[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0daa0ff921b s4 dsdb/repl_meta_data: fix use after free in dsdb_audit_add_ldb_value via 4aa99243102 s4 dsdb/repl_meta_data: allocate new extended DNs during ADD on a better context via 5841b164b2c ldap: Add a database open after fork to speed-up prefork binds via ac9333cb91d util/charset/torture: ensure each cp850 high bytes is 3 utf8 bytes via 103d248bee8 util/charset/convert: do not pretend to realloc via a6f47b4f758 util/charset/convert: when retrying, retry from the start via 02507ebf10e util/charset/convert: do not overflow dest len in corner case via 265b3b0c6cc util/charset/convert: do not overflow dest len via 09355b78556 util/charset/convert_string: always set length via d1447aa8b54 test_regfio.c: include stdint.h before cmoka.h via 85b6f71c65e ldb: Release ldb 2.0.1 via 15f0c4969a7 ldb: remove unpack only attr list functionality via 9310d9088dc ldb: move ldb_kv's filter into pack code via 9f9bbb5aac1 ldb: removing msg and dn copying from filter attrs via a36e20c40cf ldb: perf test for pack format via ea7fd52a78d ldb: removing alloc from unpack_data via 73bf2949e85 ldb_kv: Use ldb_msg_add_steal_value() in msg_add_distinguished_name() via 94989e4e99c ldb_kv: Remove incorrect reference to LDB_UNPACK_DATA_FLAG_NO_DN from 28518c579d4 s3:libsmb: Add missing OOM check in fill_quota_buffer() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0daa0ff921b270df9b794f02acbaa391c95cd89b Author: Gary Lockyer Date: Tue May 14 15:53:22 2019 +1200 s4 dsdb/repl_meta_data: fix use after free in dsdb_audit_add_ldb_value Fix use after free detected by AddressSanitizer AddressSanitizer: heap-use-after-free on address 0x61400026a4a0 at pc 0x7fd555c52f12 bp 0x7ffed7231180 sp 0x7ffed7231170 READ of size 1 at 0x61400026a4a0 thread T0 #0 0x7fd555c52f11 in ldb_should_b64_encode ../../lib/ldb/common/ldb_ldif.c:197 #1 0x7fd539dc9417 in dsdb_audit_add_ldb_value ../../source4/dsdb/samdb/ldb_modules/audit_util.c:491 #2 0x7fd539dc9417 in dsdb_audit_attributes_json ../../source4/dsdb/samdb/ldb_modules/audit_util.c:651 #3 0x7fd539dc6a7e in operation_json ../../source4/dsdb/samdb/ldb_modules/audit_log.c:305 The problem is that at the successful end of these functions el->values is overwritten with new_values. However get_parsed_dns() points p->v at the supplied el and it effectively gets used as a working area by replmd_build_la_val(). So we must duplicate it because our caller only called ldb_msg_copy_shallow(). The reason this matters is that the audit_log module is above repl_meta_data in the stack, and tries to log the ldb_message it saw after the reply (to include the error code). If that ldb_message is changed it is not only misleading, it can point to memory that has since gone away. In this case the memory for the full extended DN in the member attribute ended up on 'ac', a context lost by the time repl_meta_data has finished processing. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13941 Signed-off-by: Gary Lockyer Signed-off-by: Andrew Bartlett Reviewed-by: Douglas Bagnall Autobuild-User(master): Andrew Bartlett Autobuild-Date(master): Wed May 15 05:35:47 UTC 2019 on sn-devel-184 commit 4aa9924310287ff3b36618496fa6c707c615ad4c Author: Andrew Bartlett Date: Wed May 15 14:47:53 2019 +1200 s4 dsdb/repl_meta_data: allocate new extended DNs during ADD on a better context Lower down in this function new_values is assigned over el->values and is filled in with the values of all the parsed DNs. Therefore it is the natural talloc parent. This will allow el->values to be allocated on tmp_ctx in the next commit for a working area during the function call. Signed-off-by: Andrew Bartlett Reviewed-by: Douglas Bagnall commit 5841b164b2c57e1389b5486be4ccef8eb47f6892 Author: Garming Sam Date: Wed May 8 12:40:48 2019 +1200 ldap: Add a database open after fork to speed-up prefork binds Removing this (system) database open from the later auth stack results in a 15-30% improvement in different types of binds and on different hardware (presumably better with slower disk speeds). Signed-off-by: Garming Sam Reviewed-by: Andrew Bartlett commit ac9333cb91dfdd80ba6b218861a5802c559cfec1 Author: Douglas Bagnall Date: Fri May 10 23:04:02 2019 +1200 util/charset/torture: ensure each cp850 high bytes is 3 utf8 bytes Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett commit
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 28518c579d4 s3:libsmb: Add missing OOM check in fill_quota_buffer() from 9345d11c44e docs: add vfs_ceph_snapshots manpage https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 28518c579d485389ed4f2951de5f49f16ee53680 Author: Andreas Schneider Date: Tue May 14 12:48:14 2019 +0200 s3:libsmb: Add missing OOM check in fill_quota_buffer() Found by covscan (csbuild). Signed-off-by: Andreas Schneider Reviewed-by: Noel Power Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed May 15 00:45:58 UTC 2019 on sn-devel-184 --- Summary of changes: source3/libsmb/cliquota.c | 8 +++- 1 file changed, 7 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/libsmb/cliquota.c b/source3/libsmb/cliquota.c index 52f98eb9e8f..17655e095f3 100644 --- a/source3/libsmb/cliquota.c +++ b/source3/libsmb/cliquota.c @@ -587,13 +587,19 @@ NTSTATUS fill_quota_buffer(TALLOC_CTX *mem_ctx, SMB_NTQUOTA_LIST **end_ptr) { int ndr_flags = NDR_SCALARS | NDR_BUFFERS; - struct ndr_push *qndr = ndr_push_init_ctx(mem_ctx); + struct ndr_push *qndr = NULL; uint32_t start_offset = 0; uint32_t padding = 0; if (qlist == NULL) { /* We must push at least one. */ return NT_STATUS_NO_MORE_ENTRIES; } + + qndr = ndr_push_init_ctx(mem_ctx); + if (qndr == NULL) { + return NT_STATUS_NO_MEMORY; + } + for (;qlist != NULL; qlist = qlist->next) { struct file_quota_information info = {0}; enum ndr_err_code err; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9345d11c44e docs: add vfs_ceph_snapshots manpage via 76f3b194c25 vfs: add ceph_snapshots module via 76d7d05b1da vfs_ceph: drop fdopendir handler from 43958af1d50 CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9345d11c44e55e9ad1eb6b55975d04561f5d2ba3 Author: David Disseldorp Date: Wed Mar 27 15:57:45 2019 +0100 docs: add vfs_ceph_snapshots manpage Signed-off-by: David Disseldorp Reviewed-by: Jeremy Allison Autobuild-User(master): David Disseldorp Autobuild-Date(master): Tue May 14 23:31:27 UTC 2019 on sn-devel-184 commit 76f3b194c25e8d388cde2da971d116479ac63d9d