The branch, master has been updated
via 9ce08d5 Add security advisory for CVE-2012-2111.
via 0b01685 Announce Samba 3.6.5, 3.5.15 and 3.4.17.
from 31eb555 Add note about patches that apply to alpha18
http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 9ce08d513e99a31fce99fe88e1de73391e5424b6
Author: Karolin Seeger <[email protected]>
Date: Sun Apr 29 20:42:17 2012 +0200
Add security advisory for CVE-2012-2111.
Karolin
commit 0b01685402f64d1d5279c60456f8797a8a75e025
Author: Karolin Seeger <[email protected]>
Date: Sun Apr 29 20:30:10 2012 +0200
Announce Samba 3.6.5, 3.5.15 and 3.4.17.
Karolin
-----------------------------------------------------------------------
Summary of changes:
generated_news/latest_10_bodies.html | 38 ++++++++++---
generated_news/latest_10_headlines.html | 4 +-
generated_news/latest_2_bodies.html | 39 ++++++++++---
history/header_history.html | 3 +
history/samba-3.4.17.html | 43 ++++++++++++++
history/samba-3.5.15.html | 41 ++++++++++++++
history/samba-3.6.5.html | 41 ++++++++++++++
history/security.html | 15 +++++
latest_stable_release.html | 6 +-
security/CVE-2012-2111.html | 93 +++++++++++++++++++++++++++++++
10 files changed, 299 insertions(+), 24 deletions(-)
create mode 100755 history/samba-3.4.17.html
create mode 100755 history/samba-3.5.15.html
create mode 100755 history/samba-3.6.5.html
create mode 100644 security/CVE-2012-2111.html
Changeset truncated at 500 lines:
diff --git a/generated_news/latest_10_bodies.html
b/generated_news/latest_10_bodies.html
index 47c51cf..6809f07 100644
--- a/generated_news/latest_10_bodies.html
+++ b/generated_news/latest_10_bodies.html
@@ -1,3 +1,32 @@
+ <h5><a name="3.6.5">30 April 2012</a></h5>
+ <p class="headline">Samba 3.6.5, 3.5.15 and 3.4.17 <b>Security
Releases</b> Available for Download</p>
+ <p>These are security releases in order to address
+ <a
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111";>CVE-2012-2111
(Samba 3.4.x to 3.6.4 are affected by a
+ vulnerability that allows arbitrary users to modify privileges on a
file server.)</a>.</p>
+
+<p>The uncompressed tarballs and patch files have been signed
+using GnuPG (ID 6568B7EA).</p>
+<p>
+The source code can be downloaded here:
+<li><a href="http://samba.org/samba/ftp/stable/samba-3.6.5.tar.gz";>download
Samba 3.6.5</a>,</li>
+<li><a href="http://samba.org/samba/ftp/stable/samba-3.5.15.tar.gz";>download
Samba 3.5.15</a>,</li>
+<li><a href="http://samba.org/samba/ftp/stable/samba-3.4.17.tar.gz";>download
Samba 3.4.17</a>.</li>
+</p>
+
+<p>
+Patches against the parents are also available:
+<li><a
href="http://samba.org/samba/ftp/patches/patch-3.6.4-3.6.5.diffs.gz";>patch
Samba 3.6.4/3.6.5</a>,</li>
+<li><a
href="http://samba.org/samba/ftp/patches/patch-3.5.14-3.5.15.diffs.gz";>patch
Samba 3.5.14/3.5.15</a>,</li>
+<li><a
href="http://samba.org/samba/ftp/patches/patch-3.4.16-3.4.17.diffs.gz";>patch
Samba 3.4.16/3.4.17</a>.</li>
+</p>
+
+<p>
+Please see the release notes for more info:
+<li><a href="http://samba.org/samba/history/samba-3.6.5.html";>release notes
Samba 3.6.5</a>,</li>
+<li><a href="http://samba.org/samba/history/samba-3.5.15.html";>release notes
Samba 3.5.15</a>,</li>
+<li><a href="http://samba.org/samba/history/samba-3.4.17.html";>release notes
Samba 3.4.17</a>.</li>
+</p>
+
<h5><a name="3.6.4">10 April 2012</a></h5>
<p class="headline">Samba 3.6.4, 3.5.14 and 3.4.16 <b>Security
Releases</b> Available for Download</p>
<p>These are security releases in order to address <a
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-CVE-2012-1182";>CVE-2012-1182
("root" credential remote code execution)</a>.</p>
@@ -92,12 +121,3 @@ A Samba 4 update</a> talk.
