[SCM] Samba Shared Repository - annotated tag samba-4.15.5 created

Jule Anger Mon, 31 Jan 2022 04:41:14 -0800

The annotated tag, samba-4.15.5 has been created
        at  c0f104a593470b7a5c2d500d875f4b67e56ce4e7 (tag)
   tagging  27bd8a323591486e76e916a6084c7300bf358eec (commit)
  replaces  samba-4.15.4
 tagged by  Jule Anger
        on  Mon Jan 31 12:32:43 2022 +0100


- Log -----------------------------------------------------------------
samba: tag release samba-4.15.5
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEgfXigyvSVFoYl7cTqplEL7aAtiAFAmH3yNsACgkQqplEL7aA
tiCCbg//aywVeKwLy+WE7gdTauWZtJiJaI9z75oDdbEKd5ySKrrlxIrXohfoTkTA
PT+xHQJES7gofOKyFWc2VE+nwq6fRvX4gmKegdeAjPECY+nuoo8nYs3FspqVoLRx
Bz3ODGg7Im75A6DJ3JjkpulcBcFqldV5JC1IkGwuSD3F3VMAlfQiyhCNs85Y/MHJ
nMGL9g3Jw2QvLXbGVIe/ADYhVDA/mgmPx42pji804J5cTOChJnnSI4tjVThnhRAS
dr+ppKVFClQX9YMddyo3hN161lcmPnM45Jw/ERTSluKfwXdcoQow/AKYC+4ISeIy
iK9JXoRbGPqyu4QyegMDhGw8Rxk31/nPPO3hXQW9vjjeEs586spNtudITqEZwD6o
L4Lb98fXY08BNNuecUymiJ628xE9T8/eFs6I66QGKH1xgnJWMs4Qi/joYfLaLbSr
qdpR0J4yh94DnoxyEfUWOcGMkqzkBHODVhAgoiDv3jfMZZRgByqY3ArxsC7BF5Dj
/HSI7u/ZJs6F+GlytjySFPQ/ghW05AOyFbNsXibex1oU6YCzgs2DajDgVBLzLn7r
IMtCQKiuGcp4bM8w72aY3nx/vn9dKyJWz1Dav1o02Ztn2K53Ujv7zWyOscj+QOkv
oLsOwaUHDzZ6sT8InuqfEgPh6dYjtzmM+y9x4r/szcUeRXPKSiI=
=46ly
-----END PGP SIGNATURE-----

