[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 40d783c Call smb_panic when we try to exit the server uncleanly. This gives us the normal traceback and memory dump, but also runs the normal panic action. via 1dcd75d auth/ntlmssp: Avoid use-after-free of user_info after logon failure at log level 5 from e865788 dbwrap: Add a comment explaining a restriction http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 40d783c397ea21d03d1ea7130a438dd8c0d817f1 Author: Richard Sharpe Date: Tue Mar 26 20:17:11 2013 -0700 Call smb_panic when we try to exit the server uncleanly. This gives us the normal traceback and memory dump, but also runs the normal panic action. Signed-off-by: Richard Sharpe Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Mar 27 22:58:37 CET 2013 on sn-devel-104 commit 1dcd75df4941d7032a66d3fbb86ac7696a3f Author: Andrew Bartlett Date: Fri Mar 15 13:00:55 2013 +1100 auth/ntlmssp: Avoid use-after-free of user_info after logon failure at log level 5 Reviewed-by: Jeremy Allison --- Summary of changes: auth/ntlmssp/ntlmssp_server.c |2 +- source3/smbd/server_exit.c|8 +--- 2 files changed, 2 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/auth/ntlmssp/ntlmssp_server.c b/auth/ntlmssp/ntlmssp_server.c index d9bea1c..442bd5d 100644 --- a/auth/ntlmssp/ntlmssp_server.c +++ b/auth/ntlmssp/ntlmssp_server.c @@ -449,11 +449,11 @@ static NTSTATUS ntlmssp_server_check_password(struct gensec_security *gensec_sec &gensec_ntlmssp->server_returned_info, user_session_key, lm_session_key); } - talloc_free(user_info); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(5, (__location__ ": Checking NTLMSSP password for %s\\%s failed: %s\n", user_info->client.domain_name, user_info->client.account_name, nt_errstr(nt_status))); } + TALLOC_FREE(user_info); NT_STATUS_NOT_OK_RETURN(nt_status); diff --git a/source3/smbd/server_exit.c b/source3/smbd/server_exit.c index fa28374..dfa2b1d 100644 --- a/source3/smbd/server_exit.c +++ b/source3/smbd/server_exit.c @@ -202,14 +202,8 @@ static void exit_server_common(enum server_exit_reason how, printing_end(); if (how != SERVER_EXIT_NORMAL) { - DEBUGSEP(0); - DEBUG(0,("Abnormal server exit: %s\n", - reason ? reason : "no explanation provided")); - DEBUGSEP(0); - log_stack_trace(); - - dump_core(); + smb_panic(reason); /* Notreached. */ exit(1); -- Samba Shared Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 1b2389d Add html header and footer from 73cdbcd Add CVE-2013-0454 page http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 1b2389d6ed7da9c1679a70c01d717a38d1a3f12c Author: Lars Müller Date: Wed Mar 27 16:26:04 2013 +0100 Add html header and footer --- Summary of changes: security/CVE-2013-0454.html | 22 ++ 1 files changed, 22 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/security/CVE-2013-0454.html b/security/CVE-2013-0454.html index 6137b10..6198449 100644 --- a/security/CVE-2013-0454.html +++ b/security/CVE-2013-0454.html @@ -1,3 +1,17 @@ +http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";> +http://www.w3.org/1999/xhtml";> + + +Samba - Security Announcement Archive + + + + + CVE-2013-0454.html: + + + === == Subject: A writable configured share might get read only == @@ -40,3 +54,11 @@ The release of this information was driven by Ulf Troppens of IBM February, 19th 2013. The required patch got written by Michael Adam 1st of February 2013. + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + + + -- Samba Website Repository
autobuild: intermittent test failure detected
The autobuild test system has detected an intermittent failing test in the current master tree. The autobuild log of the failure is available here: http://git.samba.org/autobuild.flakey/2013-03-27-1620/flakey.log The samba3 build logs are available here: http://git.samba.org/autobuild.flakey/2013-03-27-1620/samba3.stderr http://git.samba.org/autobuild.flakey/2013-03-27-1620/samba3.stdout The source4 build logs are available here: http://git.samba.org/autobuild.flakey/2013-03-27-1620/samba.stderr http://git.samba.org/autobuild.flakey/2013-03-27-1620/samba.stdout The top commit at the time of the failure was: commit e8657887a9c1deadbd4e98c8b66cd46bdf36402a Author: Volker Lendecke Date: Wed Mar 27 10:23:50 2013 +0100 dbwrap: Add a comment explaining a restriction Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Wed Mar 27 13:40:15 CET 2013 on sn-devel-104
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 73cdbcd Add CVE-2013-0454 page from 91d4fb8 Update latest stable release. http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 73cdbcdc0605cd76e4f9a3846f68eb3bf65a0aab Author: Lars Müller Date: Wed Mar 27 16:16:30 2013 +0100 Add CVE-2013-0454 page --- Summary of changes: security/CVE-2013-0454.html | 42 ++ 1 files changed, 42 insertions(+), 0 deletions(-) create mode 100644 security/CVE-2013-0454.html Changeset truncated at 500 lines: diff --git a/security/CVE-2013-0454.html b/security/CVE-2013-0454.html new file mode 100644 index 000..6137b10 --- /dev/null +++ b/security/CVE-2013-0454.html @@ -0,0 +1,42 @@ +=== +== Subject: A writable configured share might get read only +== +== CVE ID#: CVE-2013-0454 +== +== Versions:Samba 3.6.0 - 3.6.5 (inclusive) +== +== Summary: A share configuration 'read only = no' might result +== in 'read only = yes' +== +=== + +=== +Description +=== + +Due to a assignment vs equality bug a share reference might get +overwritten. This can lead to 'read only = no' from another share to +leak into a 'read only = yes' share for a subsequent connections. This +is a re-evaluation of an already fixed bug. + +== +Workaround +== + +Update to 3.6.6 or apply +http://git.samba.org/?p=samba.git;a=commit;h=15a423bf373a8116a0de7a627eaaea3932541e88 + +== +Patch Availability +== + +See above. + +=== +Credits +=== + +The release of this information was driven by Ulf Troppens of IBM +February, 19th 2013. + +The required patch got written by Michael Adam 1st of February 2013. -- Samba Website Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e865788 dbwrap: Add a comment explaining a restriction from e3f5e47 smbd: Remove an optimization that became unnecessary http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e8657887a9c1deadbd4e98c8b66cd46bdf36402a Author: Volker Lendecke Date: Wed Mar 27 10:23:50 2013 +0100 dbwrap: Add a comment explaining a restriction Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Wed Mar 27 13:40:15 CET 2013 on sn-devel-104 --- Summary of changes: lib/dbwrap/dbwrap.c | 11 +++ 1 files changed, 11 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/dbwrap/dbwrap.c b/lib/dbwrap/dbwrap.c index f0b7a9a..f03514d 100644 --- a/lib/dbwrap/dbwrap.c +++ b/lib/dbwrap/dbwrap.c @@ -453,6 +453,17 @@ int dbwrap_get_seqnum(struct db_context *db) int dbwrap_transaction_start(struct db_context *db) { if (!db->persistent) { + /* +* dbwrap_ctdb has two different data models for persistent +* and non-persistent databases. Transactions are supported +* only for the persistent databases. This check is here to +* prevent breakages of the cluster case, autobuild at this +* point only tests non-clustered Samba. Before removing this +* check, please make sure that this facility has also been +* added to dbwrap_ctdb. +* +* Thanks, vl +*/ DEBUG(1, ("transactions not supported on non-persistent " "database %s\n", db->name)); return -1; -- Samba Shared Repository