using GnuPG (ID 6568B7EA). The source code can be
<a href="http://samba.org/samba/ftp/stable/samba-3.5.12.tar.gz";>downloaded
now</a>. A <a
href="http://samba.org/samba/ftp/patches/patch-3.5.11-3.5.12.diffs.gz";>patch
against Samba 3.5.11</a> is also available. See <a
href="http://samba.org/samba/history/samba-3.5.12.html";>the release notes for
more info</a>.</p>
-
- <h5><a name="3.6.1">20 October 2011</a></h5>
- <p class="headline">Samba 3.6.1 Available for Download</p>
- <p>This is the latest stable release of the Samba 3.6 series.</p>
-
-<p>The uncompressed tarballs and patch files have been signed
-using GnuPG (ID 6568B7EA). The source code can be
-<a href="http://samba.org/samba/ftp/stable/samba-3.6.1.tar.gz";>downloaded
-now</a>. A <a
href="http://samba.org/samba/ftp/patches/patch-3.6.0-3.6.1.diffs.gz";>patch
against Samba 3.6.0</a> is also available. See <a
href="http://samba.org/samba/history/samba-3.6.1.html";>the release notes for
more info</a>.</p>
diff --git a/generated_news/latest_10_headlines.html
b/generated_news/latest_10_headlines.html
index eca78dd..ecc29d3 100644
--- a/generated_news/latest_10_headlines.html
+++ b/generated_news/latest_10_headlines.html
@@ -1,4 +1,6 @@
<ul>
+ <li> 30 April 2012 <a href="#3.6.5">Samba 3.6.5</a>, <a
href="#3.5.15">3.5.15</a> and <a href="#3.4.17">3.4.17</a> <b>Security
Releases</b> Available for Download.</li>
+
<li> 10 April 2012 <a href="#3.6.4">Samba 3.6.4</a>, <a
href="#3.5.14">3.5.14</a> and <a href="#3.4.16">3.4.16</a> <b>Security
Releases</b> Available for Download.</li>
<li> 20 March 2012 <a
href="/samba/news/developers/obnox-samba-team-visits-microsoft-for-smb2-2-interop-event.html">Report:
Microsoft SMB2.2 Interop Event</a></li>
@@ -16,6 +18,4 @@
<li> 02 November 2011 <a
href="/samba/news/developers/ms-patch.html">Samba Notes Passing a
Milestone</a></li>
<li> 26 October 2011 <a href="#3.5.12">Samba 3.5.12 Available for
Download</a></li>
-
- <li> 20 October 2011 <a href="#3.6.1">Samba 3.6.1 Available for
Download</a></li>
</ul>
diff --git a/generated_news/latest_2_bodies.html
b/generated_news/latest_2_bodies.html
index f0dbdc7..3ab134b 100644
--- a/generated_news/latest_2_bodies.html
+++ b/generated_news/latest_2_bodies.html
@@ -1,3 +1,32 @@
+ <h5><a name="3.6.5">30 April 2012</a></h5>
+ <p class="headline">Samba 3.6.5, 3.5.15 and 3.4.17 <b>Security
Releases</b> Available for Download</p>
+ <p>These are security releases in order to address
+ <a
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111";>CVE-2012-2111
(
+ Incorrect permission checks when granting/removing privileges can
compromise file server security.)</a>.</p>
+
+<p>The uncompressed tarballs and patch files have been signed
+using GnuPG (ID 6568B7EA).</p>
+<p>
+The source code can be downloaded here:
+<li><a href="http://samba.org/samba/ftp/stable/samba-3.6.5.tar.gz";>download
Samba 3.6.5</a>,</li>
+<li><a href="http://samba.org/samba/ftp/stable/samba-3.5.15.tar.gz";>download
Samba 3.5.15</a>,</li>
+<li><a href="http://samba.org/samba/ftp/stable/samba-3.4.17.tar.gz";>download
Samba 3.4.17</a>.</li>
+</p>
+
+<p>
+Patches against the parents are also available:
+<li><a
href="http://samba.org/samba/ftp/patches/patch-3.6.4-3.6.5.diffs.gz";>patch
Samba 3.6.4/3.6.5</a>,</li>
+<li><a
href="http://samba.org/samba/ftp/patches/patch-3.5.14-3.5.15.diffs.gz";>patch
Samba 3.5.14/3.5.15</a>,</li>
+<li><a
href="http://samba.org/samba/ftp/patches/patch-3.4.16-3.4.17.diffs.gz";>patch
