Hello community,
here is the log from the commit of package samba for openSUSE:Factory checked
in at 2019-06-27 15:52:59
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/samba (Old)
and /work/SRC/openSUSE:Factory/.samba.new.4615 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "samba"
Thu Jun 27 15:52:59 2019 rev:249 rq:710952 version:4.10.5+git.105.2bd98587873
Changes:
--------
--- /work/SRC/openSUSE:Factory/samba/samba.changes 2019-05-16
22:00:19.770768163 +0200
+++ /work/SRC/openSUSE:Factory/.samba.new.4615/samba.changes 2019-06-27
15:53:01.727902541 +0200
@@ -1,0 +2,70 @@
+Wed Jun 19 09:20:12 UTC 2019 - Noel Power <nopo...@suse.com>
+
+- Update to samba-4.10.5 (including updates for 4.10.4, 4.10.3)
+ + CVE-2019-12435 rpc/dns: Avoid NULL deference if zone not found
+ in DnssrvOperation2; (bso#13922); (bsc#1137815).
+ + CVE-2019-12436 dsdb/paged_results: Ignore successful results
+ without messages; (bso#13951); (bsc#1137816).
+- Update to samba-4.10.4
+ + s3: SMB1: Don't allow recvfile on stream fsp's; (bso#13938).
+ + py/provision: Fix for Python 2.6; (bso#13882).
+ + netcmd: Fix 'passwordsettings --max-pwd-age' command;
+ (bso#13873).
+ + s3-libnet_join: 'net ads join' to child domain fails when
+ using "-U admin@forestroot"; (bso#13861).
+ + vfs_ceph: Explicitly enable libcephfs POSIX ACL support;
+ (bso#13896); (bsc#1130245).
+ + vfs_ceph: Fix cephwrap_flistxattr() debug message;
+ (bso#13940); (bsc#1134697).
+ + ctdb-common: Avoid race between fd and signal events;
+ (bso#13895).
+ + ctdb-common: Fix memory leak in run_proc; (bso#13943).
+ + lib: Initialize getline() arguments; (bso#13892).
+ + winbind: Fix overlapping id ranges; (bco#13903).
+ + lib util debug: Increase format buffer to 4KiB; (bso#13902).
+ + nsswitch pam_winbind: Fix Asan use after free; (bso#13927).
+ + s4 lib socket: Ensure address string owned by parent struct;
+ (bso#13929).
+ + s3 rpc_client: Fix Asan stack use after scope; (bso#13936).
+ + s3:smbd: Handle IO_REPARSE_TAG_DFS in
+ SMB_FIND_FILE_FULL_DIRECTORY_INFO; (bso#10097).
+ + smb2_tcon: Avoid STATUS_PENDING completely on tdis; (bso#10344).
+ + smb2_sesssetup: avoid STATUS_PENDING responses for session setup;
+ (bso#12845).
+ + smb2_tcon: Avoid STATUS_PENDING completely on tdis; (bso#13698).
+ + smb2_sesssetup: avoid STATUS_PENDING responses for session
+ setup; (bso#13796).
+ + dbcheck: Fix the err_empty_attribute() check; (bso#13843).
+ + vfs_snapper: Drop unneeded fstat handler; (bso#13858).
+ + vfs_default: Fix vfswrap_offload_write_send()
+ NT_STATUS_INVALID_VIEW_SIZE check; (bso#13862).
+ + smb2_server: Grant all 8192 credits to clients; (bso#13863).
+ + smbd: Implement SMB_FILE_NORMALIZED_NAME_INFORMATION handling;
+ (bso#13919).
+ + s3/vfs_glusterfs: Dynamically determine NAME_MAX; (bso#13872).
+ + s3: modules: ceph: Use current working directory instead of
+ share path; (bso#13918); (bsc#1134452).
+ + winbind: Use domain name from lsa query for sid_to_name cache
+ entry; (bso#13831).
+ + memcache: Increase size of default memcache to 512k;
+ (bso#13865).
+ + docs: Update smbclient manpage for "--max-protocol";
+ (bso#13857).
+ + s3:utils: If share is NULL in smbcacls, don't print it;
+ (bso#13937).
+ + s3:smbspool: Fix regression printing with Kerberos credentials;
+ (bso#13939).