Author: David Disseldorp Date: Tue Mar 26 16:35:18 2019 +0100 vfs: add ceph_snapshots module vfs_ceph_snapshots is a module for accessing CephFS snapshots as Previous Versions. The module is separate from vfs_ceph, so that it can also be used atop a CephFS kernel backed share with vfs_default. Signed-off-by: David Disseldorp Reviewed-by: Jeremy Allison commit 76d7d05b1da6c0703b1c2bade0c4467c7cc1adec Author: David Disseldorp Date: Wed Mar 27 13:10:04 2019 +0100 vfs_ceph: drop fdopendir handler libcephfs doesn't currently offer an fdopendir equivalent, so the existing implementation peeks at fsp->fsp_name->base_name, which can break if vfs_ceph is used under a separate path-munging VFS module. Return ENOSYS instead and rely on existing OpenDir_fsp() fallback. Signed-off-by: David Disseldorp Reviewed-by: Jeremy Allison --- Summary of changes: docs-xml/manpages/vfs_ceph_snapshots.8.xml | 130 ++ docs-xml/wscript_build |1 + source3/modules/vfs_ceph.c | 15 +- source3/modules/vfs_ceph_snapshots.c | 1835 source3/modules/wscript_build |8 + source3/wscript|5 + 6 files changed, 1982 insertions(+), 12 deletions(-) create mode 100644 docs-xml/manpages/vfs_ceph_snapshots.8.xml create mode 100644 source3/modules/vfs_ceph_snapshots.c Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/vfs_ceph_snapshots.8.xml b/docs-xml/manpages/vfs_ceph_snapshots.8.xml new file mode 100644 index 000..7fa2806fd95 --- /dev/null +++ b/docs-xml/manpages/vfs_ceph_snapshots.8.xml @@ -0,0 +1,130 @@ + +http://www.samba.org/samba/DTD/samba-doc;> + + + + vfs_ceph_snapshots + 8 + Samba + System Administration tools + + + + + + vfs_ceph_snapshots + + Expose CephFS snapshots as shadow-copies + + + + + + vfs objects = ceph_snapshots + + + + + DESCRIPTION + + This VFS module is part of the + samba + 8 suite. + + + The vfs_ceph_snapshots VFS module exposes + CephFS snapshots for use by Samba. When enabled, SMB clients + such as Windows Explorer's Previous Versions dialog, can + enumerate snaphots and access them via "timewarp" tokens. + + + + This module can be combined with vfs_ceph, + but vfs_ceph_snapshots must be listed first + in the vfs objects parameter list. + + + + CephFS support for ceph.snap.btime virtual extended attributes + is required for this module to work properly. This support was + added via https://tracker.ceph.com/issues/38838. + + + + + CONFIGURATION + + + When used atop vfs_ceph, + path refers to an absolute path within the + Ceph filesystem and should not be mounted locally: + + + + + ceph_snapshots ceph + /non-mounted/cephfs/path + no + + + + vfs_ceph_snapshots can also be used atop a + kernel CephFS mounted share path, without + vfs_ceph. In this case Samba's default VFS + backend vfs_default is used: + + + + + ceph_snapshots + /mnt/cephfs/ + + + + + OPTIONS + + + + ceph:snapdir = subdirectory + + + Allows for the configuration of the special CephFS + snapshot subdirectory name. This parameter should only + be changed from the ".snap" default if the ceph.conf + client snapdir or + snapdirname mount option settings + are changed from their
autobuild[sn-devel-184]: intermittent test failure detected
The autobuild test system (on sn-devel-184) has detected an intermittent failing test in the current master tree. The autobuild log of the failure is available here: https://git.samba.org/autobuild.flakey.sn-devel-184/2019-05-14-2141/flakey.log The failure seems to be in the "samba-ad-member" suite, whose build logs are available here: https://git.samba.org/autobuild.flakey.sn-devel-184/2019-05-14-2141/samba-ad-member.stderr https://git.samba.org/autobuild.flakey.sn-devel-184/2019-05-14-2141/samba-ad-member.stdout The top commit at the time of the failure was: commit 43958af1d50f0185e21e6cd74110c455ee8996af Author: Isaac Boukris Date: Wed Jan 30 23:49:07 2019 +0200 CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum BUG: https://bugzilla.samba.org/show_bug.cgi?id=13685 Signed-off-by: Isaac Boukris Reviewed-by: Andrew Bartlett Signed-off-by: Andrew Bartlett Autobuild-User(master): Karolin Seeger Autobuild-Date(master): Tue May 14 11:45:13 UTC 2019 on sn-devel-184 and the last 50 lines of the stdout log were: [75(596)/85 at 6m59s] samba.wbinfo_simple.user-groups=$DOMAIN/$DC_USERNAME(ad_member:local) [76(597)/85 at 6m59s] samba.wbinfo_simple.authenticate=$DOMAIN/$DC_USERNAME%$DC_PASSWORD(ad_member:local) [77(598)/85 at 7m0s] samba.wbinfo_simple.allocate-uid(ad_member:local) [78(599)/85 at 7m0s] samba.wbinfo_simple.allocate-gid(ad_member:local) [79(600)/85 at 7m0s] samba.wbinfo_sids2xids.(ad_member:local)(ad_member:local) [80(601)/85 at 7m13s] samba.tests.ntlm_auth(ad_member:local) [81(614)/85 at 7m17s] samba.nss.test using winbind(ad_member:local)(ad_member:local) [82(615)/85 at 7m17s] samba.tests.auth_log_winbind(ad_member:local) WARNING: The "server schannel" option is deprecated INFO: Received PING message from server 4079675.8 [] {"timestamp": "2019-05-14T21:41:02.637163+", "type": "Authentication", "Authentication": {"version": {"major": 1, "minor": 2}, "eventId": 4624, "logonId": "19d3e483c67e5e59", "logonType": 3, "status": "NT_STATUS_OK", "localAddress": "ipv4:127.0.0.30:1026", "remoteAddress": "ipv4:127.0.0.29:41980", "serviceDescription": "SamLogon", "authDescription": "network", "clientDomain": "ADDOMAIN", "clientAccount": "Administrator", "workstation": "LOCALADMEMBER", "becameAccount": "Administrator", "becameDomain": "ADDOMAIN", "becameSid": "S-1-5-21-3932759461-3408854914-726440174-500", "mappedAccount": "Administrator", "mappedDomain": "ADDOMAIN", "netlogonComputer": "LOCALADMEMBER", "netlogonTrustAccount": "LOCALADMEMBER$", "netlogonNegotiateFlags": "0x610F", "netlogonSecureChannelType": 2, "netlogonTrustAccountSid": "S-1-5-21-3932759461-3408854914-726440174-1109", "passwordType": "NTLMv2", "duration": 8744}} INFO: Received PING message from server 4081924.884777597 [] {"timestamp": "2019-05-14T21:41:02.533609+", "type": "Authentication", "Authentication": {"version": {"major": 1, "minor": 2}, "eventId": 4625, "logonId": "282ed7a1f54a2fc0", "logonType": 2, "status": "NT_STATUS_NO_SUCH_USER", "localAddress": "unix:", "remoteAddress": "unix:", "serviceDescription": "winbind", "authDescription": "PASSDB, wbinfo, 4081910", "clientDomain": "", "clientAccount": "Administrator", "workstation": "LOCALADMEMBER", "becameAccount": null, "becameDomain": null, "becameSid": null, "mappedAccount": "Administrator", "mappedDomain": "", "netlogonComputer": null, "netlogonTrustAccount": null, "netlogonNegotiateFlags": "0x", "netlogonSecureChannelType": 