WHATSNEW: Add release notes for Samba 4.14.10.

Signed-off-by: Jule Anger <janger@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Karolin Seeger <kseeger@samba.org>
author: Jule Anger <janger@samba.org> 2021-11-08 11:57:45 +0100
committer: Jule Anger <janger@samba.org> 2021-11-08 12:14:32 +0100
commit: b643df361ed3943d5e30ebe48831715073231b58 (patch)
tree: c41b2fb7037d8f4aae35970056753c013e1aa7e9 /WHATSNEW.txt
parent: 25c944643f3d6ea55767a389423571a1136c68bc (diff)
download: samba-b643df361ed3943d5e30ebe48831715073231b58.tar.gz
1 files changed, 111 insertions, 2 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index e41ee1dabb4..f81a31d49b0 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,112 @@
+                   ===============================
+                   Release Notes for Samba 4.14.10
+                           November 9, 2021
+                   ===============================
+
+
+This is a security release in order to address the following defects:
+
+o CVE-2016-2124:  SMB1 client connections can be downgraded to plaintext
+                  authentication.
+                  https://www.samba.org/samba/security/CVE-2016-2124.html
+
+o CVE-2020-25717: A user on the domain can become root on domain members.
+                  https://www.samba.org/samba/security/CVE-2020-25717.html
+                  (PLEASE READ! There are important behaviour changes described)
+
+o CVE-2020-25718: Samba AD DC did not correctly sandbox Kerberos tickets issued
+                  by an RODC.
+                  https://www.samba.org/samba/security/CVE-2020-25718.html
+
+o CVE-2020-25719: Samba AD DC did not always rely on the SID and PAC in Kerberos
+                  tickets.
+                  https://www.samba.org/samba/security/CVE-2020-25719.html
+
+o CVE-2020-25721: Kerberos acceptors need easy access to stable AD identifiers
+                  (eg objectSid).
+                  https://www.samba.org/samba/security/CVE-2020-25721.html
+
+o CVE-2020-25722: Samba AD DC did not do suffienct access and conformance
+                  checking of data stored.
+                  https://www.samba.org/samba/security/CVE-2020-25722.html
+
+o CVE-2021-3738:  Use after free in Samba AD DC RPC server.
+                  https://www.samba.org/samba/security/CVE-2021-3738.html
+
+o CVE-2021-23192: Subsequent DCE/RPC fragment injection vulnerability.
+                  https://www.samba.org/samba/security/CVE-2021-23192.html
+
+
+Changes since 4.14.9
+--------------------
+
+o  Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
+   * CVE-2020-25722
+
+o  Andrew Bartlett <abartlet@samba.org>
+   * CVE-2020-25718
+   * CVE-2020-25719
+   * CVE-2020-25721
+   * CVE-2020-25722
+
+o  Ralph Boehme <slow@samba.org>
+   * CVE-2020-25717
+
+o  Alexander Bokovoy <ab@samba.org>
+   * CVE-2020-25717
+
+o  Samuel Cabrero <scabrero@samba.org>
+   * CVE-2020-25717
+
+o  Nadezhda Ivanova <nivanova@symas.com>
+   * CVE-2020-25722
+
+o  Stefan Metzmacher <metze@samba.org>
+   * CVE-2016-2124
+   * CVE-2020-25717
+   * CVE-2020-25719
+   * CVE-2020-25722
+   * CVE-2021-23192
+   * CVE-2021-3738
+   * ldb: version 2.3.2
+
+o  Andreas Schneider <asn@samba.org>
+   * CVE-2020-25719
+
+o  Joseph Sutton <josephsutton@catalyst.net.nz>
+   * CVE-2020-17049
+   * CVE-2020-25718
+   * CVE-2020-25719
+   * CVE-2020-25721
+   * CVE-2020-25722
+   * MS CVE-2020-17049
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.libera.chat or the
+#samba-technical:matrix.org matrix channel.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.  All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
+
                    ==============================
                    Release Notes for Samba 4.14.9
                           October 27, 2021
@@ -97,8 +206,8 @@ database (https://bugzilla.samba.org/).
 ======================================================================
 
 
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
+
                    ==============================
                    Release Notes for Samba 4.14.8
                           October 05, 2021
author	Jule Anger <janger@samba.org>	2021-11-08 11:57:45 +0100
committer	Jule Anger <janger@samba.org>	2021-11-08 12:14:32 +0100
commit	b643df361ed3943d5e30ebe48831715073231b58 (patch)
tree	c41b2fb7037d8f4aae35970056753c013e1aa7e9 /WHATSNEW.txt
parent	25c944643f3d6ea55767a389423571a1136c68bc (diff)
download	samba-b643df361ed3943d5e30ebe48831715073231b58.tar.gz