Jeremy Allison (92):
      CVE-2021-44141: s4: libcli: Add smbcli_unlink_wcard().
      CVE-2021-44141: s4: libcli: In smbcli_deltree() use smbcli_unlink_wcard() 
in place of smbcli_unlink().
      CVE-2021-44141: s4: torture: In raw.notify test use smbcli_unlink_wcard() 
in place of smbcli_unlink().
      CVE-2021-44141: s4: torture: Use smbcli_unlink_wcard() to remove 
wildcards in base.chkpath test.
      CVE-2021-44141: s4: torture: Use smbcli_unlink_wcard() to cleanup in 
base.mangle test.
      CVE-2021-44141: s4: torture: Use smbcli_unlink_wcard() in base.casetable 
test.
      CVE-2021-44141: s4: torture: Use smbcli_unlink_wcard() to setup and 
cleanup in masktest.
      CVE-2021-44141: s4: libcli: smbcli_unlink() is no longer used with 
wildcard patterns.
      CVE-2021-44141: s3: torture: Add torture_deltree() for setup and teardown.
      CVE-2021-44141: s3: torture: In run_smb1_wild_mangle_unlink_test() use 
torture_deltree() for setup and cleanup.
      CVE-2021-44141: s3: torture: In run_smb1_wild_mangle_rename_test() use 
torture_deltree() for setup and cleanup.
      CVE-2021-44141: s3: torture: In torture_utable(), use torture_deltree() 
for setup.
      CVE-2021-44141: s3: torture: In torture_casetable(), use 
torture_deltree() for setup and cleanup.
      CVE-2021-44141: s3: torture: In torture_chkpath_test(), use 
torture_deltree() for setup and cleanup.
      CVE-2021-44141: s3: torture: In run_streamerror(), use torture_deltree() 
for setup.
      CVE-2021-44141: s3: torture: In test_mask(), use torture_deltree() for 
setup.
      CVE-2021-44141: s3: torture: In torture_mangle(), use torture_deltree() 
for setup and cleanup.
      CVE-2021-44141: s3: torture: In run_smb1_wild_mangle_unlink_test() use a 
valid pathname for rename target.
      CVE-2021-44141: s4: torture: Remove the wildcard unlink test code.
      CVE-2021-44141: s4: torture: Remove the wildcard rename test code.
      CVE-2021-44141: s3: torture: Remove the wildcard unlink test code.
      CVE-2021-44141: s3: smbd: Remove support for SMBcopy SMB_COM_COPY (0x29)
      CVE-2021-44141: s3: smbd: In reply_unlink() remove the possibility of 
receiving a wildcard name.
      CVE-2021-44141: s3: smbd: Change unlink_internals() to ignore has_wild 
parameter.
      CVE-2021-44141: s3: smbd: Remove 'bool has_wild' parameter from 
unlink_internals().
      CVE-2021-44141: s3: smbd: Remove UCF_ALWAYS_ALLOW_WCARD_LCOMP flag from 
pathname processing in reply_mv().
      CVE-2021-44141: s3: smbd: In smb_file_rename_information() 
(SMB_FILE_RENAME_INFORMATION info level) prevent destination wildcards.
      CVE-2021-44141: s3: smbd: In SMBntrename (0xa5) prevent wildcards in 
destination name.
      CVE-2021-44141: s3: smbd: In reply_ntrename() remove the 
UCF_ALWAYS_ALLOW_WCARD_LCOMP flag for destination lookups.
      CVE-2021-44141: s3: smbd: In reply_ntrename(), never set dest_has_wcard.
      CVE-2021-44141: s3: smbd: In reply_ntrename() remove 'bool 
dest_has_wcard' and all uses.
      CVE-2021-44141: s3: smbd: Prepare to remove wildcard matching from 
rename_internals().
      CVE-2021-44141: s3: smbd: Remove dest_has_wild and all associated code 
from rename_internals()
      CVE-2021-44141: s3: smbd: Remove all wildcard code from 
rename_internals().
      CVE-2021-44141: s3: smbd: Remove the commented out resolve_wildcards().
      CVE-2021-44141: s3: smbd: Inside rename_internals() remove '{ ... }' 
block around singleton rename code.
      CVE-2021-44141: s3: smbd: Remove 'const char *src_original_lcomp' 
parameter from rename_internals().
      CVE-2021-44141: s3: smbd: Remove 'const char *src_original_lcomp' from 
reply_mv().
      CVE-2021-44141: s3: smbd: Move setting of dirtype if 
FILE_ATTRIBUTE_NORMAL to do_unlink().
      CVE-2021-44141: s3: smbd: Move to modern debug calls inside do_unlink().
      CVE-2021-44141: s3: smbd: Comment out the old unlink_internals(). Rename 
do_unlink() -> unlink_internals().
      CVE-2021-44141: s3: smbd: Remove the old unlink_internals() 
implementation.
      CVE-2021-44141: s3: smbd: Handling SMB_FILE_RENAME_INFORMATION, the 
destination name is a single component.
      CVE-2021-44141: s3: smbd: In rename_internals_fsp(), remove unneeded call 
to check_name().
      CVE-2021-44141: s3: smbd: check_name() is now static to filename.c
      CVE-2021-44141: s3: smbd: In rename_internals(), remove the name spliting 
and re-combining code.
      CVE-2021-44141: s3: smbd: Remove split_fname_dir_mask().
      CVE-2021-44141: s3: smbd: In call_trans2findfirst() we don't need 
filename_convert_with_privilege() anymore.
      CVE-2021-44141: s3: smbd: Remove filename_convert_with_privilege(). No 
longer used.
      CVE-2021-44141: s3: smbd: In filename_convert_internal(), remove call to 
check_name_with_privilege().
      CVE-2021-44141: s3: smbd: Remove unused check_name_with_privilege().
      CVE-2021-44141: s3: smbd: Remove now unused 
check_reduced_name_with_privilege().
      CVE-2021-44141: s3: smbd: filename_convert() is now a one-to-one wrapper 
around filename_convert_internal().