Samba 3.4.16/3.4.17</a>.</li>
+</p>
+
+<p>
+Please see the release notes for more info:
+<li><a href="http://samba.org/samba/history/samba-3.6.5.html";>release notes
Samba 3.6.5</a>,</li>
+<li><a href="http://samba.org/samba/history/samba-3.5.15.html";>release notes
Samba 3.5.15</a>,</li>
+<li><a href="http://samba.org/samba/history/samba-3.4.17.html";>release notes
Samba 3.4.17</a>.</li>
+</p>
+
<h5><a name="3.6.4">10 April 2012</a></h5>
<p class="headline">Samba 3.6.4, 3.5.14 and 3.4.16 <b>Security
Releases</b> Available for Download</p>
<p>These are security releases in order to address <a
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-CVE-2012-1182";>CVE-2012-1182
("root" credential remote code execution)</a>.</p>
@@ -24,13 +53,3 @@ Please see the release notes for more info:
<li><a href="http://samba.org/samba/history/samba-3.5.14.html";>release notes
Samba 3.5.14</a>,</li>
<li><a href="http://samba.org/samba/history/samba-3.4.16.html";>release notes
Samba 3.4.16</a>.</li>
</p>
-
- <h5><a name="SMB2.2 Interop Event">20 March 2012</a></h5>
- <p class="headline">Report: Microsoft SMB2.2 Interop Event</p>
- <p>A few Samba Team members recently accepted an invitation by Microsoft
- and attended an SMB2.2 interop testing opportunity.
- <a href="http://www.samba.org/~obnox/";>Michael Adam</a> has
- written a report about this successful event.</p>
-
- <p>If you are interested in this event and Samba's progress in the SMB2
area,
- please read <a
href="/samba/news/developers/obnox-samba-team-visits-microsoft-for-smb2-2-interop-event.html">Michael's
full report</a>.</p>
diff --git a/history/header_history.html b/history/header_history.html
index f5e9bcc..0711d83 100755
--- a/history/header_history.html
+++ b/history/header_history.html
@@ -9,11 +9,13 @@
<li><a href="/samba/history/">Release Notes</a>
<li class="navSub">
<ul>
+ <li><a href="samba-3.6.5.html">samba-3.6.5</a></li>
<li><a href="samba-3.6.4.html">samba-3.6.4</a></li>
<li><a href="samba-3.6.3.html">samba-3.6.3</a></li>
<li><a href="samba-3.6.2.html">samba-3.6.2</a></li>
<li><a href="samba-3.6.1.html">samba-3.6.1</a></li>
<li><a href="samba-3.6.0.html">samba-3.6.0</a></li>
+ <li><a href="samba-3.5.15.html">samba-3.5.15</a></li>
<li><a href="samba-3.5.14.html">samba-3.5.14</a></li>
<li><a href="samba-3.5.13.html">samba-3.5.13</a></li>
<li><a href="samba-3.5.12.html">samba-3.5.12</a></li>
@@ -29,6 +31,7 @@
<li><a href="samba-3.5.2.html">samba-3.5.2</a></li>
<li><a href="samba-3.5.1.html">samba-3.5.1</a></li>
<li><a href="samba-3.5.0.html">samba-3.5.0</a></li>
+ <li><a href="samba-3.4.17.html">samba-3.4.17</a></li>
<li><a href="samba-3.4.16.html">samba-3.4.16</a></li>
<li><a href="samba-3.4.15.html">samba-3.4.15</a></li>
<li><a href="samba-3.4.14.html">samba-3.4.14</a></li>
diff --git a/history/samba-3.4.17.html b/history/samba-3.4.17.html
new file mode 100755
index 0000000..2d30221
--- /dev/null
+++ b/history/samba-3.4.17.html
@@ -0,0 +1,43 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
+<html xmlns="http://www.w3.org/1999/xhtml";>
+
+<head>
+<title>Samba - Release Notes Archive</title>
+</head>
+
+<body>
+
+ <H2>Samba 3.4.17 Available for Download</H2>
+
+<p>
+<pre>
+ ==============================
+ Release Notes for Samba 3.4.17
+ April 30, 2012
+ ==============================
+
+
+This is a security release in order to address
+CVE-2012-2111 (Incorrect permission checks when granting/removing
+privileges can compromise file server security).