0, "netlogonTrustAccountSid": null, "passwordType": "NTLMv2", "duration": 146}} INFO: Received PING message from server 4081924.4273897483 [] {"timestamp": "2019-05-14T21:41:02.623141+", "type": "Authentication", "Authentication": {"version": {"major": 1, "minor": 2}, "eventId": 4625, "logonId": "282ed7a1f54a2fc0", "logonType": 8, "status": "NT_STATUS_INVALID_HANDLE", "localAddress": "unix:", "remoteAddress": "unix:", "serviceDescription": "winbind", "authDescription": "PAM_AUTH, wbinfo, 4081910", "clientDomain": "", "clientAccount": "Administrator", "workstation": null, "becameAccount": "", "becameDomain": "", "becameSid": null, "mappedAccount": null, "mappedDomain": null, "netlogonComputer": null, "netlogonTrustAccount": null, "netlogonNegotiateFlags": "0x", "netlogonSecureChannelType": 0, "netlogonTrustAccountSid": null, "passwordType": "Plaintext", "duration": 89764}} INFO: Received PING message from server 4081918.2655878316 [] {"timestamp": "2019-05-14T21:41:02.638702+", "type": "Authentication", "Authentication": {"version": {"major": 1, "minor": 2}, "eventId": 4624, "logonId": "19d3e483c67e5e59", "logonType": 3, "status": "NT_STATUS_OK", "localAddress": "unix:", "remoteAddress": "unix:", "serviceDescription": "winbind", "authDescription": "NTLM_AUTH, wbinfo, 4081910", "clientDomain": "ADDOMAIN", "clientAccount": "Administrator", "workstation": "LOCALADMEMBER", "becameAccount":
[SCM] Samba Shared Repository - branch v4-10-test updated
The branch, v4-10-test has been updated via 893ac2a6b20 netcmd: Fix passwordsettings --max-pwd-age command via afc2243b478 netcmd: Add some timestamp conversion helper functions via 36da4c095de netcmd: Use python constant for -0x8000 via 1efa1e01194 tests: Add test for setting min/maxPwdAge via ea74b0eb2ef dbcheck: fix the err_empty_attribute() check via b01e1e3376b winbind: Use domain name from lsa query for sid_to_name cache entry via 9034980420d winbind: Return queried domain name from name_to_sid via b519cd2156d winbind: Query domain from winbind sam_name_to_sid via af48878005a winbind: Query domain from winbind rpc name_to_sid via 2670fe83374 winbind: Query domain from msrpc name_to_sid via b7f79137dcd nsswitch: Add testcase for checking output of wbinfo --sid-to-name from 2ad7a4a6477 VERSION: Bump version up to 4.10.4. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-10-test - Log - commit 893ac2a6b2046e4e1d7a46f2a2c50afc7546d3b2 Author: Tim Beale Date: Wed Apr 3 09:10:55 2019 +1300 netcmd: Fix passwordsettings --max-pwd-age command The min_pwd_age and max_pwd_age parameters are both optional and default to None. However, if we just set the max-pwd-age, then the check 'min_pwd_age >= max_pwd_age' will throw a Python exception because it's trying to compare an int to NoneType (min_pwd_age). This works on Python 2 but is a problem on Python 3. We could just add a check that min_pwd_age is not None, but that defeats the point of having the check if you're only setting either the min or max age indepedently. This patch gets the current min/max password age from the DB (in ticks). If either setting is changed, the ticks will be updated. Then at the end we check the min is still less than the max (to do this, we convert the ticks back to days in the interests of readability). BUG: https://bugzilla.samba.org/show_bug.cgi?id=13873 Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett Autobuild-User(master): Andrew Bartlett Autobuild-Date(master): Fri Apr 5 08:03:08 UTC 2019 on sn-devel-144 (cherry picked from commit 7a410ccb5f6f2958d56fa6f16d8780c69a3830dd) Autobuild-User(v4-10-test): Karolin Seeger Autobuild-Date(v4-10-test): Tue May 14 17:36:28 UTC 2019 on sn-devel-144 commit afc2243b4785180c74bccaa5491396fe7d5d8bcd Author: Tim Beale Date: Tue Apr 2 11:10:41 2019 +1300 netcmd: Add some timestamp conversion helper functions BUG: https://bugzilla.samba.org/show_bug.cgi?id=13873 Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett (cherry picked from commit 940306a24a8d14fbb8c76c5a60b3d5f2773873a0) commit 36da4c095deb73dfb14ca629b223998fce1f9403 Author: Tim Beale Date: Mon Apr 1 16:42:32 2019 +1300 netcmd: Use python constant for -0x8000 BUG: https://bugzilla.samba.org/show_bug.cgi?id=13873 Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett (cherry picked from commit b43f997f2397771b159c49526a36bd2b3467b0ef) commit 1efa1e011941075d24b55f5228c167fd847ed61d Author: Tim Beale Date: Mon Apr 1 16:32:27 2019 +1300 tests: Add test for setting min/maxPwdAge Currently setting maxPwdAge doesn't work at all. While we're adding a test, we might as well assert that minPwdAge can't be greater than maxPwdAge as well. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13873 Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett (cherry picked from commit d247a600845fdc6bf232496e8db56cd1d95a3022) commit ea74b0eb2ef634b35eb0c51053ba3f87d3bee383 Author: Stefan Metzmacher Date: Tue Mar 19 13:16:59 2019 +0100 dbcheck: fix the err_empty_attribute() check ldb.bytes('') == '' is never True in python3, we nee ldb.bytes('') == b'' in order to check that on attribute has an empty value, that seems to work for python2 and python3. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13843 Signed-off-by: Stefan Metzmacher Reviewed-by: Noel Power Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Thu Mar 21 18:15:20 UTC 2019 on sn-devel-144 (cherry picked from commit 261ef9d5b62f0d49f858717e6d8b4b41f008efb5) commit b01e1e3376be76fea435f987e0edea98161b7a35 Author: Christof Schmitt Date: Mon Mar 11 16:14:02 2019 -0700 winbind: Use domain name from lsa query for sid_to_name cache entry When winbindd is asked to map a name like realm.com\name to a SID ,that is sucessfully resolved through the lsa lookup name call. The same call also returns the short domain name (netbios name of the domain). Use that short domain name for the sid_to_name cache entry, so that subsequent