+ + ctdb-scripts: CTDB restarts failed NFS RPC services by hand,
+ which is incompatible with systemd; (bso#13860).
+ + ctdb-daemon: Revert "We can not assume that just because we
+ could complete a TCP handshake"; (bso#13888).
+ + ctdb-daemon: Never use 0 as a client ID; (bso#13930).
+ + ctdb-common: Fix memory leak; (bso#13943).
+ + s3:debug: Enable logging for early startup failures;
+ (bso#13904)
+
+- Update to samba-4.10.3
+ + CVE-2018-16860: Heimdal KDC: Reject PA-S4U2Self with unkeyed
+ checksum; (bso#13685); (bsc#1134024).
+
+-------------------------------------------------------------------
@@ -95,0 +166,6 @@
+Tue Apr 2 08:38:28 UTC 2019 - npower <nopo...@suse.com>
+
+- CVE-2019-3880: Save registry file outside share as unprivileged
+ user; (bso#13851); (bsc#1131060 ).
+
+-------------------------------------------------------------------
@@ -185,0 +262,8 @@
+Mon Feb 4 12:38:55 UTC 2019 - Samuel Cabrero <scabr...@suse.de>
+
+- s3:winbindd: let normalize_name_map() call find_domain_from_name_noinit();
+ (bso#13173); (bsc#1123755);
+- s3:winbind: Fix regression introduced with bso #12851;
+ (bso#12851); (bsc#1123755);
+
+-------------------------------------------------------------------
@@ -210,0 +295,6 @@
+Thu Dec 20 15:15:54 UTC 2018 - David Mulder <dmul...@suse.com>
+
+- s3:passdb: Do not return OK if we don't have pinfo set up;
+ (bsc#1099590); (bso#13376);
+
+-------------------------------------------------------------------
@@ -246,0 +337,6 @@
+Thu Nov 8 17:53:14 UTC 2018 - Samuel Cabrero <scabr...@suse.de>
+
+- s3: winbind: Remove fstring from wb_acct_info struct; (bsc#1114459);
+- Use foreground execution mode for systemd samba daemons; (bsc#1112223);
+
+-------------------------------------------------------------------
@@ -303,0 +400,7 @@
+Mon Oct 8 08:36:43 UTC 2018 - Samuel Cabrero <scabr...@suse.de>
+
+- Update to 4.6.16; (bsc#1110943);
+ + CVE-2018-10919: Fix unauthorized attribute access via searches;
+ (bso#13434);
+
+-------------------------------------------------------------------
@@ -415,0 +519,8 @@
+Mon Aug 20 21:25:27 UTC 2018 - dd...@suse.com
+
+- Update to 4.6.15
+ + Fix ctdb_mutex_ceph_rados_helper deadlock; (bso#13540); (bsc#1102230);
+ + Allow idmap_rid to have primary group other than "Domain Users";
+ (bsc#1087931).
+
+-------------------------------------------------------------------
@@ -468,0 +580,14 @@
+Wed Aug 1 14:57:51 UTC 2018 - scabr...@suse.de
+
+- CVE-2018-10858: Insufficient input validation on client directory
+ listing in libsmbclient; (bso#13453); (bsc#1103411);
+- s3: winbind: Fix 'winbind normalize names' in wb_getpwsid();
+ (bso#12851);
+- winbind: avoid using fstrcpy in _dual_init_connection;
+ (bso#13294); (bsc#1087303);
+- Fix ntlm authentications with "winbind use default domain = yes";
+ (bso#13126); (bsc#1068059);
+- net: fix net ads keytab handling; (bso#13166); (bsc#1067700);
+- fix vfs_ceph flock stub; (bso#13506).
+
+-------------------------------------------------------------------
@@ -476,0 +602,39 @@
+Wed May 23 14:01:16 UTC 2018 - dd...@suse.com
+
+- Fix vfs_ceph with "aio read size" or "aio write size" > 0;
+ (bsc#1093664).
+ + vfs_ceph: add fake async pwrite/pread send/recv hooks; (bso#13425).
+ + Fix memory leak in vfs_ceph; (bso#13424).
+
+- Update to 4.6.14
+ + winbind: avoid using fstrcpy(dcname,...) in _dual_init_connection;
+ (bso#13294).
