The branch, v4-1-test has been updated via c8eea31 VERSION: Bump version up to 4.1.12. via 59ebc4c VERSION: Disable git snapshots for the 4.1.11 release. via 4c6ab5d WHATSNEW: Add release notes for Samba 4.1.11. via cf24c8b fix unstrcpy from 7e7790f Merge tag 'samba-4.1.10' into v4-1-test
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-1-test - Log ----------------------------------------------------------------- commit c8eea31756d80688044b44e040454588f45f3c03 Author: Karolin Seeger <ksee...@samba.org> Date: Fri Aug 1 13:17:17 2014 +0200 VERSION: Bump version up to 4.1.12. Signed-off-by: Karolin Seeger <ksee...@samba.org> commit 59ebc4c319303f2155ccc3cd1be1ccbedf42fc23 Author: Karolin Seeger <ksee...@samba.org> Date: Thu Jul 31 15:00:27 2014 +0200 VERSION: Disable git snapshots for the 4.1.11 release. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10735 CVE-2014-3560: unstrcpy macro length is invalid Signed-off-by: Karolin Seeger <ksee...@samba.org> commit 4c6ab5d85a748e35502d07bb79ad58793febf99b Author: Karolin Seeger <ksee...@samba.org> Date: Thu Jul 31 14:48:01 2014 +0200 WHATSNEW: Add release notes for Samba 4.1.11. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10735 CVE-2014-3560: unstrcpy macro length is invalid Signed-off-by: Karolin Seeger <ksee...@samba.org> commit cf24c8b13c500e086bb5b6aa6f80f49a36cfa901 Author: Volker Lendecke <v...@samba.org> Date: Tue Jul 22 07:02:00 2014 +0200 fix unstrcpy Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Bug: https://bugzilla.samba.org/show_bug.cgi?id=10735 CVE-2014-3560: unstrcpy macro length is invalid ----------------------------------------------------------------------- Summary of changes: VERSION | 4 +- WHATSNEW.txt | 55 +++++++++++++++++++++++++++++++++++++++++-- lib/util/string_wrappers.h | 2 +- 3 files changed, 55 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index a5ae072..cb14e70 100644 --- a/VERSION +++ b/VERSION @@ -25,7 +25,7 @@ ######################################################## SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=1 -SAMBA_VERSION_RELEASE=11 +SAMBA_VERSION_RELEASE=12 ######################################################## # If a official release has a serious bug # @@ -99,7 +99,7 @@ SAMBA_VERSION_RC_RELEASE= # e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes # # -> "3.0.0-SVN-build-199" # ######################################################## -SAMBA_VERSION_IS_GIT_SNAPSHOT=yes +SAMBA_VERSION_IS_GIT_SNAPSHOT=no ######################################################## # This is for specifying a release nickname # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index cb9a1c6..521ea1f 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,55 @@ ============================== + Release Notes for Samba 4.1.11 + August 1, 2014 + ============================== + + +This is a security release in order to address +CVE-2014-3560 (Remote code execution in nmbd). + +o CVE-2014-3560: + Samba 4.0.0 to 4.1.10 are affected by a remote code execution attack on + unauthenticated nmbd NetBIOS name services. + + A malicious browser can send packets that may overwrite the heap of + the target nmbd NetBIOS name services daemon. It may be possible to + use this to generate a remote code execution vulnerability as the + superuser (root). + + +Changes since 4.1.10: +--------------------- + +o Volker Lendecke <v...@samba.org> + * BUG 10735: CVE-2014-3560: Fix unstrcpy macro length. + + +####################################### +Reporting bugs & Development Discussion +####################################### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 4.1 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +====================================================================== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +====================================================================== + + +Release notes for older releases follow: +---------------------------------------- + +====================================================================== + + ============================== Release Notes for Samba 4.1.10 July 28, 2014 ============================== @@ -140,10 +191,8 @@ database (https://bugzilla.samba.org/). ====================================================================== -Release notes for older releases follow: ----------------------------------------- +---------------------------------------------------------------------- -====================================================================== ============================= Release Notes for Samba 4.1.9 diff --git a/lib/util/string_wrappers.h b/lib/util/string_wrappers.h index 5f9d568..243fafc 100644 --- a/lib/util/string_wrappers.h +++ b/lib/util/string_wrappers.h @@ -51,7 +51,7 @@ do { \ #define unstrcpy(d,s) \ do { \ const char *_unstrcpy_src = (const char *)(s); \ - strlcpy((d),_unstrcpy_src ? _unstrcpy_src : "",sizeof(fstring)); \ + strlcpy((d),_unstrcpy_src ? _unstrcpy_src : "",sizeof(unstring)); \ } while (0) #ifdef HAVE_COMPILER_WILL_OPTIMIZE_OUT_FNS -- Samba Shared Repository