diff options
author | Karolin Seeger <kseeger@samba.org> | 2017-03-31 10:12:52 +0200 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2017-03-31 10:12:52 +0200 |
commit | 4a63ccda037744c48e21515637c834eca6f921f2 (patch) | |
tree | e1adf829fc78d1f8155bc59e3c0e252cecdadb8a | |
parent | 0839f6c6f4005f217475c70ba60b75bbd72e608e (diff) | |
parent | f4f7952b7035a5fd2a2f4090e55635834c977d10 (diff) | |
download | samba-4a63ccda037744c48e21515637c834eca6f921f2.tar.gz |
Merge tag 'samba-4.4.13' into v4-4-test
samba: tag release samba-4.4.13
-rw-r--r-- | WHATSNEW.txt | 47 |
1 files changed, 44 insertions, 3 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 6ab5e5d2512..3ecda696e6d 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,45 @@ ============================== + Release Notes for Samba 4.4.13 + March 31, 2017 + ============================== + + +This is a bug fix release to address a regression introduced by the security +fixes for CVE-2017-2619 (Symlink race allows access outside share definition). +Please see https://bugzilla.samba.org/show_bug.cgi?id=12721 for details. + + +Changes since 4.4.12: +--------------------- + +o Jeremy Allison <jra@samba.org> + * BUG 12721: Fix regression with "follow symlinks = no". + + +####################################### +Reporting bugs & Development Discussion +####################################### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the "Samba 4.1 and newer" product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +====================================================================== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +====================================================================== + + +Release notes for older releases follow: +---------------------------------------- + + ============================== Release Notes for Samba 4.4.12 March 23, 2017 ============================== @@ -13,7 +54,7 @@ Details ======= o CVE-2017-2619: - All versions of Samba prior to 4.6.1, 4.5.7, 4.4.11 are vulnerable to + All versions of Samba prior to 4.6.1, 4.5.7, 4.4.12 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition. @@ -66,8 +107,8 @@ database (https://bugzilla.samba.org/). ====================================================================== -Release notes for older releases follow: ----------------------------------------- +---------------------------------------------------------------------- + ============================== Release Notes for Samba 4.4.11 |