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 43958af1d50 CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum via 5639e973c1f CVE-2018-16860 selftest: Add test for S4U2Self with unkeyed checksum from b1f4c86eea0 ctdb-common: Fix memory leak in run_proc https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 43958af1d50f0185e21e6cd74110c455ee8996af Author: Isaac Boukris Date: Wed Jan 30 23:49:07 2019 +0200 CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum BUG: https://bugzilla.samba.org/show_bug.cgi?id=13685 Signed-off-by: Isaac Boukris Reviewed-by: Andrew Bartlett Signed-off-by: Andrew Bartlett Autobuild-User(master): Karolin Seeger Autobuild-Date(master): Tue May 14 11:45:13 UTC 2019 on sn-devel-184 commit 5639e973c1f6f1b28b122741763f1d05b47bc2d8 Author: Isaac Boukris Date: Thu Apr 25 22:12:10 2019 +1200 CVE-2018-16860 selftest: Add test for S4U2Self with unkeyed checksum BUG: https://bugzilla.samba.org/show_bug.cgi?id=13685 Signed-off-by: Isaac Boukris Signed-off-by: Andrew Bartlett --- Summary of changes: source4/heimdal/kdc/krb5tgs.c| 7 +++ source4/torture/krb5/kdc-canon-heimdal.c | 105 +-- 2 files changed, 108 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/heimdal/kdc/krb5tgs.c b/source4/heimdal/kdc/krb5tgs.c index a888788bb6f..ff7d93138c0 100644 --- a/source4/heimdal/kdc/krb5tgs.c +++ b/source4/heimdal/kdc/krb5tgs.c @@ -1925,6 +1925,13 @@ server_lookup: goto out; } + if (!krb5_checksum_is_keyed(context, self.cksum.cksumtype)) { + free_PA_S4U2Self(); + kdc_log(context, config, 0, "Reject PA-S4U2Self with unkeyed checksum"); + ret = KRB5KRB_AP_ERR_INAPP_CKSUM; + goto out; + } + ret = _krb5_s4u2self_to_checksumdata(context, , ); if (ret) goto out; diff --git a/source4/torture/krb5/kdc-canon-heimdal.c b/source4/torture/krb5/kdc-canon-heimdal.c index 30eca87cb52..ee3045181dc 100644 --- a/source4/torture/krb5/kdc-canon-heimdal.c +++ b/source4/torture/krb5/kdc-canon-heimdal.c @@ -44,7 +44,8 @@ #define TEST_S4U2SELF 0x080 #define TEST_REMOVEDOLLAR 0x100 #define TEST_AS_REQ_SPN 0x200 -#define TEST_ALL 0x3FF +#define TEST_MITM_S4U2SELF0x400 +#define TEST_ALL 0x7FF struct test_data { const char *test_name; @@ -62,6 +63,7 @@ struct test_data { bool upn; bool other_upn_suffix; bool s4u2self; + bool mitm_s4u2self; bool removedollar; bool as_req_spn; bool spn_is_upn; @@ -212,6 +214,67 @@ static bool test_accept_ticket(struct torture_context *tctx, return true; } +krb5_error_code +_krb5_s4u2self_to_checksumdata(krb5_context context, + const PA_S4U2Self *self, + krb5_data *data); + +/* Helper function to modify the principal in PA_FOR_USER padata */ +static bool change_for_user_principal(struct torture_krb5_context *test_context, + krb5_data *modified_send_buf) +{ + PA_DATA *for_user; + int i = 0; + size_t used; + krb5_error_code ret; + PA_S4U2Self self, mod_self; + krb5_data cksum_data; + krb5_principal admin; + heim_octet_string orig_padata_value; + krb5_context k5_ctx = test_context->smb_krb5_context->krb5_context; + + for_user = krb5_find_padata(test_context->tgs_req.padata->val, + test_context->tgs_req.padata->len, KRB5_PADATA_FOR_USER, ); + torture_assert(test_context->tctx, for_user != NULL, "No PA_FOR_USER in s4u2self request"); + orig_padata_value = for_user->padata_value; + + torture_assert_int_equal(test_context->tctx, +krb5_make_principal(k5_ctx, , test_context->test_data->realm, +"Administrator", NULL), +0, "krb5_make_principal() failed"); + torture_assert_int_equal(test_context->tctx, +decode_PA_S4U2Self(for_user->padata_value.data, + for_user->padata_value.length, , NULL), +0, "decode_PA_S4U2Self() failed"); + mod_self = self; + mod_self.name = admin->name; + + torture_assert_int_equal(test_context->tctx, +_krb5_s4u2self_to_checksumdata(k5_ctx, _self, _data), +0, "_krb5_s4u2self_to_checksumdata() failed"); +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b1f4c86eea0 ctdb-common: Fix memory leak in run_proc via 30bc6e2529c ctdb-common: Fix memory leak via 6a2941e2a9f ctdb-recoverd: Fix memory leak via dc89db8ca6a ctdb-tests: Fix logic error in simple ctdb reloadips test via 8be4ee1a28d ctdb-tests: Make ctdb reloadips tests more reliable via cf00db40355 ctdb-tests: Capture output in $out on failure as well from b1a32dd7f50 selftest: enable undefined behaviour sanitizer https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b1f4c86eea022999d5439e4a6ef3494fe41479b6 Author: Amitay Isaacs Date: Mon May 13 17:07:59 2019 +1000 ctdb-common: Fix memory leak in run_proc BUG: https://bugzilla.samba.org/show_bug.cgi?id=13943 Signed-off-by: Amitay Isaacs Reviewed-by: Martin Schwenke Autobuild-User(master): Amitay Isaacs Autobuild-Date(master): Tue May 14 08:59:03 UTC 2019 on sn-devel-184 commit 30bc6e2529cdd444d4ec7902844c3a6fb0858090 Author: Martin Schwenke Date: Sat May 11 17:33:57 2019 +1000 ctdb-common: Fix memory leak BUG: https://bugzilla.samba.org/show_bug.cgi?id=13943 Signed-off-by: Martin Schwenke Reviewed-by: Amitay Isaacs commit 6a2941e2a9fd6ab2d5b8dbac042b61a7b1b0b914 Author: Martin Schwenke Date: Sat May 11 14:24:24 2019 +1000 ctdb-recoverd: Fix memory leak state is always freed before exiting this function, so allocate fde off it instead of long-lived ctdb context. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13943 Signed-off-by: Martin Schwenke Reviewed-by: Amitay Isaacs commit dc89db8ca6aadd4a9f7e8a85843c53709d04587c Author: Martin Schwenke Date: Tue May 7 15:42:49 2019 +1000 ctdb-tests: Fix logic error in simple ctdb reloadips test There is a chance that restoring IP addresses to the test node will result in different IP addresses being assigned to that node. Removing a single IP address may then fail (or be a no-op) if it is done after the restore. So, swap the single IP address removal to happen first, then restore, then remove all IP addresses. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13924 Signed-off-by: Martin Schwenke Reviewed-by: Amitay Isaacs commit 8be4ee1a28d5c037955832b6f827d40f28f02796 Author: Martin Schwenke Date: Tue May 7 15:29:19 2019 +1000 ctdb-tests: Make ctdb reloadips tests more reliable ctdb reloadips will fail if it can't disable takover runs. The most likely reason for this is that there is already a takeover run in progress. We can't predict when this will happen, so retry if this occurs. