The branch, master has been updated via f5ce199 Announce Samba 4.1.11 and 4.0.21. from d87113b Announce Samba 4.0.20.
http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit f5ce199e1747a065fc29f0d21c55e10f8f15568c Author: Karolin Seeger <ksee...@samba.org> Date: Thu Jul 31 16:25:49 2014 +0200 Announce Samba 4.1.11 and 4.0.21. Signed-off-by: Karolin Seeger <ksee...@samba.org> ----------------------------------------------------------------------- Summary of changes: generated_news/latest_10_bodies.html | 32 ++++++++++++++--------- generated_news/latest_10_headlines.html | 5 ++- generated_news/latest_2_bodies.html | 31 ++++++++++++++--------- history/header_history.html | 2 + history/samba-4.0.21.html | 42 +++++++++++++++++++++++++++++++ history/samba-4.1.11.html | 42 +++++++++++++++++++++++++++++++ history/security.html | 15 +++++++++++ latest_stable_release.html | 6 ++-- 8 files changed, 145 insertions(+), 30 deletions(-) create mode 100755 history/samba-4.0.21.html create mode 100755 history/samba-4.1.11.html Changeset truncated at 500 lines: diff --git a/generated_news/latest_10_bodies.html b/generated_news/latest_10_bodies.html index b29282d..1f810af 100644 --- a/generated_news/latest_10_bodies.html +++ b/generated_news/latest_10_bodies.html @@ -1,3 +1,22 @@ + <h5><a name="4.1.11">01 August 2014</a></h5> + <p class="headline">Samba 4.1.11 and 4.0.21 <b>Security + Releases</b> Available for Download</p> + <p>These are security releases in order to address + <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3560">CVE-2014-3560</a> + (<b>Remote code execution in nmbd</b>). + </p> + + <p>The uncompressed tarballs and patch files have been signed + using GnuPG (ID 6568B7EA).</p> + <p> + The source code can be downloaded here: + <li><a href="http://samba.org/samba/ftp/stable/samba-4.1.11.tar.gz">download + Samba 4.1.11</a>,</li> + <li><a href="http://samba.org/samba/ftp/stable/samba-4.0.21.tar.gz">download + Samba 4.0.21</a>.</li> + </p> + + <h5><a name="4.0.20">30 July 2014</a></h5> <p class="headline">Samba 4.0.20 Available for Download</p> <p>This is the latest stable release of the Samba 4.0 series.</p> @@ -130,16 +149,3 @@ patch against Samba 4.0.16</a> is also available. See <li><a href="http://samba.org/samba/ftp/stable/samba-3.6.23.tar.gz">download Samba 3.6.23</a>.</li> </p> - - - <h5><a name="4.1.5">21 February 2014</a></h5> - <p class="headline">Samba 4.1.5 Available for Download</p> - <p>This is the latest stable release of the Samba 4.1 series.</p> - -<p>The uncompressed tarballs and patch files have been signed -using GnuPG (ID 6568B7EA). The source code can be -<a href="http://samba.org/samba/ftp/stable/samba-4.1.5.tar.gz">downloaded -now</a>. A <a href="http://samba.org/samba/ftp/patches/patch-4.1.4-4.1.5.diffs.gz"> -patch against Samba 4.1.4</a> is also available. See -<a href="http://samba.org/samba/history/samba-4.1.5.html"> the release notes - for more info</a>.</p> diff --git a/generated_news/latest_10_headlines.html b/generated_news/latest_10_headlines.html index 6e82c92..929f666 100644 --- a/generated_news/latest_10_headlines.html +++ b/generated_news/latest_10_headlines.html @@ -1,4 +1,7 @@ <ul> + <li> 01 August 2014 <a href="#4.1.11">Samba 4.1.11 and 4.0.21 Security + Releases Available for Download (CVE-2014-3560)</a></li> + <li> 30 July 2014 <a href="#4.0.20">Samba 4.0.20 Available for Download</a></li> <li> 28 July 2014 <a href="#4.1.10">Samba 4.1.10 Available for