      CVE-2021-44141: s3: smbd: In dfs_path_lookup(). If we have a DFS path 
including a @GMT-token, don't throw away the twrp value when parsing the path.
      CVE-2021-44141: s3: smbd: Allow dfs_redirect() to return a TWRP token it 
got from a parsed pathname.
      CVE-2021-44141: s3: smbd: Add filename_convert_smb1_search_path() - deals 
with SMB1 search pathnames.
      CVE-2021-44141: s3: smbd: Convert reply_search() to use 
filename_convert_smb1_search_path().
      CVE-2021-44141: s3: smbd: Fix call_trans2findfirst() to use 
filename_convert_smb1_search_path().
      CVE-2021-44141: s3: smbd: dfs_path_lookup() no longer deals with 
wildcards.
      CVE-2021-44141: s3: smbd: Remove 'bool search_wcard_flag' from 
parse_dfs_path().
      CVE-2021-44141: s3: smbd: parse_dfs_path() can ignore wildcards.
      CVE-2021-44141: s3: smbd: filename_convert() no longer deals with 
wildcards.
      CVE-2021-44141: s3: smbd: Inside 'struct uc_state', remove 
allow_wcard_last_component.
      CVE-2021-44141: s3: smbd: We no longer need determine_path_error().
      CVE-2021-44141: s3: smbd: UCF_ALWAYS_ALLOW_WCARD_LCOMP 0x00000002 is no 
longer used.
      CVE-2021-44141: s3: smbd: Inside unix_convert(), never set 
state->name_is_wildcard.
      CVE-2021-44141: s3: smbd: In unix_convert(), remove all references to 
state->name_has_wildcard.
      CVE-2021-44141: s3: smbd: In unix_convert() remove the now unneeded block 
indentation.
      CVE-2021-44141: s3: smbd: In unix_convert_step() remove all use of 
'state->name_was_wildcard'
      CVE-2021-44141: s3: smbd: In unix_convert_step_stat() remove use of 
state->name_was_wildcard.
      CVE-2021-44141: s3: smbd: Remove 'struct uc_state' name_has_wildcard 
element.
      CVE-2021-44141: s4: torture: Fix raw.search:test_one_file() to use 
torture_result() instead of printf.
      CVE-2021-44141: s4: torture: In raw.search:test_one_file() remove the 
leading '\\' in the test filenames.
      CVE-2021-44141: s3: smbd: Tighten up info level checks for SMB1+POSIX to 
make sure POSIX was negotiated first.
      CVE-2021-44141: s3: smbclient: Give a message if we try and use any POSIX 
command without negotiating POSIX first.
      CVE-2021-44141: s4: torture: In raw.search:test_one_file() add a second 
connection.
      CVE-2021-44141: s4: torture: raw.search: Add setup_smb1_posix(). Call it 
on the second connection in test_one_file().
      CVE-2021-44141: s4: torture: Fix raw.search:test_one_file() by using the 
SMB1+POSIX connection for POSIX info levels.
      CVE-2021-44141: s4: torture: Fix unix.info2 test to actually negotiate 
SMB1+POSIX before using POSIX calls.
      CVE-2021-44141: s3: tests: Fix the samba3.blackbox.inherit_owner test to 
actually negotiate SMB1+POSIX before using POSIX calls.
      CVE-2021-44141: s3: tests: Fix the samba3.blackbox.acl_xattr test to 
actually negotiate SMB1+POSIX before using POSIX calls.
      CVE-2021-44141: s3: smbtorture3: Fix POSIX-BLOCKING-LOCK to actually 
negotiate SMB1+POSIX before using POSIX calls.
      CVE-2021-44141: s3: torture: Add 
samba3.blackbox.test_symlink_traversal.SMB2.
      CVE-2021-44141: s3: torture: Add 
samba3.blackbox.test_symlink_traversal.SMB1.
      CVE-2021-44141: s3: torture: Add 
samba3.blackbox.test_symlink_traversal.SMB1.posix
      CVE-2021-44141: s3: torture: In test_smbclient_s3, change the error codes 
expected for test_widelinks() and test_nosymlinks() from ACCESS_DENIED to 
NT_STATUS_OBJECT_NAME_NOT_FOUND.
      CVE-2021-44141: s3: torture: Change expected error return for 
samba3.smbtorture_s3.plain.POSIX.smbtorture.
      CVE-2021-44141: s3: smbd: For SMB1+POSIX clients trying to open a 
symlink, always return NT_STATUS_OBJECT_NAME_NOT_FOUND.
      CVE-2021-44141: s3: smbd: Inside check_reduced_name() ensure we return 
the correct error codes when failing symlinks.
      CVE-2021-44141: s3: smbd: Fix a subtle bug in the error returns from 
filename_convert().
      CVE-2021-44141: s3: torture: Add a test 
samba3.blackbox.test_symlink_rename.SMB1.posix that shows we still leak target 
info across a SMB1+POSIX rename.
      CVE-2021-44141: s3: smbd: Inside rename_internals_fsp(), we must use 
vfs_stat() for existence, not SMB_VFS_STAT().

Joseph Sutton (2):
      CVE-2022-0336: pytest: Add a test for an SPN conflict with a re-added SPN
      CVE-2022-0336: s4/dsdb/samldb: Don't return early when an SPN is re-added 
to an object

Jule Anger (3):
      VERSION: Bump version up to Samba 4.15.5...
      WHATSNEW: Add release notes for Samba 4.15.5.
      VERSION: Disable GIT_SNAPSHOT for the 4.15.5 release.

Ralph Boehme (5):
      CVE-2021-44142: libadouble: add defines for icon lengths
      CVE-2021-44142: smbd: add Netatalk xattr used by vfs_fruit to the list of 
private Samba xattrs
      CVE-2021-44142: libadouble: harden ad_unpack_xattrs()
      CVE-2021-44142: libadouble: add basic cmocka tests
      CVE-2021-44142: libadouble: harden parsing code

-----------------------------------------------------------------------


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - annotated tag samba-4.15.5 created

Reply via email to