From: zhengruoqin <[email protected]>
Changelog:
============
There have been a few regressions in the security release 4.14.10:
o CVE-2020-25717: A user on the domain can become root on domain members.
https://www.samba.org/samba/security/CVE-2020-25717.html
PLEASE [RE-]READ!
The instructions have been updated and some workarounds
initially adviced for 4.14.10 are no longer required and
should be reverted in most cases.
o BUG-14902: User with multiple spaces (eg Fred<space><space>Nurk)
become
un-deletable. While this release should fix this bug, it is
adviced to have a look at the bug report for more detailed
information, see https://bugzilla.samba.org/show_bug.cgi?id=14902.
Changes since 4.14.10
---------------------
* BUG 14878: Recursive directory delete with veto files is broken.
* BUG 14879: A directory containing dangling symlinks cannot be deleted by
SMB2 alone when they are the only entry in the directory.
* BUG 14656: Spaces incorrectly collapsed in ldb attributes.
* BUG 14694: Ensure that the LDB request has not timed out during filter
processing as the LDAP server MaxQueryDuration is otherwise not honoured.
* BUG 14901: The CVE-2020-25717 username map [script] advice has undesired
side effects for the local nt token.
* BUG 14902: User with multiple spaces (eg
Fred<space><space>Nurk) become un-
deletable.
* BUG 14127: Avoid storing NTTIME_THAW (-2) as value on disk
* BUG 14922: Kerberos authentication on standalone server in MIT realm
broken.
* BUG 14923: Segmentation fault when joining the domain.
* BUG 14903: Support for ROLE_IPA_DC is incomplete.
* BUG 14788: Memory leak if ioctl(FSCTL_VALIDATE_NEGOTIATE_INFO) fails before
smbd_smb2_ioctl_send.
* BUG 14899: winbindd doesn't start when "allow trusted
domains" is off.
* BUG 14901: The CVE-2020-25717 username map [script] advice has undesired
side effects for the local nt token.
* BUG 14694: Ensure that the LDB request has not timed out during filter
processing as the LDAP server MaxQueryDuration is otherwise not honoured.
* BUG 14901: The CVE-2020-25717 username map [script] advice has undesired
side effects for the local nt token.
Signed-off-by: Zheng Ruoqin <[email protected]>
Signed-off-by: Khem Raj <[email protected]>
Signed-off-by: Yi Zhao <[email protected]>
---
.../samba/{samba_4.14.10.bb => samba_4.14.11.bb} | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
rename meta-networking/recipes-connectivity/samba/{samba_4.14.10.bb =>
samba_4.14.11.bb} (98%)
diff --git a/meta-networking/recipes-connectivity/samba/samba_4.14.10.bb
b/meta-networking/recipes-connectivity/samba/samba_4.14.11.bb
similarity index 98%
rename from meta-networking/recipes-connectivity/samba/samba_4.14.10.bb
rename to meta-networking/recipes-connectivity/samba/samba_4.14.11.bb
index 98baad71a..3b1a0f4aa 100644
--- a/meta-networking/recipes-connectivity/samba/samba_4.14.10.bb
+++ b/meta-networking/recipes-connectivity/samba/samba_4.14.11.bb
@@ -30,8 +30,7 @@ SRC_URI_append_libc-musl = " \
file://samba-fix-musl-lib-without-innetgr.patch \
"
-SRC_URI[md5sum] = "02a3ae53a9c3feb2f3c5b97141b7a8cc"
-SRC_URI[sha256sum] =
"107ee862f58062682cec362ec68a24251292805f89aa4c97e7ab80237f91c7af"
+SRC_URI[sha256sum] =
"3d9ebbf3280c7cf5eac1b15aeff8857b31151abaec4d2987be015a66c2945d98"
UPSTREAM_CHECK_REGEX = "samba\-(?P<pver>4\.14(\.\d+)+).tar.gz"
--
2.25.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#94546):
https://lists.openembedded.org/g/openembedded-devel/message/94546
Mute This Topic: https://lists.openembedded.org/mt/87992378/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
