summaryrefslogtreecommitdiff
Commit message (Expand)AuthorAgeFilesLines
* VERSION: Disable git snapshots for the 4.2.10 release.samba-4.2.10Stefan Metzmacher2016-03-301-1/+1
* WHATSNEW: Add release notes for Samba 4.2.10.Stefan Metzmacher2016-03-301-2/+553
* CVE-2015-5370: s4:selftest: run samba.tests.dcerpc.raw_protocol against plugi...Stefan Metzmacher2016-03-301-0/+1
* CVE-2015-5370: python/samba/tests: add some dcerpc raw_protocol testsStefan Metzmacher2016-03-301-0/+2623
* CVE-2015-5370: python/samba/tests: add infrastructure to do raw protocol test...Stefan Metzmacher2016-03-301-0/+525
* CVE-2015-5370: s4:librpc/rpc: call dcerpc_connection_dead() on protocol errorsStefan Metzmacher2016-03-301-8/+15
* CVE-2015-5370: s3:rpc_client: disconnect connection on protocol errorsStefan Metzmacher2016-03-301-3/+64
* CVE-2015-5370: libcli/smb: use a max timeout of 1 second in tstream_smbXcli_n...Stefan Metzmacher2016-03-301-0/+4
* CVE-2015-5370: s3:rpc_server: verify auth_context_id in api_pipe_{bind_auth3,...Stefan Metzmacher2016-03-301-0/+16
* CVE-2015-5370: s3:rpc_client: verify auth_context_id in rpc_pipe_bind_step_on...Stefan Metzmacher2016-03-301-0/+8
* CVE-2015-5370: s3:librpc/rpc: verify auth_context_id in dcerpc_check_auth()Stefan Metzmacher2016-03-301-0/+4
* CVE-2015-5370: s3:librpc/rpc: make use of auth->auth_context_id in dcerpc_add...Stefan Metzmacher2016-03-301-1/+1
* CVE-2015-5370: s3:rpc_server: make use of pipe_auth_data->auth_context_idStefan Metzmacher2016-03-302-6/+8
* CVE-2015-5370: s3:rpc_client: make use of pipe_auth_data->auth_context_idStefan Metzmacher2016-03-301-3/+5
* CVE-2015-5370: s3:librpc/rpc: add auth_context_id to struct pipe_auth_dataStefan Metzmacher2016-03-301-0/+1
* CVE-2015-5370: s3:rpc_client: pass struct pipe_auth_data to create_rpc_{bind_...Stefan Metzmacher2016-03-301-14/+8
* CVE-2015-5370: s3:rpc_server: don't allow an existing context to be changed i...Stefan Metzmacher2016-03-301-0/+24
* CVE-2015-5370: s3:rpc_server: check the transfer syntax in check_bind_req() f...Stefan Metzmacher2016-03-301-8/+18
* CVE-2015-5370: s3:librpc/rpc: remove unused dcerpc_pull_dcerpc_auth()Stefan Metzmacher2016-03-302-45/+0
* CVE-2015-5370: s3:rpc_server: use DCERPC_NCA_S_PROTO_ERROR FAULTs for protoco...Stefan Metzmacher2016-03-301-2/+2
* CVE-2015-5370: s3:rpc_server: let a failing BIND mark the connection as brokenStefan Metzmacher2016-03-301-0/+1
* CVE-2015-5370: s3:rpc_server: disconnect the connection after a fatal FAULT pduStefan Metzmacher2016-03-301-0/+12
* CVE-2015-5370: s3:rpc_server: make use of dcerpc_verify_ncacn_packet_header()...Stefan Metzmacher2016-03-301-1/+81
* CVE-2015-5370: s3:rpc_server: verify presentation context arraysStefan Metzmacher2016-03-301-1/+16
* CVE-2015-5370: s3:rpc_server: use 'alter' instead of 'bind' for variables in ...Stefan Metzmacher2016-03-301-16/+16
