From c151f3a3c322baff21293327d6e4683fcafb10e9 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Tue, 11 Sep 2007 14:28:37 +0000
Subject: r25076: Checking in patches for 3.0.26

---
 WHATSNEW.txt               | 39 +++++++++++++++++++++++++++++++--------
 source/VERSION             |  4 ++--
 source/nsswitch/idmap_ad.c |  2 +-
 3 files changed, 34 insertions(+), 11 deletions(-)

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index e99bd87d0eb..61f11847b5b 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,12 +1,39 @@
+                   ==============================
+                   Release Notes for Samba 3.0.26
+                             Sep 11, 2007
+                   ==============================
+
+This is a security release of Samba 3.0 to address
+
+  o CVE-2007-4138
+	Versions: All Samba 3.0.25 releases
+	Incorrect primary group assignment for
+	domain users using the rfc2307 or sfu
+	winbind nss info plugin.
+
+The original security announcement for this and past advisories
+can be found http://www.samba.org/samba/security/
+
+######################################################################
+Changes
+#######
+
+Changes since 3.0.25c
+---------------------
+
+o   Gerald (Jerry) Carter <jerry@samba.org>
+    * Fix CVE-2007-4138 in the "winbind nss info = {sfu | rfc2307}"
+      plugin (idmap_ad.c)
+
+
+Release notes for older releases follow:
+
+      --------------------------------------------------
                    ===============================
                    Release Notes for Samba 3.0.25c
                              Aug 20, 2007
                    ===============================
 
-This is the latest production release of the Samba 3.0.25 code 
-base and is the version that servers should be run for for all 
-current bug fixes.  
-
 Major bug fixes included in Samba 3.0.25c are:
 
   o File sharing with Widows 9x clients.
@@ -132,10 +159,6 @@ o   Atsushi Nakabayashi <nakabayashi@miraclelinux.com>
     * Ensure proper exit when nmbd is unable to reopen the wins.tdb.
     * Fix error path memleaks in the messaging subsystem.
 
-
-
-Release notes for older releases follow:
-
       --------------------------------------------------
                    ===============================
                    Release Notes for Samba 3.0.25b
diff --git a/source/VERSION b/source/VERSION
index aaddccf20c9..71460648231 100644
--- a/source/VERSION
+++ b/source/VERSION
@@ -25,7 +25,7 @@
 ########################################################
 SAMBA_VERSION_MAJOR=3
 SAMBA_VERSION_MINOR=0
-SAMBA_VERSION_RELEASE=25
+SAMBA_VERSION_RELEASE=26
 
 ########################################################
 # Bug fix releases use a letter for the patch revision #
@@ -36,7 +36,7 @@ SAMBA_VERSION_RELEASE=25
 # e.g. SAMBA_VERSION_REVISION=a                        #
 #  ->  "2.2.8a"                                        #
 ########################################################
-SAMBA_VERSION_REVISION=c
+SAMBA_VERSION_REVISION=
 
 ########################################################
 # For 'pre' releases the version will be               #
diff --git a/source/nsswitch/idmap_ad.c b/source/nsswitch/idmap_ad.c
index aadbb2419d8..f181ca39575 100644
--- a/source/nsswitch/idmap_ad.c
+++ b/source/nsswitch/idmap_ad.c
@@ -753,7 +753,7 @@ static NTSTATUS nss_ad_get_info( struct nss_domain_entry *e,
        
 	if ( gid ) {		
 		if ( !ads_pull_uint32(ads, msg, ad_schema->posix_gidnumber_attr, gid ) )
-			*gid = 0;		
+			*gid = (uint32)-1;
 	}
 		
 	return NT_STATUS_OK;
-- 
cgit v1.2.1