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13924 Signed-off-by: Martin Schwenke Reviewed-by: Amitay Isaacs commit cf00db40355b49443263187f9d97934f91287e51 Author: Martin Schwenke Date: Mon May 13 17:40:15 2019 +1000 ctdb-tests: Capture output in $out on failure as well BUG: https://bugzilla.samba.org/show_bug.cgi?id=13924 Signed-off-by: Martin Schwenke Reviewed-by: Amitay Isaacs --- Summary of changes: ctdb/common/event_script.c | 3 +- ctdb/common/run_proc.c | 7 +++- ctdb/server/ctdb_recoverd.c | 2 +- ctdb/tests/complex/18_ctdb_reloadips.sh | 35 +++-- ctdb/tests/scripts/integration.bash | 8 ++-- ctdb/tests/simple/18_ctdb_reloadips.sh | 70 +++-- 6 files changed, 94 insertions(+), 31 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/common/event_script.c b/ctdb/common/event_script.c index 8978d1452c0..8bdfdd0b5ca 100644 --- a/ctdb/common/event_script.c +++ b/ctdb/common/event_script.c @@ -117,7 +117,8 @@ int event_script_get_list(TALLOC_CTX *mem_ctx, } *out = script_list; - return 0; + ret = 0; + goto done; nomem: ret = ENOMEM; diff --git a/ctdb/common/run_proc.c b/ctdb/common/run_proc.c index 037b6d9651d..0c3c1de72fe 100644 --- a/ctdb/common/run_proc.c +++ b/ctdb/common/run_proc.c @@ -302,13 +302,15 @@ again: proc->fd = -1; } + DLIST_REMOVE(run_ctx->plist, proc); + /* Active run_proc request */ if (proc->req != NULL) { run_proc_done(proc->req); + } else { + talloc_free(proc); } - DLIST_REMOVE(run_ctx->plist, proc); - goto again; } @@ -426,6 +428,7 @@ static void run_proc_done(struct tevent_req *req) if (state->proc->output != NULL) { state->output = talloc_steal(state, state->proc->output); } + talloc_steal(state, state->proc); tevent_req_done(req); } diff --git a/ctdb/server/ctdb_recoverd.c
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b1a32dd7f50 selftest: enable undefined behaviour sanitizer via b0cc6d21748 s4 dsdb: fix use after free in samldb_rename_search_base_callback from c75fbeaa961 ctdb-tests: Remove old socket wrapper state directory during setup https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b1a32dd7f50ed0aee3d0eea5a124cb8ddfa417ad Author: Gary Lockyer Date: Tue May 14 11:25:07 2019 +1200 selftest: enable undefined behaviour sanitizer Add a --undefined-sanitizer option to configure, this causes the tests to be run with the undefined behaviout sanitizer enabled. Errors can be suppressed by adding entries to selftest/ubsan.supp Signed-off-by: Gary Lockyer Reviewed-by: Andrew Bartlett Autobuild-User(master): Andrew Bartlett Autobuild-Date(master): Tue May 14 07:20:28 UTC 2019 on sn-devel-184 commit b0cc6d217485c317b2138347216fac5d74684328 Author: Gary Lockyer Date: Tue May 14 13:10:22 2019 +1200 s4 dsdb: fix use after free in samldb_rename_search_base_callback Fix use after free detected by AddressSanitizer AddressSanitizer: heap-use-after-free on address 0x60f0002b2738 at pc 0x7f89b1a213b5 bp 0x7ffce9528810 sp 0x7ffce9528800 READ of size 8 at 0x60f0002b2738 thread T0 #0 0x7f89b1a213b4 in samldb_rename_search_base_callback ../../source4/dsdb/samdb/ldb_modules/samldb.c:4203 #1 0x7f89d3a0db4a in ldb_module_send_entry ../../lib/ldb/common/ldb_modules.c:793 #2 0x7f89b6f27356 in es_callback ../../source4/dsdb/samdb/ldb_modules/encrypted_secrets.c:1418 Bug: https://bugzilla.samba.org/show_bug.cgi?id=13942 Signed-off-by: Gary Lockyer Reviewed-by: Andrew Bartlett --- Summary of changes: buildtools/wafsamba/samba_autoconf.py | 9 - buildtools/wafsamba/wscript | 5 + selftest/ubsan.supp | 6 ++ selftest/wscript| 11 +-- source4/dsdb/samdb/ldb_modules/samldb.c | 1 - 5 files changed, 28 insertions(+), 4 deletions(-) create mode 100644 selftest/ubsan.supp Changeset truncated at 500 lines: diff --git a/buildtools/wafsamba/samba_autoconf.py b/buildtools/wafsamba/samba_autoconf.py index 0dbfd54393f..be179d8b29b 100644 --- a/buildtools/wafsamba/samba_autoconf.py +++ b/buildtools/wafsamba/samba_autoconf.py @@ -793,10 +793,17 @@ int main(void) { if Options.options.pedantic: conf.ADD_CFLAGS('-W', testflags=True) +if (Options.options.address_sanitizer or +Options.options.undefined_sanitizer): +conf.ADD_CFLAGS('-fno-omit-frame-pointer -O1', testflags=True) if Options.options.address_sanitizer: -conf.ADD_CFLAGS('-fno-omit-frame-pointer -O1 -fsanitize=address', testflags=True) +conf.ADD_CFLAGS('-fsanitize=address', testflags=True) conf.ADD_LDFLAGS('-fsanitize=address', testflags=True) conf.env['ADDRESS_SANITIZER'] = True +if Options.options.undefined_sanitizer: +conf.ADD_CFLAGS('-fsanitize=undefined', testflags=True) +conf.ADD_LDFLAGS('-fsanitize=undefined', testflags=True) +conf.env['UNDEFINED_SANITIZER'] = True # Let people pass an additional ADDITIONAL_{CFLAGS,LDFLAGS} diff --git a/buildtools/wafsamba/wscript b/buildtools/wafsamba/wscript index 2e14a326cb8..8014716e64e 100644 --- a/buildtools/wafsamba/wscript +++ b/buildtools/wafsamba/wscript @@ -128,6 +128,11 @@ def options(opt): gr.add_option('--address-sanitizer', help=("Enable address sanitizer compile and linker flags"), action="store_true", dest='address_sanitizer', default=False) +gr.add_option('--undefined-sanitizer', +help=("Enable undefined behaviour sanitizer compile and linker flags"), +action="store_true", +dest='undefined_sanitizer', +default=False) gr.add_option('--abi-check', help=("Check ABI signatures for libraries"), diff --git a/selftest/ubsan.supp b/selftest/ubsan.supp new file mode 100644 index 000..423e0838690 --- /dev/null +++ b/selftest/ubsan.supp @@ -0,0 +1,6 @@ +# Suppress the +# "left shift of x by y places cannot be represented in type 'int'" +# in the heimdal code for now. +shift-base:../../source4/heimdal/lib/hcrypto/des.c +shift-base:../../source4/heimdal/lib/krb5/crypto.c + diff --git a/selftest/wscript b/selftest/wscript index 5116d7ee31b..5c864ebed96 100644 --- a/selftest/wscript +++ b/selftest/wscript @@ -265,8 +265,9 @@ def cmd_testonly(opt): if env.ADDRESS_SANITIZER: # We try to find the correct libasan automatically -libasan = Utils.cmd_output('ldd bin/texpect | grep libasan| cut -f 3 -d \
[SCM] Samba Shared Repository - branch v4-10-stable updated
