The annotated tag, samba-4.15.5 has been created at c0f104a593470b7a5c2d500d875f4b67e56ce4e7 (tag) tagging 27bd8a323591486e76e916a6084c7300bf358eec (commit) replaces samba-4.15.4 tagged by Jule Anger on Mon Jan 31 12:32:43 2022 +0100
- Log ----------------------------------------------------------------- samba: tag release samba-4.15.5 -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEgfXigyvSVFoYl7cTqplEL7aAtiAFAmH3yNsACgkQqplEL7aA tiCCbg//aywVeKwLy+WE7gdTauWZtJiJaI9z75oDdbEKd5ySKrrlxIrXohfoTkTA PT+xHQJES7gofOKyFWc2VE+nwq6fRvX4gmKegdeAjPECY+nuoo8nYs3FspqVoLRx Bz3ODGg7Im75A6DJ3JjkpulcBcFqldV5JC1IkGwuSD3F3VMAlfQiyhCNs85Y/MHJ nMGL9g3Jw2QvLXbGVIe/ADYhVDA/mgmPx42pji804J5cTOChJnnSI4tjVThnhRAS dr+ppKVFClQX9YMddyo3hN161lcmPnM45Jw/ERTSluKfwXdcoQow/AKYC+4ISeIy iK9JXoRbGPqyu4QyegMDhGw8Rxk31/nPPO3hXQW9vjjeEs586spNtudITqEZwD6o L4Lb98fXY08BNNuecUymiJ628xE9T8/eFs6I66QGKH1xgnJWMs4Qi/joYfLaLbSr qdpR0J4yh94DnoxyEfUWOcGMkqzkBHODVhAgoiDv3jfMZZRgByqY3ArxsC7BF5Dj /HSI7u/ZJs6F+GlytjySFPQ/ghW05AOyFbNsXibex1oU6YCzgs2DajDgVBLzLn7r IMtCQKiuGcp4bM8w72aY3nx/vn9dKyJWz1Dav1o02Ztn2K53Ujv7zWyOscj+QOkv oLsOwaUHDzZ6sT8InuqfEgPh6dYjtzmM+y9x4r/szcUeRXPKSiI= =46ly -----END PGP SIGNATURE----- Jeremy Allison (92): CVE-2021-44141: s4: libcli: Add smbcli_unlink_wcard(). CVE-2021-44141: s4: libcli: In smbcli_deltree() use smbcli_unlink_wcard() in place of smbcli_unlink(). CVE-2021-44141: s4: torture: In raw.notify test use smbcli_unlink_wcard() in place of smbcli_unlink(). CVE-2021-44141: s4: torture: Use smbcli_unlink_wcard() to remove wildcards in base.chkpath test. CVE-2021-44141: s4: torture: Use smbcli_unlink_wcard() to cleanup in base.mangle test. CVE-2021-44141: s4: torture: Use smbcli_unlink_wcard() in base.casetable test. CVE-2021-44141: s4: torture: Use smbcli_unlink_wcard() to setup and cleanup in masktest. CVE-2021-44141: s4: libcli: smbcli_unlink() is no longer used with wildcard patterns. CVE-2021-44141: s3: torture: Add torture_deltree() for setup and teardown. CVE-2021-44141: s3: torture: In run_smb1_wild_mangle_unlink_test() use torture_deltree() for setup and cleanup. CVE-2021-44141: s3: torture: In run_smb1_wild_mangle_rename_test() use torture_deltree() for setup and cleanup. CVE-2021-44141: s3: torture: In torture_utable(), use torture_deltree() for setup. CVE-2021-44141: s3: torture: In torture_casetable(), use torture_deltree() for setup and cleanup. CVE-2021-44141: s3: torture: In torture_chkpath_test(), use torture_deltree() for setup and cleanup. CVE-2021-44141: s3: torture: In run_streamerror(), use torture_deltree() for setup. CVE-2021-44141: s3: torture: In test_mask(), use torture_deltree() for setup. CVE-2021-44141: s3: torture: In torture_mangle(), use torture_deltree() for setup and cleanup. CVE-2021-44141: s3: torture: In run_smb1_wild_mangle_unlink_test() use a valid pathname for rename target. CVE-2021-44141: s4: torture: Remove the wildcard unlink test code. CVE-2021-44141: s4: torture: Remove the wildcard rename test code. CVE-2021-44141: s3: torture: Remove the wildcard unlink test code. CVE-2021-44141: s3: smbd: Remove support for SMBcopy SMB_COM_COPY (0x29) CVE-2021-44141: s3: smbd: In reply_unlink() remove the possibility of receiving a wildcard name. CVE-2021-44141: s3: smbd: Change unlink_internals() to ignore has_wild parameter. CVE-2021-44141: s3: smbd: Remove 'bool has_wild' parameter from unlink_internals(). CVE-2021-44141: s3: smbd: Remove UCF_ALWAYS_ALLOW_WCARD_LCOMP flag from pathname processing in reply_mv(). CVE-2021-44141: s3: smbd: In smb_file_rename_information() (SMB_FILE_RENAME_INFORMATION