WHATSNEW: Add release notes for Samba 4.13.14.

Signed-off-by: Jule Anger <janger@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Karolin Seeger <kseeger@samba.org>
author: Jule Anger <janger@samba.org> 2021-11-08 12:03:27 +0100
committer: Jule Anger <janger@samba.org> 2021-11-08 12:14:42 +0100
commit: 6c14ac876b6f6a98cf04a705a928d8d8866c962f (patch)
tree: a5e32730107a67b2b897daa3cff68f260c96d510
parent: 0203330e2fa23482d99809e777ccb8a93a728aa3 (diff)
download: samba-6c14ac876b6f6a98cf04a705a928d8d8866c962f.tar.gz
1 files changed, 111 insertions, 2 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 575ae48705f..40753b2b500 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,4 +1,113 @@
                    ===============================
+                   Release Notes for Samba 4.13.14
+                           November 9, 2021
+                   ===============================
+
+
+This is a security release in order to address the following defects:
+
+o CVE-2016-2124:  SMB1 client connections can be downgraded to plaintext
+                  authentication.
+                  https://www.samba.org/samba/security/CVE-2016-2124.html
+
+o CVE-2020-25717: A user on the domain can become root on domain members.
+                  https://www.samba.org/samba/security/CVE-2020-25717.html
+                  (PLEASE READ! There are important behaviour changes described)
+
+o CVE-2020-25718: Samba AD DC did not correctly sandbox Kerberos tickets issued
+                  by an RODC.
+                  https://www.samba.org/samba/security/CVE-2020-25718.html
+
+o CVE-2020-25719: Samba AD DC did not always rely on the SID and PAC in Kerberos
+                  tickets.
+                  https://www.samba.org/samba/security/CVE-2020-25719.html
+
+o CVE-2020-25721: Kerberos acceptors need easy access to stable AD identifiers
+                  (eg objectSid).
+                  https://www.samba.org/samba/security/CVE-2020-25721.html
+
+o CVE-2020-25722: Samba AD DC did not do suffienct access and conformance
+                  checking of data stored.
+                  https://www.samba.org/samba/security/CVE-2020-25722.html
+
+o CVE-2021-3738:  Use after free in Samba AD DC RPC server.
+                  https://www.samba.org/samba/security/CVE-2021-3738.html
+
+o CVE-2021-23192: Subsequent DCE/RPC fragment injection vulnerability.
+                  https://www.samba.org/samba/security/CVE-2021-23192.html
+
+
+Changes since 4.13.13
+---------------------
+
+o  Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
+   * CVE-2020-25722
+
+o  Andrew Bartlett <abartlet@samba.org>
+   * CVE-2020-25718
+   * CVE-2020-25719
+   * CVE-2020-25721
+   * CVE-2020-25722
+
+o  Ralph Boehme <slow@samba.org>
+   * CVE-2020-25717
+
+o  Alexander Bokovoy <ab@samba.org>
+   * CVE-2020-25717
+
+o  Samuel Cabrero <scabrero@samba.org>
+   * CVE-2020-25717
+
+o  Nadezhda Ivanova <nivanova@symas.com>
+   * CVE-2020-25722
+
+o  Stefan Metzmacher <metze@samba.org>
+   * CVE-2016-2124
+   * CVE-2020-25717
+   * CVE-2020-25719
+   * CVE-2020-25722
+   * CVE-2021-23192
+   * CVE-2021-3738
+   * ldb: version 2.2.3
+
+o  Andreas Schneider <asn@samba.org>
+   * CVE-2020-25719
+
+o  Joseph Sutton <josephsutton@catalyst.net.nz>
+   * CVE-2020-17049
+   * CVE-2020-25718
+   * CVE-2020-25719
+   * CVE-2020-25721
+   * CVE-2020-25722
+   * MS CVE-2020-17049
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.libera.chat or the
+#samba-technical:matrix.org matrix channel.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.  All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
+
+                   ===============================
                    Release Notes for Samba 4.13.13
                           October 29, 2021
                    ===============================
@@ -94,8 +203,8 @@ database (https://bugzilla.samba.org/).
 ======================================================================
 
 
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
+
                    ===============================
                    Release Notes for Samba 4.13.12
                          September 22, 2021
author	Jule Anger <janger@samba.org>	2021-11-08 12:03:27 +0100
committer	Jule Anger <janger@samba.org>	2021-11-08 12:14:42 +0100
commit	6c14ac876b6f6a98cf04a705a928d8d8866c962f (patch)
tree	a5e32730107a67b2b897daa3cff68f260c96d510
parent	0203330e2fa23482d99809e777ccb8a93a728aa3 (diff)
download	samba-6c14ac876b6f6a98cf04a705a928d8d8866c962f.tar.gz