The branch, v4-10-stable has been updated via 6c23ad16f02 VERSION: Disable GIT_SNAPSHOT for the 4.10.3 release. via 20ce967a45a WHATSNEW: Add release notes for Samba 4.10.3. via 12086db2101 CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum via 6ad19ca4687 CVE-2018-16860 selftest: Add test for S4U2Self with unkeyed checksum via 6a7e06239fb VERSION: Re-enable GIT_SNAPSHOT. via 770352cd077 VERSION: Bump version up to 4.10.3. from 17cd92e1c36 VERSION: Disable GIT_SNAPSHOT for 4.10.2 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-10-stable - Log - commit 6c23ad16f02497d086f42dccd75c6fcc5dad Author: Karolin Seeger Date: Tue May 7 11:06:14 2019 +0200 VERSION: Disable GIT_SNAPSHOT for the 4.10.3 release. CVE-2018-16860 (Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum) Signed-off-by: Karolin Seeger commit 20ce967a45a140475b36c90b8c24ba51374e57d2 Author: Karolin Seeger Date: Tue May 7 10:46:21 2019 +0200 WHATSNEW: Add release notes for Samba 4.10.3. CVE-2018-16860 (Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum) Signed-off-by: Karolin Seeger commit 12086db2101beb44db41da0a811a6be8544b546e Author: Isaac Boukris Date: Wed Jan 30 23:49:07 2019 +0200 CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum BUG: https://bugzilla.samba.org/show_bug.cgi?id=13685 Signed-off-by: Isaac Boukris Reviewed-by: Andrew Bartlett Signed-off-by: Andrew Bartlett commit 6ad19ca46879f166e896562b88244e2ffd17e1ed Author: Isaac Boukris Date: Thu Apr 25 22:12:10 2019 +1200 CVE-2018-16860 selftest: Add test for S4U2Self with unkeyed checksum BUG: https://bugzilla.samba.org/show_bug.cgi?id=13685 Signed-off-by: Isaac Boukris Signed-off-by: Andrew Bartlett commit 6a7e06239fb725f77877ed6e3435ef101a162148 Author: Karolin Seeger Date: Tue May 7 11:02:17 2019 +0200 VERSION: Re-enable GIT_SNAPSHOT. Signed-off-by: Karolin Seeger commit 770352cd07776fcfc49511b0b393c2e6371724e9 Author: Karolin Seeger Date: Mon Apr 8 12:30:35 2019 +0200 VERSION: Bump version up to 4.10.3. Signed-off-by: Karolin Seeger (cherry picked from commit cf323d769f0f75a8201b21e5563fc5481beb614e) --- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 58 - source4/heimdal/kdc/krb5tgs.c| 7 +++ source4/torture/krb5/kdc-canon-heimdal.c | 105 +-- 4 files changed, 165 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index db76ce216a7..2b49166b9c6 100644 --- a/VERSION +++ b/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=10 -SAMBA_VERSION_RELEASE=2 +SAMBA_VERSION_RELEASE=3 # If a official release has a serious bug # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index f88d3e99b3c..8472caa032c 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,3 +1,57 @@ + == + Release Notes for Samba 4.10.3 +May 14, 2019 + == + + +This is a security release in order to address the following defect: + +o CVE-2018-16860 (Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum) + + +=== +Details +=== + +o CVE-2018-16860: + The checksum validation in the S4U2Self handler in the embedded Heimdal KDC + did not first confirm that the checksum was keyed, allowing replacement of + the requested target (client) principal. + +For more details and workarounds, please refer to the security advisory. + + +Changes since 4.10.2: +- + +o Isaac Boukris + * BUG 13685: CVE-2018-16860: Heimdal KDC: Reject PA-S4U2Self with unkeyed + checksum. + + +### +Reporting bugs & Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the "Samba 4.1 and newer" product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + +
[SCM] Samba Shared Repository - branch v4-10-test updated
The branch, v4-10-test has been updated via 2ad7a4a6477 VERSION: Bump version up to 4.10.4. from c0a8bd3d66e Merge tag 'samba-4.10.3' into v4-10-test https://git.samba.org/?p=samba.git;a=shortlog;h=v4-10-test - Log - commit 2ad7a4a64779c06ff4c4aa874656c778c823b959 Author: Karolin Seeger Date: Tue May 14 08:23:51 2019 +0200 VERSION: Bump version up to 4.10.4. Signed-off-by: Karolin Seeger --- Summary of changes: VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 9f59cca..d6337dea09a 100644 --- a/VERSION +++ b/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=10 -SAMBA_VERSION_RELEASE=3 +SAMBA_VERSION_RELEASE=4 # If a official release has a serious bug # -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-10-test updated
The branch, v4-10-test has been updated via c0a8bd3d66e Merge tag 'samba-4.10.3' into v4-10-test via 70a164b3214 VERSION: Disable GIT_SNAPSHOT for the 4.10.3 release. via 20ce967a45a WHATSNEW: Add release notes for Samba 4.10.3. via 12086db2101 CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum via 6ad19ca4687 CVE-2018-16860 selftest: Add test for S4U2Self with unkeyed checksum via 6a7e06239fb VERSION: Re-enable GIT_SNAPSHOT. via 770352cd077 VERSION: Bump version up to 4.10.3. from c7b67d3cb37 s3/vfs_glusterfs: Dynamically determine NAME_MAX https://git.samba.org/?p=samba.git;a=shortlog;h=v4-10-test - Log - commit c0a8bd3d66e2dbfab166db082e4ad253adaed9cb Merge: c7b67d3cb37 70a164b3214 Author: Karolin Seeger Date: Tue May 14 08:21:05 2019 +0200 Merge tag 'samba-4.10.3' into v4-10-test samba: tag release samba-4.10.3 commit 70a164b3214026fe6f94c7b4c468c49d0557e2e5 Author: Karolin Seeger Date: Tue May 7 11:06:14 2019 +0200 VERSION: Disable GIT_SNAPSHOT for the 4.10.3 release. Signed-off-by: Karolin Seeger --- Summary of changes: WHATSNEW.txt | 58 - source4/heimdal/kdc/krb5tgs.c| 7 +++ source4/torture/krb5/kdc-canon-heimdal.c | 105 +-- 3 files changed, 164 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index f88d3e99b3c..8472caa032c 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,3 +1,57 @@ + == + Release Notes for Samba 4.10.3 +May 14, 2019 + == + + +This is a security release in order to address the following defect: + +o CVE-2018-16860 (Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum) + + +=== +Details +=== + +o CVE-2018-16860: + The checksum validation in the S4U2Self handler in the embedded Heimdal KDC + did not first confirm that the checksum was keyed, allowing replacement of + the requested target (client) principal. + +For more details and workarounds, please refer to the security advisory. + + +Changes since 4.10.2: +- + +o Isaac Boukris + * BUG 13685: CVE-2018-16860: Heimdal KDC: Reject PA-S4U2Self with unkeyed + checksum. + + +### +Reporting bugs & Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the "Samba 4.1 and newer" product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + + +Release notes for older releases follow: + + == Release Notes for Samba 4.10.2 April 8, 2019 @@ -57,8 +111,8 @@ database (https://bugzilla.samba.org/). == -Release notes for older releases follow: - +-- + == Release Notes for Samba 4.10.1 diff --git a/source4/heimdal/kdc/krb5tgs.c b/source4/heimdal/kdc/krb5tgs.c index a888788bb6f..ff7d93138c0 100644 --- a/source4/heimdal/kdc/krb5tgs.c +++ b/source4/heimdal/kdc/krb5tgs.c @@ -1925,6 +1925,13 @@ server_lookup: goto out; } + if (!krb5_checksum_is_keyed(context, self.cksum.cksumtype)) { + free_PA_S4U2Self(); + kdc_log(context, config, 0, "Reject PA-S4U2Self with unkeyed checksum"); + ret = KRB5KRB_AP_ERR_INAPP_CKSUM; + goto out; + } + ret = _krb5_s4u2self_to_checksumdata(context, , ); if (ret) goto out; diff --git a/source4/torture/krb5/kdc-canon-heimdal.c b/source4/torture/krb5/kdc-canon-heimdal.c index 30eca87cb52..ee3045181dc 100644 --- a/source4/torture/krb5/kdc-canon-heimdal.c +++ b/source4/torture/krb5/kdc-canon-heimdal.c @@ -44,7 +44,8 @@ #define TEST_S4U2SELF 0x080 #define TEST_REMOVEDOLLAR 0x100 #define