+
+o CVE-2012-2111:
+ Samba 3.4.x to 3.6.4 are affected by a
+ vulnerability that allows arbitrary users
+ to modify privileges on a file server.
+
+
+Changes since 3.4.16
+--------------------
+
+
+o Jeremy Allison <[email protected]>
+ * Fix incorrect permission checks when granting/removing
+ privileges (CVE-2012-2111).
+
+</pre>
+</p>
+
+</body>
+</html>
diff --git a/history/samba-3.5.15.html b/history/samba-3.5.15.html
new file mode 100755
index 0000000..a66395c
--- /dev/null
+++ b/history/samba-3.5.15.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
+<html xmlns="http://www.w3.org/1999/xhtml";>
+
+<head>
+<title>Samba - Release Notes Archive</title>
+</head>
+
+<body>
+
+ <H2>Samba 3.5.15 Available for Download</H2>
+
+<p>
+<pre>
+ ==============================
+ Release Notes for Samba 3.5.15
+ April 30, 2012
+ ==============================
+
+
+This is a security release in order to address
+CVE-2012-2111 (Incorrect permission checks when granting/removing
+privileges can compromise file server security).
+
+o CVE-2012-2111:
+ Samba 3.4.x to 3.6.4 are affected by a
+ vulnerability that allows arbitrary users
+ to modify privileges on a file server.
+
+
+Changes since 3.5.14:
+---------------------
+
+
+o Jeremy Allison <[email protected]>
+ * Fix incorrect permission checks when granting/removing
+ privileges (CVE-2012-2111).
+</pre>
+
+</body>
+</html>
diff --git a/history/samba-3.6.5.html b/history/samba-3.6.5.html
new file mode 100755
index 0000000..1745511
--- /dev/null
+++ b/history/samba-3.6.5.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
+<html xmlns="http://www.w3.org/1999/xhtml";>
+
+<head>
+<title>Samba - Release Notes Archive</title>
+</head>
+
+<body>
+
+ <H2>Samba 3.6.5 Available for Download</H2>
+
+<p>
+<pre>
+ =============================
+ Release Notes for Samba 3.6.5
+ April 30, 2012
+ =============================
+
+
+This is a security release in order to address
+CVE-2012-2111 (Incorrect permission checks when granting/removing
+privileges can compromise file server security).
+
+o CVE-2012-2111:
+ Samba 3.4.x to 3.6.4 are affected by a
+ vulnerability that allows arbitrary users
+ to modify privileges on a file server.
+
+
+Changes since 3.6.4:
+--------------------
+
+
+o Jeremy Allison <[email protected]>
+ * Fix incorrect permission checks when granting/removing
+ privileges (CVE-2012-2111).
