The annotated tag, samba-4.16.11 has been created at 02bf073de29ecb2479727f2c8aba9356453b716a (tag) tagging 225a003a043eee399b6d266d94440c399b6877e4 (commit) replaces samba-4.16.10 tagged by Jule Anger on Mon Jul 17 22:28:32 2023 +0200
- Log ----------------------------------------------------------------- samba: tag release samba-4.16.11 -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEgfXigyvSVFoYl7cTqplEL7aAtiAFAmS1pHAACgkQqplEL7aA tiCHIw/+MSabvkr4amUAF48L3w5F/6Ap1Gmy2pydG67X5Qa2Gd/VBwUBCyINaQkf hat1s7KbQYxobsxaoaB6Dd60JkPzOyMwdbkcwvL2oMHigAsziPQna1bGZa0weKyd lulIi0/B2l9xtDfIKihaekafmQRTJ/8BHq0muelIQEAW7OLiZHvEqxGYDb99u51v unMc/C1+Mx1xKsgDcoYhQQRzI8kHDlRS8v/mbU2KlFCv5Ljlg4uiQWPWh92oDG9E GqRvvTCez3g0IxPp/SydFu68saEzzwZVE4vw1aDqn/vXaXynqT++o7S7yDPJzOHr bDeqAF/WRKizMY+31Zw+l+kxLG6Lklt5ptKFUZ8Od+M/+oItZKXDK5Odv00dkIPD 7RpDeFmdp8bDFWjmuZx6/SzmyjjSJbVLmUophFmwO9Q+lLODj9BjJrLtgwwzmE/Z oaePXE+oWFsQXfrLOolGTEzPWTKhHdA5u+9qGUK0ZQbG3PXU9Yt64gw6gex4AbFr po/aDqDvaPs8gZBz0tfZ+Xd70HidWpTpGca5eh/7XPVZ2pD9kDxH5S2K4e2FNhX9 K1qRMk3KqFuT3KeQJqmF5WdT2hYDZ/M0A0VyXmktVVgYfSbI6Ly161ka0OPO/454 JeTyDmGD5QbECpJPKNYQDMd4MKV2DneG8NgGHYuPG/Ruvhf/IUk= =ACUq -----END PGP SIGNATURE----- Jule Anger (3): VERSION: Bump version up to Samba 4.16.11... WHATSNEW: Add release notes for Samba 4.16.11. VERSION: Disable GIT_SNAPSHOT for the 4.16.11 release. Ralph Boehme (16): CVE-2022-2127: ntlm_auth: cap lanman response length value CVE-2023-34966: CI: test for sl_unpack_loop() CVE-2023-34966: mdssvc: harden sl_unpack_loop() CVE-2023-34967: CI: add a test for type checking of dalloc_value_for_key() CVE-2023-34967: mdssvc: add type checking to dalloc_value_for_key() CVE-2023-34968: mdssvc: cache and reuse stat info in struct sl_inode_path_map CVE-2023-34968: mdssvc: add missing "kMDSStoreMetaScopes" dict key in slrpc_fetch_properties() CVE-2023-34968: mdscli: use correct TALLOC memory context when allocating spotlight_blob CVE-2023-34968: mdscli: remove response blob allocation CVE-2023-34968: smbtorture: remove response blob allocation in mdssvc.c CVE-2023-34968: rpcclient: remove response blob allocation CVE-2023-34968: mdssvc: remove response blob allocation CVE-2023-34968: mdssvc: switch to doing an early return CVE-2023-34968: mdssvc: introduce an allocating wrapper to sl_pack() CVE-2023-34968: mdscli: return share relative paths CVE-2023-34968: mdssvc: return a fake share path Samuel Cabrero (1): CVE-2022-2127: s3:winbind: Move big NTLMv2 blob checks to parent process Stefan Metzmacher (4): netlogon.idl: add support for netr_LogonGetCapabilities response level 2 s4:torture/rpc: let rpc.schannel also check netr_LogonGetCapabilities with different levels s4:rpc_server:netlogon: generate FAULT_INVALID_TAG for invalid netr_LogonGetCapabilities levels s3:rpc_server:netlogon: generate FAULT_INVALID_TAG for invalid netr_LogonGetCapabilities levels Volker Lendecke (2): CVE-2022-2127: winbindd: Fix WINBINDD_PAM_AUTH_CRAP length checks CVE-2023-34968: lib: Move subdir_of() to source3/lib/util_path.c ----------------------------------------------------------------------- -- Samba Shared Repository