The annotated tag, samba-4.10.18 has been created at 92a34f2ca7318b4323e5dc36fd102417e911ec5a (tag) tagging aa658ca962cfe9057741495ce9eda5d6b6965882 (commit) replaces samba-4.10.17 tagged by Karolin Seeger on Fri Sep 18 13:36:43 2020 +0200
- Log ----------------------------------------------------------------- samba: tag release samba-4.10.18 -----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQRS+8C4bZVLCEMyTNxvM5FbZWi36gUCX2SbywAKCRBvM5FbZWi3 6kHnAJ9bUdyDgkGISzNxR9wCacTjERzyYgCgtOoGW/iKrFRZMsehqz24zKspGys= =HVCP -----END PGP SIGNATURE----- Bjoern Jacke (1): util: fix build on AIX by fixing the order of replace.h include Gary Lockyer (2): CVE-2020-1472(ZeroLogon): s4 torture rpc: Test empty machine acct pwd CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated bytes in client challenge Günther Deschner (3): CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: refactor dcesrv_netr_creds_server_step_check() CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: support "server require schannel:WORKSTATION$ = no" CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: log warnings about unsecure configurations Jeremy Allison (1): CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: protect netr_ServerPasswordSet2 against unencrypted passwords Karolin Seeger (5): VERSION: Bump version up to 4.10.17... Merge tag 'samba-4.10.17' into v4-10-test VERSION: Bump version up to 4.10.18. WHATSNEW: Add release notes for Samba 4.10.18. VERSION: Disable GIT_SNAPSHOT for the 4.10.18 release. Martin Schwenke (3): util: Simplify input validation util: Fix build on FreeBSD by avoiding NSS_BUFLEN_PASSWD util: Reallocate larger buffer if getpwuid_r() returns ERANGE Stefan Metzmacher (12): CVE-2020-1472(ZeroLogon): libcli/auth: add netlogon_creds_random_challenge() CVE-2020-1472(ZeroLogon): s4:torture/rpc: make use of netlogon_creds_random_challenge() CVE-2020-1472(ZeroLogon): libcli/auth: make use of netlogon_creds_random_challenge() in netlogon_creds_cli.c CVE-2020-1472(ZeroLogon): s3:rpc_server:netlogon: make use of netlogon_creds_random_challenge() CVE-2020-1472(ZeroLogon): s4:rpc_server:netlogon: make use of netlogon_creds_random_challenge() CVE-2020-1472(ZeroLogon): libcli/auth: add netlogon_creds_is_random_challenge() to avoid weak values CVE-2020-1472(ZeroLogon): libcli/auth: reject weak client challenges in netlogon_creds_server_init() CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: protect netr_ServerPasswordSet2 against unencrypted passwords CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: refactor dcesrv_netr_creds_server_step_check() CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: support "server require schannel:WORKSTATION$ = no" CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: log warnings about unsecure configurations CVE-2020-1472(ZeroLogon): docs-xml: document 'server require schannel:COMPUTERACCOUNT' ----------------------------------------------------------------------- -- Samba Shared Repository