| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
o CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD
Directory not automatic.
o CVE-2019-14907: Crash after failed character conversion at log level 3 or
above.
o CVE-2019-19344: Use after free during DNS zone scavenging in Samba AD DC.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
|
|
|
|
|
| |
o CVE-2019-14861: Samba AD DC zone-named record Denial of Service in DNS
management server (dnsserver).
o CVE-2019-14870: DelegationNotAllowed not being enforced in protocol transition
on Samba AD DC.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
|
|
|
|
|
|
|
| |
* Bug 14071: CVE-2019-10218: Client code can return filenames containing path
separators.
* Bug 12438: CVE-2019-14833: Samba AD DC check password script does not receive
the full password.
* Bug 14040: CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP
server via dirsync.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14035
CVE-2019-10197 [SECURITY][EMBARGOED] permissions check deny can allow user to
escape from the share.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
|
|
|
| |
CVE-2019-12435 rpc/dns: avoid NULL deference if zone not found in DnssrvOperation2
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13922
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
|
|
| |
CVE-2018-16860 (Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum)
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|\
| |
| |
| | |
samba: tag release samba-4.9.6
|
| |
| |
| |
| |
| |
| |
| | |
CVE-2019-3870 (World writable files in Samba AD DC private/ dir)
CVE-2019-3880 (Save registry file outside share as unprivileged user)
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|/
|
|
|
|
| |
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
o CVE-2018-14629 (Unprivileged adding of CNAME record causing loop in AD
Internal DNS server)
o CVE-2018-16841 (Double-free in Samba AD DC KDC with PKINIT)
o CVE-2018-16851 (NULL pointer de-reference in Samba AD DC LDAP server)
o CVE-2018-16852 (NULL pointer de-reference in Samba AD DC DNS servers)
o CVE-2018-16853 (Samba AD DC S4U2Self crash in experimental MIT Kerberos
configuration (unsupported))
o CVE-2018-16857 (Bad password count in AD DC not always effective)
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
|
|
| |
Thanks to garming@catalyst.net.nz for catching!
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
|
|
|
| |
Signed-off-by: Björn Baumbach <bb@sernet.de>
Autobuild-User(v4-9-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-9-test): Thu Sep 13 11:36:40 CEST 2018 on sn-devel-144
|
|
|
|
| |
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
|
|
|
|
|
|
|
| |
This includes descriptions of some final configuration changes as well
as an overall mapping between old and new configuration options.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(v4-9-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-9-test): Tue Aug 28 14:08:58 CEST 2018 on sn-devel-144
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
|
| |
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
|
| |
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
|
|
|
|
| |
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
|
|
|
|
|
| |
--without-json-audit
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
|
|
|
| |
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
|
| |
acceptance of all syslog facilities for all audit modules.
Signed-off-by: Timur I. Bakeyev <timur@iXsystems.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
| |
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jul 11 11:47:09 CEST 2018 on sn-devel-144
|
|
|
|
|
| |
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added WHATSNEW blurbs for the following features:
- Password Settings Objects
- Domain backup and restore
- Domain rename tool
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
|
|
|
|
|
|
|
|
|
| |
Add WHATSNEW entries for dsdb, password and group change audit logging,
as well as the ldb lmdb backend
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jul 10 12:53:54 CEST 2018 on sn-devel-144
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Applications (like OpenSSH) don't know about users and and
their relationship to Kerberos principals. This plugin allows that
Kerberos principals can be validated against local user accounts.
Administrator@WURST.WORLD -> WURST\Administrator
https://web.mit.edu/kerberos/krb5-latest/doc/plugindev/localauth.html
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13480
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jun 21 15:52:02 CEST 2018 on sn-devel-144
|
|
|
|
|
|
|
|
| |
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Kai Blin <kai@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Thu Jun 7 13:48:25 CEST 2018 on sn-devel-144
|
|
|
|
|
|
|
|
| |
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue May 15 12:40:48 CEST 2018 on sn-devel-144
|
|
|
|
|
|
|
|
|
| |
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Mar 2 19:12:08 CET 2018 on sn-devel-144
|
|
|
|
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Feb 7 17:57:39 CET 2018 on sn-devel-144
|
|
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13223
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Feb 1 07:57:54 CET 2018 on sn-devel-144
|
|
|
|
|
|
|
|
|
|
| |
The WHATSNEW incorrectly explains how to enable gpo.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13223
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|