967a024eea..b245e30a6f9 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -4,9 +4,10 @@ ============================== -This is a security release in order to address the following defect: +This is a security release in order to address the following defects: o CVE-2017-14746 (Use-after-free vulnerability.) +o CVE-2017-15275 (Server heap memory information leak.) ======= @@ -19,9 +20,21 @@ o CVE-2017-14746: control the contents of heap memory via a deallocated heap pointer. It is possible this may be used to compromise the SMB server. -For more details and a workaround, please see the security advisories: +o CVE-2017-15275: + All versions of Samba from 3.6.0 onwards are vulnerable to a heap + memory information leak, where server allocated heap memory may be + returned to the client without being cleared. + + There is no known vulnerability associated with this error, but + uncleared heap memory may contain previously used data that may help + an attacker compromise the server via other methods. Uncleared heap + memory may potentially contain password hashes or other high-value + data. + +For more details and workarounds, please see the security advisories: o https://www.samba.org/samba/security/CVE-2017-14746.html + o https://www.samba.org/samba/security/CVE-2017-15275.html Changes since 4.5.14: @@ -29,6 +42,8 @@ Changes since 4.5.14: o Jeremy Allison <jra@samba.org> * BUG 13041: CVE-2017-14746: s3: smbd: Fix SMB1 use-after-free crash bug. + * BUG 13077: CVE-2017-15275: s3: smbd: Chain code can return uninitialized + memory when talloc buffer is grown. ####################################### |