+</pre>
+
+</body>
+</html>
diff --git a/history/security.html b/history/security.html
index cf2efcb..231a49a 100755
--- a/history/security.html
+++ b/history/security.html
@@ -22,6 +22,21 @@ link to full release notes for each release.</p>
</tr>
<tr>
+ <td>30 Apr 2012</td>
+ <td><a
href="/samba/ftp/patches/security/samba-3.4.16-CVE-2012-2111.patch">
+ patch for Samba 3.4.16</a>
+ <a href="/samba/ftp/patches/security/samba-3.5.14-CVE-2012-2111.patch">
+ patch for Samba 3.5.14</a>
+ <a href="/samba/ftp/patches/security/samba-3.6.4-CVE-2012-2111.patch">
+ patch for Samba 3.6.4</a>
+ <td>Incorrect permission checks when granting/removing privileges can
+ compromise file server security.</td>
+ <td>3.4.x-3.6.4</td>
+ <td><a
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111";>CVE-2012-2111</a></td>
+ <td><a href="/samba/security/CVE-2012-2111">Announcement</a></td>
+ </tr>
+
+ <tr>
<td>10 Apr 2012</td>
<td><a
href="/samba/ftp/patches/security/samba-3.0.37-CVE-2012-1182.patch">
patch for Samba 3.0.37</a>
diff --git a/latest_stable_release.html b/latest_stable_release.html
index 4fe9ed1..806642e 100644
--- a/latest_stable_release.html
+++ b/latest_stable_release.html
@@ -1,5 +1,5 @@
<p>
- <a href="/samba/ftp/stable/samba-3.6.4.tar.gz">Samba 3.6.4
(gzipped)</a><br>
- <a href="/samba/history/samba-3.6.4.html">Release Notes</a> ·
- <a href="/samba/ftp/stable/samba-3.6.4.tar.asc">Signature</a>
+ <a href="/samba/ftp/stable/samba-3.6.5.tar.gz">Samba 3.6.5
(gzipped)</a><br>
+ <a href="/samba/history/samba-3.6.5.html">Release Notes</a> ·
+ <a href="/samba/ftp/stable/samba-3.6.5.tar.asc">Signature</a>
</p>
diff --git a/security/CVE-2012-2111.html b/security/CVE-2012-2111.html
new file mode 100644
index 0000000..39516d0
--- /dev/null
+++ b/security/CVE-2012-2111.html
@@ -0,0 +1,93 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
+<html xmlns="http://www.w3.org/1999/xhtml";>
+
+<head>
+<title>Samba - Security Announcement Archive</title>
+</head>
+
+<body>
+
+ <H2>CVE-2012-2111:</H2>
+
+<p>
+<pre>
+===========================================================
+== Subject: Incorrect permission checks when granting/removing
+== privileges can compromise file server security.
+==
+== CVE ID#: CVE-2012-2111
+==
+== Versions: Samba 3.4.x - 3.6.4 (inclusive)
+==
+== Summary: Samba 3.4.x to 3.6.4 are affected by a
+== vulnerability that allows arbitrary users
+== to modify privileges on a file server.
+==
+===========================================================
+
+===========
+Description
+===========
+
+Samba versions 3.4.x to 3.6.4 inclusive are affected by a
+vulnerability that allows arbitrary users to modify privileges on a
+file server.
+
+Security checks were incorrectly applied to the Local Security
+Authority (LSA) remote proceedure calls (RPC) CreateAccount,
+OpenAccount, AddAccountRights and RemoveAccountRights allowing any
+authenticated user to modify the privileges database.
+
+This is a serious error, as it means that authenticated users can
+connect to the LSA and grant themselves the "take ownership"
+privilege. This privilege is used by the smbd file server to grant the
+ability to change ownership of a file or directory which means users
+could take ownership of files or directories they do not own.
+
+==================
+Patch Availability
+==================
+
+Patches addressing this issue have been posted to:
+
+ http://www.samba.org/samba/security/
+
+Additionally, Samba 3.6.5, Samba 3.5.15 and 3.4.17 have been issued as
+security releases to correct the defect. Patches against older Samba
+versions are available at:
+
+ http://samba.org/samba/patches/
+
+Samba administrators running affected versions are advised to upgrade
+to 3.6.5, 3.5.15, or 3.4.17 or apply these patches as soon as
+possible.
+
+==========
+Workaround
+==========
+
+Immediately set the "enable privileges = no" parameter in the [global]
+section of the smb.conf. This will prevent any further use of granted
+privileges on the file server and protect from compromise.
+
+To remove any incorrectly granted privileges, remove the file:
+
+account_policy.tdb
+
+from your system, and once the patch is applied re-grant specified
+user privileges using the "net rpc rights" command.
+
+=======
+Credits
+=======
+
+This vulnerability was reported by Ivano Cristofolini. Many thanks to
+him for reporting this promptly.
+
+Patches were created by Jeremy Allison of the Samba Team, and reviewed
+by Guenther Deschner of the Samba Team, the SUSE Security Team, and
+Tyler Hicks of Canonical.
+</pre>
+</body>
+</html>
--
Samba Website Repository