* CVE-2015-5370: s3:rpc_server: ensure that the message ordering doesn't violat...Jeremy Allison2016-03-303-6/+48
* CVE-2015-5370: s3:rpc_server: make sure auth_level isn't changed by alter_con...Stefan Metzmacher2016-03-301-0/+14
* CVE-2015-5370: s3:rpc_server: let a failing auth3 mark the authentication as ...Stefan Metzmacher2016-03-301-1/+1
* CVE-2015-5370: s3:rpc_server: don't allow auth3 if the authentication was alr...Stefan Metzmacher2016-03-301-1/+8
* CVE-2015-5370: s3:rpc_server: don't ignore failures of dcerpc_push_ncacn_pack...Stefan Metzmacher2016-03-301-0/+2
* CVE-2015-5370: s3:rpc_server: just call pipe_auth_generic_bind() in api_pipe_...Stefan Metzmacher2016-03-301-39/+6
* CVE-2015-5370: s3:rpc_server: let a failing sec_verification_trailer mark the...Stefan Metzmacher2016-03-301-0/+1
* CVE-2015-5370: s3:rpc_server: make use of dcerpc_pull_auth_trailer() in api_p...Stefan Metzmacher2016-03-301-49/+13
* CVE-2015-5370: s3:rpc_client: verify auth_{type,level} in rpc_pipe_bind_step_...Stefan Metzmacher2016-03-301-0/+15
* CVE-2015-5370: s3:rpc_client: protect rpc_api_pipe_got_pdu() against too larg...Stefan Metzmacher2016-03-301-0/+5
* CVE-2015-5370: s3:rpc_client: make use of dcerpc_verify_ncacn_packet_header()...Stefan Metzmacher2016-03-301-15/+96
* CVE-2015-5370: s3:rpc_client: make use of dcerpc_pull_auth_trailer()Stefan Metzmacher2016-03-301-8/+6
* CVE-2015-5370: s3:librpc/rpc: let dcerpc_check_auth() auth_{type,level} again...Stefan Metzmacher2016-03-301-0/+8
* CVE-2015-5370: s3:librpc/rpc: remove auth trailer and possible padding within...Stefan Metzmacher2016-03-304-53/+33
* CVE-2015-5370: librpc/rpc: don't allow pkt->auth_length == 0 in dcerpc_pull_a...Stefan Metzmacher2016-03-301-0/+5
* CVE-2015-5370: s4:rpc_server: reject DCERPC_PFC_FLAG_PENDING_CANCEL with DCER...Stefan Metzmacher2016-03-301-0/+4
* CVE-2015-5370: s4:rpc_server: the assoc_group is relative to the connection (...Stefan Metzmacher2016-03-304-67/+29
* CVE-2015-5370: s4:rpc_server: only allow one fragmented call_id at a timeStefan Metzmacher2016-03-301-62/+80
* CVE-2015-5370: s4:rpc_server: limit allocation and alloc_hint to 4 MByteStefan Metzmacher2016-03-301-5/+40
* CVE-2015-5370: s4:rpc_server: check frag_length for requestsStefan Metzmacher2016-03-301-0/+15
* CVE-2015-5370: s4:rpc_server: give the correct reject reasons for invalid aut...Stefan Metzmacher2016-03-302-3/+38
* CVE-2015-5370: s4:rpc_server: disconnect after a failing dcesrv_auth_request()Stefan Metzmacher2016-03-301-0/+7
* CVE-2015-5370: s4:rpc_server: let a failing auth3 mark the authentication as ...Stefan Metzmacher2016-03-303-1/+13
* CVE-2015-5370: s4:rpc_server: failing authentication should generate a SEC_PK...Stefan Metzmacher2016-03-301-7/+1
* CVE-2015-5370: s4:rpc_server: fix the order of error checking in dcesrv_alter()Stefan Metzmacher2016-03-301-6/+18
View Lorry Controller Status