+ + s3:smb2_server: correctly maintain request counters for compound
+ requests; (bso#13215).
+ + s3: smbd: Unix extensions attempts to change wrong field in fchown
+ call; (bso#13375).
+ + s3:smbd: map nterror on smb2_flush errorpath; (bso#13338).
+ + vfs_glusterfs: Fix the wrong pointer being sent in glfs_fsync_async;
+ (bso#13297).
+ + s3: smbd: Fix possible directory fd leak if the underlying OS doesn't
+ support fdopendir(); (bso#13270).
+ + s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we
+ don't own it here; (bso#13244).
+ + s3:libsmb: allow -U"\\administrator" to work; (bso#13206).
+ + CVE-2018-1057: s4:dsdb: fix unprivileged password changes;
+ (bso#13272); (bsc#1081024).
+ + s3:smbd: Do not crash if we fail to init the session table;
+ (bso#13315).
+ + libsmb: Use smb2 tcon if conn_protocol >= SMB2_02; (bso#13310).
+ + smbXcli: Add "force_channel_sequence"; (bso#13215).
+ + smbd: Fix channel sequence number checks for long-running requests;
+ (bso#13215).
+ + s3:smb2_server: allow logoff, close, unlock, cancel and echo on
+ expired sessions; (bso#13197).
+ + s3:smbd: return the correct error for cancelled SMB2 notifies on
+ expired sessions; (bso#13197).
+ + samba: Only use async signal-safe functions in signal handler;
+ (bso#13240).
+ + subnet: Avoid a segfault when renaming subnet objects; (bso#13031).
+
+-------------------------------------------------------------------
@@ -624,0 +789,30 @@
+Wed Mar 7 11:54:50 UTC 2018 - jmcdono...@suse.com
+
+- CVE-2018-1050: DOS vulnerability when SPOOLSS is run externally;
+ (bso#11343); (bsc#1081741);
+
+-------------------------------------------------------------------
+Tue Mar 6 23:36:51 UTC 2018 - dd...@suse.com
+
+- Update to 4.6.13; (bsc#1084191)
+ + ceph_statx configure time check doesn't work with a non-default
+ --with-libcephfs path; (bso#13250).
+ - follow up fix for libceph-common detection; (bso#13277).
+ + Fail to copy file with empty FinderInfo from Windows client to Samba
+ share with fruit; (bso#13181).
+ + vfs_ceph uses a local statvfs() call to determine FS capabilities;
+ (bso#13208).
+ + smbd tries to release not leased oplock during oplock II downgrade;
+ (bso#13193).
+ + smbd panic when chdir returns error during exit; (bso#13189).
+ + ctdb_recovery_helper crashes if recovery process times out; (bso#13188).
+ + POSIX ACL support is broken on hpux and possibly other big-endian OSs;
+ (bso#13176).
+ + Kerberos: PKINIT: Can't decode algorithm parameters in
+ clientPublicValue; (bso#12986).
++++ 98 more lines (skipped)
++++ between /work/SRC/openSUSE:Factory/samba/samba.changes
++++ and /work/SRC/openSUSE:Factory/.samba.new.4615/samba.changes
Old:
----
samba-4.10.2+git.94.31fb5e37171.tar.bz2
New:
----
samba-4.10.5+git.105.2bd98587873.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ samba.spec ++++++
--- /var/tmp/diff_new_pack.f4q2kq/_old 2019-06-27 15:53:02.831904310 +0200
+++ /var/tmp/diff_new_pack.f4q2kq/_new 2019-06-27 15:53:02.835904316 +0200
@@ -170,7 +170,7 @@
%else
%define build_make_smp_mflags %{?jobs:-j%jobs}
%endif
-Version: 4.10.2+git.94.31fb5e37171
+Version: 4.10.5+git.105.2bd98587873
Release: 0
Url: https://www.samba.org/
Obsoletes: samba-32bit < %{version}
++++++ samba-4.10.2+git.94.31fb5e37171.tar.bz2 ->
samba-4.10.5+git.105.2bd98587873.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/samba/samba-4.10.2+git.94.31fb5e37171.tar.bz2
/work/SRC/openSUSE:Factory/.samba.new.4615/samba-4.10.5+git.105.2bd98587873.tar.bz2
differ: char 11, line 1
