Overview Repositories Revisions Requests Users Attributes Meta

Revisions of samba

Ruediger Oertel's avatar Ruediger Oertel (oertel) committed (revision 4) 
- Update to 4.17.7
  * CVE-2023-0922: Samba AD DC admin tool samba-tool sends passwords
    in cleartext; (bso#15315); (bsc#1209481).
  * CVE-2023-0225: Samba AD DC "dnsHostname" attribute can be
    deleted by unprivileged authenticated users; (bso#15276);
    (bsc#1209483).
  * CVE-2023-0614: samba: Access controlled AD LDAP attributes can
    be discovered; (bso#15270); (bsc#1209485).
  * large_ldap test is inefficient; (bso#15332).
  * CVE-2020-25720 [SECURITY] Create Child permission should not
    allow full write to all attributes (additional changes);
    (bso#14810).
- Update to 4.17.6
  * streams_xattr is creating unexpected locks on folders;
    (bso#15314).
  * Use of the Azure AD Connect cloud sync tool is now supported
    for password hash synchronisation, allowing Samba AD Domains
    to synchronise passwords with this popular cloud environment;
    (bso#10635).
  * Spotlight doesn't work with latest macOS Ventura;
    (bso#15299).
  * New samba-dcerpc architecture does not scale gracefully;
    (bso#15310).
  * vfs_ceph incorrectly uses fsp_get_io_fd() instead of
    fsp_get_pathref_fd() in close and fstat; (bso#15307).
  * With clustering enabled samba-bgqd can core dump due to use
    after free; (bso#15293).
  * fd_load() function implicitly closes the fd where it should
    not; (bso#15311).
- Update to 4.17.5
Daniel Mach's avatar Daniel Mach (dmach) committed (revision 3) 
- Make (32bit) samba-libs conflict with old samba-ad-dc-libs
  package to satisfy installcheck.

- Make samba-libs conflict with old samba-ad-dc-libs package
  to satisfy installcheck.

- Remove non functioning ifup/ifdown samba-winbindd scripts;
  (bsc#1207414).

- libdsdb-module-samba4 should be packaged as part of samba-libs and
  not samba-ad-dc-libs. Additionally no need for it to be
  removed conditionally.

- Clean up logic for PAM migration settings in spec file.

- Change with_dc default to 0 (for non TW builds), ADDC feature is
  deprecated and will no longer be included in >= SLE15-SP5;
  (jsc#PED-1122).

- Update to 4.17.4
   * CVE-2022-44640 Upstream Heimdal free of user-controlled
     pointer in FAST; (bsc#14929);
   * CVE-2021-20251 Bad password count not incremented atomically;
     (bsc#14611);
   * CVE-2022-42898 krb5_pac_parse() buffer parsing vulnerability;
     (bsc#15203);
   * CVE-2022-37966 rc4-hmac Kerberos session keys issued to
     modern servers; (bso#15237);
   * CVE-2022-37967 Kerberos constrained delegation ticket forgery
     possible against Samba AD DC; (bso#15231);
Daniel Mach's avatar Daniel Mach (dmach) committed (revision 2) 
samba update: jira PED-2941
Daniel Mach's avatar Daniel Mach (dmach) committed (revision 1) 
initialize package
Displaying all 4 revisions
openSUSE Build Service is sponsored by
Places