The annotated tag, samba-4.6.15 has been created
        at  ea132b05d3b6a2543922c8c8395646e3174a78fa (tag)
   tagging  c4d44b9a78f65a27803ee7005a077292b45690f7 (commit)
  replaces  samba-4.6.14
 tagged by  Karolin Seeger
        on  Fri Apr 13 09:46:43 2018 +0200

- Log -----------------------------------------------------------------
samba: tag release samba-4.6.15
-----BEGIN PGP SIGNATURE-----

iEYEABECAAYFAlrQYGQACgkQbzORW2Vot+qI4gCghayfrXCSXvxapnCBVATwjnpE
y+QAoIycikSkkpvqAPLgrAGd/iTMqsHm
=A2qV
-----END PGP SIGNATURE-----

Andreas Schneider (1):
      s3:smbd: Do not crash if we fail to init the session table

Anton Nefedov via samba-technical (1):
      s3:smbd: map nterror on smb2_flush errorpath

Dan Robertson (1):
      libsmb: Use smb2 tcon if conn_protocol >= SMB2_02

Garming Sam (2):
      subnet: Avoid a segfault when renaming subnet objects
      tests/bind.py: Add a bind test with NTLMSSP with no domain

G√ľnther Deschner (1):
      build: fix libceph-common detection

Jeremy Allison (4):
      CVE-2018-1050: s3: RPC: spoolss server. Protect against null pointer 
derefs.
      s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we 
don't own it here.
      s3: smbd: Fix possible directory fd leak if the underlying OS doesn't 
support fdopendir()
      s3: smbd: Unix extensions attempts to change wrong field in fchown call.

Karolin Seeger (16):
      VERSION: Bump version up to 4.6.14...
      Revert "HEIMDAL:kdc: use the correct authtime from addtitional ticket for 
S4U2Proxy tickets"
      Revert "TODO s4:kdc: indicate support for new encryption types by adding 
empty keys"
      Revert "TODO s4:kdc: msDS-SupportedEncryptionTypes only on computers"
      Revert "s4:kdc: use the strongest possible tgs session key"
      Revert "HEIMDAL:hdb: export a hdb_enctype_supported() helper function"
      Revert "HEIMDAL:kdc: let _kdc_encode_reply() use the encryption type 
based on the server key"
      Revert "s4:kdc: fix the principal names in 
samba_kdc_update_delegation_info_blob"
      Revert "HEIMDAL:kdc: if we don't have an authenticator subkey for 
S4U2Proxy we need to use the additional tickets key"
      Revert "HEIMDAL:kdc: decrypt b->enc_authorization_data in 
tgs_build_reply()"
      Revert "HEIMDAL:kdc: fix memory leak when decryption AuthorizationData"
      WHATSNEW: Add release notes for Samba 4.6.14.
      VERSION: Disable GIT_SNAPSHOT for the 4.6.14 release.
      VERSION: Bump version up to 4.6.15...
      WHATSNEW: Add release notes for Samba 4.6.15.
      VERSION: Disable GIT_SNAPSHOT for the 4.6.15 release.

Poornima G (1):
      vfs_glusterfs: Fix the wrong pointer being sent in glfs_fsync_async

Ralph Boehme (13):
      CVE-2018-1057: s4:dsdb/tests: add a test for password change with empty 
delete
      CVE-2018-1057: s4:dsdb/password_hash: add a helper variable for 
LDB_FLAG_MOD_TYPE
      CVE-2018-1057: s4:dsdb/password_hash: add a helper variable for 
passwordAttr->num_values
      CVE-2018-1057: s4:dsdb/acl: only call dsdb_acl_debug() if we checked the 
acl in acl_check_password_rights()
      CVE-2018-1057: s4:dsdb/acl: remove unused else branches in 
acl_check_password_rights()
      CVE-2018-1057: s4:dsdb/acl: check for internal controls before other 
checks
      CVE-2018-1057: s4:dsdb/acl: add check for 
DSDB_CONTROL_PASSWORD_HASH_VALUES_OID control
      CVE-2018-1057: s4:dsdb/acl: add a NULL check for talloc_new() in 
acl_check_password_rights()
      CVE-2018-1057: s4/dsdb: correctly detect password resets
      CVE-2018-1057: s4:dsdb/acl: run password checking only once
      CVE-2018-1057: s4:dsdb/samdb: define 
DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OID control
      CVE-2018-1057: s4:dsdb: use DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OID
      CVE-2018-1057: s4:dsdb/acl: changing dBCSPwd is only allowed with a 
control

Stefan Metzmacher (17):
      HEIMDAL:kdc: fix memory leak when decryption AuthorizationData
      HEIMDAL:kdc: decrypt b->enc_authorization_data in tgs_build_reply()
      HEIMDAL:kdc: if we don't have an authenticator subkey for S4U2Proxy we 
need to use the additional tickets key
      s4:kdc: fix the principal names in samba_kdc_update_delegation_info_blob
      HEIMDAL:kdc: let _kdc_encode_reply() use the encryption type based on the 
server key
      HEIMDAL:hdb: export a hdb_enctype_supported() helper function
      s4:kdc: use the strongest possible tgs session key
      TODO s4:kdc: msDS-SupportedEncryptionTypes only on computers
      TODO s4:kdc: indicate support for new encryption types by adding empty 
keys
      HEIMDAL:kdc: use the correct authtime from addtitional ticket for 
S4U2Proxy tickets
      s4:torture: add smb2.session.expire2 test
      s3:smbd: return the correct error for cancelled SMB2 notifies on expired 
sessions
      s3:smb2_server: allow logoff, close, unlock, cancel and echo on expired 
sessions
      Merge tag 'samba-4.6.14' into v4-6-test
      s3:libsmb: allow -U"\\administrator" to work
      s3:cliconnect.c: remove useless ';'
      s3:smb2_server: correctly maintain request counters for compound requests

Volker Lendecke (8):
      samba: Only use async signal-safe functions in signal handler
      smbd: Fix a typo
      torture4: Fix typos
      smbd: Remove a "!" from an if-condition for easier readability
      smbd: Fix channel sequence number checks for long-running requests
      smbXcli: Add "force_channel_sequence"
      torture: Add test for channel sequence number handling
      torture: Test compound request request counters

-----------------------------------------------------------------------


-- 
Samba Shared Repository

Reply via email to