Download</a></li> @@ -20,6 +23,4 @@ <li> 11 March 2014 <a href="#4.1.6">Samba 4.1.6, 4.0.16 and 3.6.23 Security Releases Available for Download (CVE-2013-4496 and CVE-2013-6442)</a></li> - - <li> 21 February 2014 <a href="#4.1.5">Samba 4.1.5 Available for Download</a></li> </ul> diff --git a/generated_news/latest_2_bodies.html b/generated_news/latest_2_bodies.html index cc1442e..4e26228 100644 --- a/generated_news/latest_2_bodies.html +++ b/generated_news/latest_2_bodies.html @@ -1,3 +1,22 @@ + <h5><a name="4.1.11">01 August 2014</a></h5> + <p class="headline">Samba 4.1.11 and 4.0.21 <b>Security + Releases</b> Available for Download</p> + <p>These are security releases in order to address + <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3560">CVE-2014-3560</a> + (<b>Remote code execution in nmbd</b>). + </p> + + <p>The uncompressed tarballs and patch files have been signed + using GnuPG (ID 6568B7EA).</p> + <p> + The source code can be downloaded here: + <li><a href="http://samba.org/samba/ftp/stable/samba-4.1.11.tar.gz">download + Samba 4.1.11</a>,</li> + <li><a href="http://samba.org/samba/ftp/stable/samba-4.0.21.tar.gz">download + Samba 4.0.21</a>.</li> + </p> + + <h5><a name="4.0.20">30 July 2014</a></h5> <p class="headline">Samba 4.0.20 Available for Download</p> <p>This is the latest stable release of the Samba 4.0 series.</p> @@ -9,15 +28,3 @@ now</a>. A <a href="http://samba.org/samba/ftp/patches/patch-4.0.19-4.0.20.diffs patch against Samba 4.0.19</a> is also available. See <a href="http://samba.org/samba/history/samba-4.0.20.html"> the release notes for more info</a>.</p> - - <h5><a name="4.1.10">28 July 2014</a></h5> - <p class="headline">Samba 4.1.10 Available for Download</p> - <p>This is the latest stable release of the Samba 4.1 series.</p> - -<p>The uncompressed tarballs and patch files have been signed -using GnuPG (ID 6568B7EA). The source code can be -<a href="http://samba.org/samba/ftp/stable/samba-4.1.10.tar.gz">downloaded -now</a>. A <a href="http://samba.org/samba/ftp/patches/patch-4.1.9-4.1.10.diffs.gz"> -patch against Samba 4.1.9</a> is also available. See -<a href="http://samba.org/samba/history/samba-4.1.10.html"> the release notes - for more info</a>.</p> diff --git a/history/header_history.html b/history/header_history.html index 355020d..fcf748c 100755 --- a/history/header_history.html +++ b/history/header_history.html @@ -10,6 +10,7 @@ <li class="navSub"> <ul> <li><a href="/samba/security/CVE-2013-0454.html">CVE-2013-0454</a></li> + <li><a href="samba-4.1.11.html">samba-4.1.11</a></li> <li><a href="samba-4.1.10.html">samba-4.1.10</a></li> <li><a href="samba-4.1.9.html">samba-4.1.9</a></li> <li><a href="samba-4.1.8.html">samba-4.1.8</a></li> @@ -21,6 +22,7 @@ <li><a href="samba-4.1.2.html">samba-4.1.2</a></li> <li><a href="samba-4.1.1.html">samba-4.1.1</a></li> <li><a href="samba-4.1.0.html">samba-4.1.0</a></li> + <li><a href="samba-4.0.21.html">samba-4.0.21</a></li> <li><a href="samba-4.0.20.html">samba-4.0.20</a></li> <li><a href="samba-4.0.19.html">samba-4.0.19</a></li> <li><a href="samba-4.0.18.html">samba-4.0.18</a></li> diff --git a/history/samba-4.0.21.html b/history/samba-4.0.21.html new file mode 100755 index 0000000..3b124a7 --- /dev/null +++ b/history/samba-4.0.21.html @@ -0,0 +1,42 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> + +<head> +<title>Samba - Release Notes Archive</title> +</head> + +<body> + + <H2>Samba 4.0.21 Available for