[SCM] Samba Shared Repository - branch v4-8-stable updated
The branch, v4-8-stable has been updated via a72d4598bf4 VERSION: Disable GIT_SNAPSHOT for the 4.8.12 release. via 162016b23b5 WHATSNEW: Add release notes for Samba 4.8.12. via 169bc039065 CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum via f65b6eab332 CVE-2018-16860 selftest: Add test for S4U2Self with unkeyed checksum via 1d98ed7f186 VERSION: Re-enable GIT_SNAPSHOT. via 287f2fab580 VERSION: Bump version up to 4.8.12. from b7e91b13d4d VERSION: Disable GIT_SNAPSHOT for the 4.8.11 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-8-stable - Log - commit a72d4598bf4a2186769f25050663f4779ea581e0 Author: Karolin Seeger Date: Tue May 7 12:35:52 2019 +0200 VERSION: Disable GIT_SNAPSHOT for the 4.8.12 release. CVE-2018-16860 (Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum) Signed-off-by: Karolin Seeger commit 162016b23b5dedaf819941fb46c6ca5e5469b464 Author: Karolin Seeger Date: Tue May 7 12:34:50 2019 +0200 WHATSNEW: Add release notes for Samba 4.8.12. CVE-2018-16860 (Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum) Signed-off-by: Karolin Seeger commit 169bc039065ea202246bceba8598472711de2346 Author: Isaac Boukris Date: Wed Jan 30 23:49:07 2019 +0200 CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum BUG: https://bugzilla.samba.org/show_bug.cgi?id=13685 Signed-off-by: Isaac Boukris Reviewed-by: Andrew Bartlett Signed-off-by: Andrew Bartlett commit f65b6eab332b0513782d4a18851c836a0da695ac Author: Isaac Boukris Date: Thu Apr 25 22:12:10 2019 +1200 CVE-2018-16860 selftest: Add test for S4U2Self with unkeyed checksum BUG: https://bugzilla.samba.org/show_bug.cgi?id=13685 Signed-off-by: Isaac Boukris Signed-off-by: Andrew Bartlett commit 1d98ed7f186d0f0e32b80c5509b8ce850c86211d Author: Karolin Seeger Date: Tue May 7 12:33:21 2019 +0200 VERSION: Re-enable GIT_SNAPSHOT. Signed-off-by: Karolin Seeger commit 287f2fab58026c2b679f094e22b758042c124142 Author: Karolin Seeger Date: Mon Apr 8 12:28:05 2019 +0200 VERSION: Bump version up to 4.8.12. Signed-off-by: Karolin Seeger (cherry picked from commit d7fef72c6a373e10289675ef180d49d739cd6a5b) --- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 58 +++- source4/heimdal/kdc/krb5tgs.c| 7 ++ source4/torture/krb5/kdc-canon-heimdal.c | 115 +-- 4 files changed, 175 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 355fb3a99a5..d045e35fa06 100644 --- a/VERSION +++ b/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=8 -SAMBA_VERSION_RELEASE=11 +SAMBA_VERSION_RELEASE=12 # If a official release has a serious bug # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index b51ba11f813..3b8f058af8e 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,3 +1,57 @@ + == + Release Notes for Samba 4.8.12 +May 14, 2019 + == + + +This is a security release in order to address the following defect: + +o CVE-2018-16860 (Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum) + + +=== +Details +=== + +o CVE-2018-16860: + The checksum validation in the S4U2Self handler in the embedded Heimdal KDC + did not first confirm that the checksum was keyed, allowing replacement of + the requested target (client) principal. + +For more details and workarounds, please refer to the security advisory. + + +Changes since 4.8.11: +- + +o Isaac Boukris + * BUG 13685: CVE-2018-16860: Heimdal KDC: Reject PA-S4U2Self with unkeyed + checksum. + + +### +Reporting bugs & Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the "Samba 4.1 and newer" product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + +
[SCM] Samba Shared Repository - branch v4-9-test updated
The branch, v4-9-test has been updated via a9f7f1f7433 VERSION: Bump version up to 4.9.9. via d1c15c26703 Merge tag 'samba-4.9.8' into v4-9-test via 9dfd4419b50 VERSION: Disable GIT_SNAPSHOT for the 4.9.8 release. via ff8e3fbae80 WHATSNEW: Add release notes for Samba 4.9.8. via de3fa5d6b94 CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum via 52200468716 CVE-2018-16860 selftest: Add test for S4U2Self with unkeyed checksum via bc1b0ade6ff VERSION: Bump version up to 4.9.8... from 86de3470b4c VERSION: Bump version up to 4.9.8... https://git.samba.org/?p=samba.git;a=shortlog;h=v4-9-test - Log - commit a9f7f1f7433b1f1c18ebf0d88fc57ae270f2711f Author: Karolin Seeger Date: Tue May 14 08:23:03 2019 +0200 VERSION: Bump version up to 4.9.9. Signed-off-by: Karolin Seeger commit d1c15c2670377741588cb46a6c08220493e30bd1 Merge: 86de3470b4c 9dfd4419b50 Author: Karolin Seeger Date: Tue May 14 08:22:26 2019 +0200 Merge tag 'samba-4.9.8' into v4-9-test samba: tag release samba-4.9.8 --- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 58 +++- source4/heimdal/kdc/krb5tgs.c| 7 ++ source4/torture/krb5/kdc-canon-heimdal.c | 115 +-- 4 files changed, 175 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 6d6a27b4aeb..7471561058a 100644 --- a/VERSION +++ b/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=9 -SAMBA_VERSION_RELEASE=8 +SAMBA_VERSION_RELEASE=9 # If a official release has a serious bug # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index d135527fa1b..b0191a14442 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,3 +1,57 @@ + = + Release Notes for Samba 4.9.8 +May 14, 2019 + = + + +This is a security release in order to address the following defect: + +o CVE-2018-16860 (Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum) + + +=== +Details +=== + +o CVE-2018-16860: + The checksum validation in the S4U2Self handler in the embedded Heimdal KDC + did not first confirm that the checksum was keyed, allowing replacement of + the requested target (client) principal. + +For more details and workarounds, please refer to the security advisory. + + +Changes since 4.9.7: + + +o Isaac Boukris + * BUG 13685: CVE-2018-16860: Heimdal KDC: Reject PA-S4U2Self with unkeyed + checksum. + + +### +Reporting bugs & Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the "Samba 4.1 and newer" product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + + +Release notes for older releases follow: + + = Release Notes for Samba 4.9.7 May 1, 2019 @@ -111,8 +165,8 @@ database (https://bugzilla.samba.org/). == -Release notes for older releases follow: - +-- + = Release Notes for Samba 4.9.6 diff --git a/source4/heimdal/kdc/krb5tgs.c b/source4/heimdal/kdc/krb5tgs.c index a888788bb6f..ff7d93138c0 100644 --- a/source4/heimdal/kdc/krb5tgs.c +++ b/source4/heimdal/kdc/krb5tgs.c @@ -1925,6 +1925,13 @@ server_lookup: goto out; } + if (!krb5_checksum_is_keyed(context, self.cksum.cksumtype)) { + free_PA_S4U2Self(); + kdc_log(context, config, 0, "Reject PA-S4U2Self with unkeyed checksum"); + ret = KRB5KRB_AP_ERR_INAPP_CKSUM; + goto out; + } + ret = _krb5_s4u2self_to_checksumdata(context, ,