info level) prevent destination wildcards. CVE-2021-44141: s3: smbd: In SMBntrename (0xa5) prevent wildcards in destination name. CVE-2021-44141: s3: smbd: In reply_ntrename() remove the UCF_ALWAYS_ALLOW_WCARD_LCOMP flag for destination lookups. CVE-2021-44141: s3: smbd: In reply_ntrename(), never set dest_has_wcard. CVE-2021-44141: s3: smbd: In reply_ntrename() remove 'bool dest_has_wcard' and all uses. CVE-2021-44141: s3: smbd: Prepare to remove wildcard matching from rename_internals(). CVE-2021-44141: s3: smbd: Remove dest_has_wild and all associated code from rename_internals() CVE-2021-44141: s3: smbd: Remove all wildcard code from rename_internals(). CVE-2021-44141: s3: smbd: Remove the commented out resolve_wildcards(). CVE-2021-44141: s3: smbd: Inside rename_internals() remove '{ ... }' block around singleton rename code. CVE-2021-44141: s3: smbd: Remove 'const char *src_original_lcomp' parameter from rename_internals(). CVE-2021-44141: s3: smbd: Remove 'const char *src_original_lcomp' from reply_mv(). CVE-2021-44141: s3: smbd: Move setting of dirtype if FILE_ATTRIBUTE_NORMAL to do_unlink(). CVE-2021-44141: s3: smbd: Move to modern debug calls inside do_unlink(). CVE-2021-44141: s3: smbd: Comment out the old unlink_internals(). Rename do_unlink() -> unlink_internals(). CVE-2021-44141: s3: smbd: Remove the old unlink_internals() implementation. CVE-2021-44141: s3: smbd: Handling SMB_FILE_RENAME_INFORMATION, the destination name is a single component. CVE-2021-44141: s3: smbd: In rename_internals_fsp(), remove unneeded call to check_name(). CVE-2021-44141: s3: smbd: check_name() is now static to filename.c CVE-2021-44141: s3: smbd: In rename_internals(), remove the name spliting and re-combining code. CVE-2021-44141: s3: smbd: Remove split_fname_dir_mask(). CVE-2021-44141: s3: smbd: In call_trans2findfirst() we don't need filename_convert_with_privilege() anymore. CVE-2021-44141: s3: smbd: Remove filename_convert_with_privilege(). No longer used. CVE-2021-44141: s3: smbd: In filename_convert_internal(), remove call to check_name_with_privilege(). CVE-2021-44141: s3: smbd: Remove unused check_name_with_privilege(). CVE-2021-44141: s3: smbd: Remove now unused check_reduced_name_with_privilege(). CVE-2021-44141: s3: smbd: filename_convert() is now a one-to-one wrapper around filename_convert_internal(). CVE-2021-44141: s3: smbd: In dfs_path_lookup(). If we have a DFS path including a @GMT-token, don't throw away the twrp value when parsing the path. CVE-2021-44141: s3: smbd: Allow dfs_redirect() to return a TWRP token it got from a parsed pathname. CVE-2021-44141: s3: smbd: Add filename_convert_smb1_search_path() - deals with SMB1 search pathnames. CVE-2021-44141: s3: smbd: Convert reply_search() to use filename_convert_smb1_search_path(). CVE-2021-44141: s3: smbd: Fix call_trans2findfirst() to use filename_convert_smb1_search_path(). CVE-2021-44141: s3: smbd: dfs_path_lookup() no longer deals with wildcards. CVE-2021-44141: s3: smbd: Remove 'bool search_wcard_flag' from parse_dfs_path(). CVE-2021-44141: s3: smbd: parse_dfs_path() can ignore wildcards. CVE-2021-44141: s3: smbd: filename_convert() no longer deals with wildcards. CVE-2021-44141: s3: smbd: Inside 'struct uc_state', remove allow_wcard_last_component. CVE-2021-44141: s3: smbd: We no longer need determine_path_error(). CVE-2021-44141: s3: smbd: UCF_ALWAYS_ALLOW_WCARD_LCOMP 0x00000002 is no longer used. CVE-2021-44141: s3: smbd: Inside unix_convert(), never set state->name_is_wildcard. CVE-2021-44141: