Author: jerry Date: 2006-03-30 14:22:08 +0000 (Thu, 30 Mar 2006) New Revision: 14823
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14823 Log: committing changes for 3.0.22 Modified: branches/SAMBA_3_0_RELEASE/WHATSNEW.txt branches/SAMBA_3_0_RELEASE/source/VERSION branches/SAMBA_3_0_RELEASE/source/nsswitch/winbindd_cm.c Changeset: Modified: branches/SAMBA_3_0_RELEASE/WHATSNEW.txt =================================================================== --- branches/SAMBA_3_0_RELEASE/WHATSNEW.txt 2006-03-30 13:56:25 UTC (rev 14822) +++ branches/SAMBA_3_0_RELEASE/WHATSNEW.txt 2006-03-30 14:22:08 UTC (rev 14823) @@ -1,3 +1,42 @@ + ============================== + Release Notes for Samba 3.0.22 + Mar 30, 2006 + ============================== + +This is a security release of Samba. The Samba 3.0.21 release +series (including the patch releases a through c) has been +discovered to expose the clear text of the server's machine +account credentials in the winbind log files when the log +level is set to 5 or higher. This defect has been assigned +the CVE number CAN-2006-1059. + +Summary +======= + +The machine trust account password is the secret shared +between a domain controller and a specific member server. +Access to the member server machine credentials allows +an attacker to impersonate the server in the domain and +gain access to additional information regarding domain +users and groups. + +The winbindd daemon included in Samba 3.0.21 and subsequent +patch releases (3.0.21a-c) writes the clear text of server's +machine credentials to its log file at level 5. The winbindd +log files are world readable by default and often log files +are requested on open mailing lists as tools used to debug +server misconfigurations. + +This affects servers configured to use domain or ads security +and possibly Samba domain controllers as well (if configured +to use winbindd). + +======= + +Release Notes for older release follow: + + -------------------------------------------------- + =============================== Release Notes for Samba 3.0.21c Feb 24, 2006 @@ -3,9 +42,4 @@ =============================== -This is the latest stable release of Samba. This is the version -that production Samba servers should be running for all current -bug-fixes. Please read the following important changes in this -release. - Common bugs fixed in 3.0.21c include: @@ -122,9 +156,6 @@ connection code in winbindd. - -Release Notes for older release follow: - -------------------------------------------------- =============================== Release Notes for Samba 3.0.21b Modified: branches/SAMBA_3_0_RELEASE/source/VERSION =================================================================== --- branches/SAMBA_3_0_RELEASE/source/VERSION 2006-03-30 13:56:25 UTC (rev 14822) +++ branches/SAMBA_3_0_RELEASE/source/VERSION 2006-03-30 14:22:08 UTC (rev 14823) @@ -25,7 +25,7 @@ ######################################################## SAMBA_VERSION_MAJOR=3 SAMBA_VERSION_MINOR=0 -SAMBA_VERSION_RELEASE=21 +SAMBA_VERSION_RELEASE=22 ######################################################## # If a official release has a serious bug # @@ -37,7 +37,7 @@ # e.g. SAMBA_VERSION_REVISION=a # # -> "2.2.8a" # ######################################################## -SAMBA_VERSION_REVISION=c +SAMBA_VERSION_REVISION= ######################################################## # For 'pre' releases the version will be # Modified: branches/SAMBA_3_0_RELEASE/source/nsswitch/winbindd_cm.c =================================================================== --- branches/SAMBA_3_0_RELEASE/source/nsswitch/winbindd_cm.c 2006-03-30 13:56:25 UTC (rev 14822) +++ branches/SAMBA_3_0_RELEASE/source/nsswitch/winbindd_cm.c 2006-03-30 14:22:08 UTC (rev 14823) @@ -294,7 +294,7 @@ DEBUG(5, ("connecting to %s from %s with username " "[%s]\\[%s]\n", controller, global_myname(), - machine_account, machine_password)); + lp_workgroup(), machine_account)); ads_status = cli_session_setup_spnego(*cli, machine_account,