The annotated tag, samba-4.18.5 has been created
at 5538c5816b816cfcb7d05f5ba432fc4fee3cd82f (tag)
tagging 50a9b496556c08a451d8f18707fa709de69942ec (commit)
replaces samba-4.18.4
tagged by Jule Anger
on Mon Jul 17 22:14:43 2023 +0200
- Log -----------------------------------------------------------------
samba: tag release samba-4.18.5
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEgfXigyvSVFoYl7cTqplEL7aAtiAFAmS1oTMACgkQqplEL7aA
tiCl4w/9EzaCEWkOWQUwFu4g/lYbjQWXB/ivMGfvywzuBaNk0MyZ2Lgs+OivOxIJ
kl3JTGx0iqaQaVsa/oN2bWclICGlBbXc7oL36nQyoAozRYxVlRC6ES5lKjkWyeBW
zhTUC+Hax0r6S0cZISE3Ys1EHI0Jja+LYgoA4iVau0a84KZEJB/TufH8l8dfYfBQ
NPtHRfr1J11AC4qKOWXEwV5i32MZNBIczOVnkvdm/mU3MlLe1NURaW6kdKXxv1EY
AuOqQw5pvBefP9vAG2PIHGFPjdA6wt0UN+/ye+sxja9X0IRvH/CoFyiIQH6c7hwz
btsz+hxRCGM5aoPXFAG/z6UND7Dh6giJSD0OqcGWWcW6pjgX8KGjZSvQNwtcrQeW
oJSqai0Vj8PeZ7SAgLOiR9KHqbV54qMP6MI1ynw6tXXgRBtjbs6Z2vwwjCUXZrD0
dw8wTjM8VUxY764wTpGDQ2p7MZLgUAEldS/A6eaRicVOZyS7IsiFyNftSptjNcJB
beXU5FX7WjDIUblxUP0LJ2+idcyFFbXtBNdtNkE5N1xd+LXiZxV10lxJMQFD7LPL
dl95tPOLkj3MVsKmvoJidy9XViTWC6b5lSG1Mk9IFucQ62J2+VKEWFi5CG2CjYuI
kSZhcDlVYEeilYwfjAACfFQO75QEqqvUZSOCD1aIrDKXqSYWAXY=
=8NNb
-----END PGP SIGNATURE-----
Jule Anger (3):
VERSION: Bump version up to Samba 4.18.5...
WHATSNEW: Add release notes for Samba 4.18.5.
VERSION: Disable GIT_SNAPSHOT for the 4.18.5 release.
Ralph Boehme (21):
CVE-2022-2127: ntlm_auth: cap lanman response length value
CVE-2023-34966: CI: test for sl_unpack_loop()
CVE-2023-34966: mdssvc: harden sl_unpack_loop()
CVE-2023-34967: CI: add a test for type checking of dalloc_value_for_key()
CVE-2023-34967: mdssvc: add type checking to dalloc_value_for_key()
CVE-2023-34968: mdssvc: cache and reuse stat info in struct
sl_inode_path_map
CVE-2023-34968: mdssvc: add missing "kMDSStoreMetaScopes" dict key in
slrpc_fetch_properties()
CVE-2023-34968: mdscli: use correct TALLOC memory context when allocating
spotlight_blob
CVE-2023-34968: mdscli: remove response blob allocation
CVE-2023-34968: smbtorture: remove response blob allocation in mdssvc.c
CVE-2023-34968: rpcclient: remove response blob allocation
CVE-2023-34968: mdssvc: remove response blob allocation
CVE-2023-34968: mdssvc: switch to doing an early return
CVE-2023-34968: mdssvc: introduce an allocating wrapper to sl_pack()
CVE-2023-34968: mdscli: return share relative paths
CVE-2023-34968: mdssvc: return a fake share path
CVE-2023-3347: CI: add a test for server-side mandatory signing
CVE-2023-3347: smbd: pass lp_ctx to smb[1|2]_srv_init_signing()
CVE-2023-3347: smbd: inline smb2_srv_init_signing() code in
srv_init_signing()
CVE-2023-3347: smbd: remove comment in smbd_smb2_request_process_negprot()
CVE-2023-3347: smbd: fix "server signing = mandatory"
Stefan Metzmacher (4):
netlogon.idl: add support for netr_LogonGetCapabilities response level 2
s4:torture/rpc: let rpc.schannel also check netr_LogonGetCapabilities
with different levels
s4:rpc_server:netlogon: generate FAULT_INVALID_TAG for invalid
netr_LogonGetCapabilities levels
s3:rpc_server:netlogon: generate FAULT_INVALID_TAG for invalid
netr_LogonGetCapabilities levels
Volker Lendecke (1):
CVE-2022-2127: winbindd: Fix WINBINDD_PAM_AUTH_CRAP length checks
-----------------------------------------------------------------------
--
Samba Shared Repository