s3: smbd: In unix_convert(), remove all references to state->name_has_wildcard. CVE-2021-44141: s3: smbd: In unix_convert() remove the now unneeded block indentation. CVE-2021-44141: s3: smbd: In unix_convert_step() remove all use of 'state->name_was_wildcard' CVE-2021-44141: s3: smbd: In unix_convert_step_stat() remove use of state->name_was_wildcard. CVE-2021-44141: s3: smbd: Remove 'struct uc_state' name_has_wildcard element. CVE-2021-44141: s4: torture: Fix raw.search:test_one_file() to use torture_result() instead of printf. CVE-2021-44141: s4: torture: In raw.search:test_one_file() remove the leading '\\' in the test filenames. CVE-2021-44141: s3: smbd: Tighten up info level checks for SMB1+POSIX to make sure POSIX was negotiated first. CVE-2021-44141: s3: smbclient: Give a message if we try and use any POSIX command without negotiating POSIX first. CVE-2021-44141: s4: torture: In raw.search:test_one_file() add a second connection. CVE-2021-44141: s4: torture: raw.search: Add setup_smb1_posix(). Call it on the second connection in test_one_file(). CVE-2021-44141: s4: torture: Fix raw.search:test_one_file() by using the SMB1+POSIX connection for POSIX info levels. CVE-2021-44141: s4: torture: Fix unix.info2 test to actually negotiate SMB1+POSIX before using POSIX calls. CVE-2021-44141: s3: tests: Fix the samba3.blackbox.inherit_owner test to actually negotiate SMB1+POSIX before using POSIX calls. CVE-2021-44141: s3: tests: Fix the samba3.blackbox.acl_xattr test to actually negotiate SMB1+POSIX before using POSIX calls. CVE-2021-44141: s3: smbtorture3: Fix POSIX-BLOCKING-LOCK to actually negotiate SMB1+POSIX before using POSIX calls. CVE-2021-44141: s3: torture: Add samba3.blackbox.test_symlink_traversal.SMB2. CVE-2021-44141: s3: torture: Add samba3.blackbox.test_symlink_traversal.SMB1. CVE-2021-44141: s3: torture: Add samba3.blackbox.test_symlink_traversal.SMB1.posix CVE-2021-44141: s3: torture: In test_smbclient_s3, change the error codes expected for test_widelinks() and test_nosymlinks() from ACCESS_DENIED to NT_STATUS_OBJECT_NAME_NOT_FOUND. CVE-2021-44141: s3: torture: Change expected error return for samba3.smbtorture_s3.plain.POSIX.smbtorture. CVE-2021-44141: s3: smbd: For SMB1+POSIX clients trying to open a symlink, always return NT_STATUS_OBJECT_NAME_NOT_FOUND. CVE-2021-44141: s3: smbd: Inside check_reduced_name() ensure we return the correct error codes when failing symlinks. CVE-2021-44141: s3: smbd: Fix a subtle bug in the error returns from filename_convert(). CVE-2021-44141: s3: torture: Add a test samba3.blackbox.test_symlink_rename.SMB1.posix that shows we still leak target info across a SMB1+POSIX rename. CVE-2021-44141: s3: smbd: Inside rename_internals_fsp(), we must use vfs_stat() for existence, not SMB_VFS_STAT(). Joseph Sutton (2): CVE-2022-0336: pytest: Add a test for an SPN conflict with a re-added SPN CVE-2022-0336: s4/dsdb/samldb: Don't return early when an SPN is re-added to an object Jule Anger (3): VERSION: Bump version up to Samba 4.15.5... WHATSNEW: Add release notes for Samba 4.15.5. VERSION: Disable GIT_SNAPSHOT for the 4.15.5 release. Ralph Boehme (5): CVE-2021-44142: libadouble: add defines for icon lengths CVE-2021-44142: smbd: add Netatalk xattr used by vfs_fruit to the list of private Samba xattrs CVE-2021-44142: libadouble: harden ad_unpack_xattrs() CVE-2021-44142: libadouble: add basic cmocka tests CVE-2021-44142: libadouble: harden parsing code ----------------------------------------------------------------------- -- Samba Shared Repository