The branch, v4-0-test has been updated via 1f70ad9 VERSION: Bump version number up to 4.0.19... via 98b4a34 VERSION: Disable git snapshots for the 4.0.18 release. via 8a0fcbc WHATSNEW: Add release notes for Samba 4.0.18. from 97a3274 bug #10609: CVE-2014-0239 Don't reply to replies
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log ----------------------------------------------------------------- commit 1f70ad9d3ec2a4c3da4651b74834d5b807410ad4 Author: Karolin Seeger <ksee...@samba.org> Date: Tue May 27 19:18:37 2014 +0200 VERSION: Bump version number up to 4.0.19... and re-enable git snapshots. Signed-off-by: Karolin Seeger <ksee...@samba.org> commit 98b4a3491bedad8ea96faa057459fb1dcabfab9c Author: Karolin Seeger <ksee...@samba.org> Date: Tue May 27 14:03:28 2014 +0200 VERSION: Disable git snapshots for the 4.0.18 release. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10549 CVE-2014-0178: Malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609 CVE-2014-0239: DOS in DNS server packet handling Signed-off-by: Karolin Seeger <ksee...@samba.org> commit 8a0fcbcbc6e183bfb4ca95f02d15ea7b33107e27 Author: Karolin Seeger <ksee...@samba.org> Date: Tue May 27 14:02:02 2014 +0200 WHATSNEW: Add release notes for Samba 4.0.18. CVE-2014-0239 Don't reply to replies CVE-2014-0178: Malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response Signed-off-by: Karolin Seeger <ksee...@samba.org> ----------------------------------------------------------------------- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 100 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 99 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 6e860f0..d89736a 100644 --- a/VERSION +++ b/VERSION @@ -25,7 +25,7 @@ ######################################################## SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=0 -SAMBA_VERSION_RELEASE=18 +SAMBA_VERSION_RELEASE=19 ######################################################## # If a official release has a serious bug # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 8ae476c..0320288 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,100 @@ ============================== + Release Notes for Samba 4.0.18 + May 27, 2014 + ============================== + + +This is the latest stable release of Samba 4.0. + +Please note that this bug fix release also addresses two minor security issues +without being a dedicated security release: + + o CVE-2014-0239: dns: Don't reply to replies (bug #10609). + o CVE-2014-0178: Malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response + (bug #10549). + +For more details including security advisories and patches, please see + + http://www.samba.org/samba/history/security.html + + + Changes since 4.0.17: +--------------------- + +o Michael Adam <ob...@samba.org> + * BUG 10548: build: Fix ordering problems with lib-provided and internal + RPATHs. + + +o Jeremy Allison <j...@samba.org> + * BUG 10577: SMB1 wildcard unlink fail can leave a retry record on the open + retry queue. + * BUG 10564: Fix lock order violation and file lost. + + +o Björn Baumbach <b...@sernet.de> + * BUG 10239: s3-nmbd: Reset debug settings after reading config file. + * BUG 10544: s3-lib/util: set_namearray reads across end of namelist + string. + * BUG 10556: lib-util: Rename memdup to smb_memdup and fix all callers. + + +o Kai Blin <k...@samba.org> + * BUG 10609: CVE-2014-0239: dns: Don't reply to replies. + + +o David Disseldorp <dd...@samba.org> + * BUG 10590: byteorder: Do not assume PowerPC is big-endian. + + +o Stefan Metzmacher <me...@samba.org> + * BUG 10472: script/autobuild: Make use of + '--with-perl-{arch,lib}-install-dir'. + + +o Noel Power <nopo...@suse.com> + * BUG 10554: Fix read of deleted memory in reply_writeclose()'. + + +o Jose A. Rivera <jar...@redhat.com> + * BUG 10151: Extra ':' in msg for Waf Cross Compile Build System with + Cross-answers command. + * BUG 10348: Fix empty body in if-statement in continue_domain_open_lookup. + + +o Christof Schmitt <christof.schm...@us.ibm.com> + * BUG 10549: CVE-2014-0178: Malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS + response. + + +o Andreas Schneider <a...@samba.org> + * BUG 10472: wafsamba: Fix the installation on FreeBSD. + + +###################################################################### +Reporting bugs & Development Discussion +####################################### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 4.0 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +====================================================================== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +====================================================================== + + +Release notes for older releases follow: +---------------------------------------- + + ============================== Release Notes for Samba 4.0.17 April 15, 2014 ============================== @@ -109,8 +205,8 @@ database (https://bugzilla.samba.org/). ====================================================================== -Release notes for older releases follow: ----------------------------------------- +---------------------------------------------------------------------- + ============================== Release Notes for Samba 4.0.16 -- Samba Shared Repository