Download</H2> + +<p> +<pre> + ============================== + Release Notes for Samba 4.0.21 + August 1, 2014 + ============================== + + +This is a security release in order to address +CVE-2014-3560 (Remote code execution in nmbd). + +o CVE-2014-3560: + Samba 4.0.0 to 4.1.10 are affected by a remote code execution attack on + unauthenticated nmbd NetBIOS name services. + + A malicious browser can send packets that may overwrite the heap of + the target nmbd NetBIOS name services daemon. It may be possible to + use this to generate a remote code execution vulnerability as the + superuser (root). + + +Changes since 4.1.20: +--------------------- + +o Volker Lendecke <v...@samba.org> + * BUG 10735: CVE-2014-3560: Fix unstrcpy macro length. +</pre> + +</body> +</html> diff --git a/history/samba-4.1.11.html b/history/samba-4.1.11.html new file mode 100755 index 0000000..41cb532 --- /dev/null +++ b/history/samba-4.1.11.html @@ -0,0 +1,42 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> + +<head> +<title>Samba - Release Notes Archive</title> +</head> + +<body> + + <H2>Samba 4.1.11 Available for Download</H2> + +<p> +<pre> + ============================== + Release Notes for Samba 4.1.11 + August 1, 2014 + ============================== + + +This is a security release in order to address +CVE-2014-3560 (Remote code execution in nmbd). + +o CVE-2014-3560: + Samba 4.0.0 to 4.1.10 are affected by a remote code execution attack on + unauthenticated nmbd NetBIOS name services. + + A malicious browser can send packets that may overwrite the heap of + the target nmbd NetBIOS name services daemon. It may be possible to + use this to generate a remote code execution vulnerability as the + superuser (root). + + +Changes since 4.1.10: +--------------------- + +o Volker Lendecke <v...@samba.org> + * BUG 10735: CVE-2014-3560: Fix unstrcpy macro length. +</pre> + +</body> +</html> diff --git a/history/security.html b/history/security.html index 50d3015..731b063 100755 --- a/history/security.html +++ b/history/security.html @@ -22,6 +22,21 @@ link to full release notes for each release.</p> </tr> <tr> + <td>01 Aug 2014</td> + <td><a href="/samba/ftp/patches/security/samba-4.1.10-CVE-2014-3560.patch"> + patch for Samba 4.1.10</a><br /> + <a href="/samba/ftp/patches/security/samba-4.0.20-CVE-2014-3560.patch"> + patch for Samba 4.0.20</a><br /> + <td>Remote code execution in nmbd. + </td> + <td>4.0.0 - 4.1.10</td> + <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3560">CVE-2014-3560</a> + </td> + <td><a href="/samba/security/CVE-2014-3560">Announcement</a> + </td> + </tr> + + <tr> <td>23 Jun 2014</td> <td><a href="/samba/ftp/patches/security/samba-4.1.8-CVE-2014-0244-CVE-2014-3493.patch"> patch for Samba 4.1.8</a><br /> diff --git a/latest_stable_release.html b/latest_stable_release.html index b638e71..8e52d4c 100644 --- a/latest_stable_release.html +++ b/latest_stable_release.html @@ -1,7 +1,7 @@ <!-- BEGIN: latest_stable_release.html --> <p> - <a href="/samba/ftp/stable/samba-4.1.10.tar.gz">Samba 4.1.10 (gzipped)</a><br> - <a href="/samba/history/samba-4.1.10.html">Release Notes</a> · - <a href="/samba/ftp/stable/samba-4.1.10.tar.asc">Signature</a> + <a href="/samba/ftp/stable/samba-4.1.11.tar.gz">Samba 4.1.11 (gzipped)</a><br> + <a href="/samba/history/samba-4.1.11.html">Release Notes</a> · + <a href="/samba/ftp/stable/samba-4.1.11.tar.asc">Signature</a> </p> <!-- END: latest_stable_release.html --> -- Samba Website Repository