[SCM] Samba Shared Repository - branch v4-8-test updated
The branch, v4-8-test has been updated via 4d88741a279 VERSION: Bump version up to 4.8.13. via 1a248d16ab9 Merge tag 'samba-4.8.12' into v4-8-test via a72d4598bf4 VERSION: Disable GIT_SNAPSHOT for the 4.8.12 release. via 162016b23b5 WHATSNEW: Add release notes for Samba 4.8.12. via 169bc039065 CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum via f65b6eab332 CVE-2018-16860 selftest: Add test for S4U2Self with unkeyed checksum via 1d98ed7f186 VERSION: Re-enable GIT_SNAPSHOT. via 287f2fab580 VERSION: Bump version up to 4.8.12. from d7fef72c6a3 VERSION: Bump version up to 4.8.12. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-8-test - Log - commit 4d88741a2798d44d7b2ed28302e2d9816ac894fc Author: Karolin Seeger Date: Tue May 14 08:25:33 2019 +0200 VERSION: Bump version up to 4.8.13. Signed-off-by: Karolin Seeger commit 1a248d16ab941491edcbf2ac8ba0f88cd7c65c29 Merge: d7fef72c6a3 a72d4598bf4 Author: Karolin Seeger Date: Tue May 14 08:25:01 2019 +0200 Merge tag 'samba-4.8.12' into v4-8-test samba: tag release samba-4.8.12 --- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 58 +++- source4/heimdal/kdc/krb5tgs.c| 7 ++ source4/torture/krb5/kdc-canon-heimdal.c | 115 +-- 4 files changed, 175 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 1491cac258d..e7942192ceb 100644 --- a/VERSION +++ b/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=8 -SAMBA_VERSION_RELEASE=12 +SAMBA_VERSION_RELEASE=13 # If a official release has a serious bug # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index b51ba11f813..3b8f058af8e 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,3 +1,57 @@ + == + Release Notes for Samba 4.8.12 +May 14, 2019 + == + + +This is a security release in order to address the following defect: + +o CVE-2018-16860 (Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum) + + +=== +Details +=== + +o CVE-2018-16860: + The checksum validation in the S4U2Self handler in the embedded Heimdal KDC + did not first confirm that the checksum was keyed, allowing replacement of + the requested target (client) principal. + +For more details and workarounds, please refer to the security advisory. + + +Changes since 4.8.11: +- + +o Isaac Boukris + * BUG 13685: CVE-2018-16860: Heimdal KDC: Reject PA-S4U2Self with unkeyed + checksum. + + +### +Reporting bugs & Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the "Samba 4.1 and newer" product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + + +Release notes for older releases follow: + + == Release Notes for Samba 4.8.11 April 8, 2019 @@ -49,8 +103,8 @@ database (https://bugzilla.samba.org/). == -Release notes for older releases follow: - +-- + == Release Notes for Samba 4.8.10 diff --git a/source4/heimdal/kdc/krb5tgs.c b/source4/heimdal/kdc/krb5tgs.c index a888788bb6f..ff7d93138c0 100644 --- a/source4/heimdal/kdc/krb5tgs.c +++ b/source4/heimdal/kdc/krb5tgs.c @@ -1925,6 +1925,13 @@ server_lookup: goto out; } + if (!krb5_checksum_is_keyed(context, self.cksum.cksumtype)) { + free_PA_S4U2Self(); + kdc_log(context, config, 0, "Reject PA-S4U2Self with unkeyed checksum"); + ret = KRB5KRB_AP_ERR_INAPP_CKSUM; + goto out; +
[SCM] Samba Shared Repository - branch v4-9-stable updated
The branch, v4-9-stable has been updated via 9dfd4419b50 VERSION: Disable GIT_SNAPSHOT for the 4.9.8 release. via ff8e3fbae80 WHATSNEW: Add release notes for Samba 4.9.8. via de3fa5d6b94 CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum via 52200468716 CVE-2018-16860 selftest: Add test for S4U2Self with unkeyed checksum via bc1b0ade6ff VERSION: Bump version up to 4.9.8... from c8e9b9fe7cc VERSION: Disable GIT_SNAPSHOT for the 4.9.7 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-9-stable - Log - commit 9dfd4419b50b17ed916957372829057af8e27893 Author: Karolin Seeger Date: Tue May 7 12:25:56 2019 +0200 VERSION: Disable GIT_SNAPSHOT for the 4.9.8 release. CVE-2018-16860 (Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum) Signed-off-by: Karolin Seeger commit ff8e3fbae80e62f1b0f8b638a171e913a14b231a Author: Karolin Seeger Date: Tue May 7 12:24:55 2019 +0200 WHATSNEW: Add release notes for Samba 4.9.8. CVE-2018-16860 (Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum) Signed-off-by: Karolin Seeger commit de3fa5d6b9462bd8c5bc01cf1ae89fa997009ae7 Author: Isaac Boukris Date: Wed Jan 30 23:49:07 2019 +0200 CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum BUG: https://bugzilla.samba.org/show_bug.cgi?id=13685 Signed-off-by: Isaac Boukris Reviewed-by: Andrew Bartlett Signed-off-by: Andrew Bartlett commit 522004687162c3dfad87581ce930b21c9ecdf834 Author: Isaac Boukris Date: Thu Apr 25 22:12:10 2019 +1200 CVE-2018-16860 selftest: Add test for S4U2Self with unkeyed checksum BUG: https://bugzilla.samba.org/show_bug.cgi?id=13685 Signed-off-by: Isaac Boukris Signed-off-by: Andrew Bartlett commit bc1b0ade6ff84fd16fa58d357497b317ba04cbff Author: Karolin Seeger Date: Tue Apr 16 12:39:04 2019 +0200 VERSION: Bump version up to 4.9.8... and re-enable GIT_SNAPSHOT. Signed-off-by: Karolin Seeger (cherry picked from commit 86de3470b4c342857d1c8408929ef4637fdf1937) --- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 58 +++- source4/heimdal/kdc/krb5tgs.c| 7 ++ source4/torture/krb5/kdc-canon-heimdal.c | 115 +-- 4 files changed, 175 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index ba6fe8a24b9..1833b6c24d0 100644 --- a/VERSION +++ b/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=9 -SAMBA_VERSION_RELEASE=7 +SAMBA_VERSION_RELEASE=8 # If a official release has a serious bug # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index d135527fa1b..b0191a14442 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,3 +1,57 @@ + = + Release Notes for Samba 4.9.8 +May 14, 2019 + = + + +This is a security release in order to address the following defect: + +o CVE-2018-16860 (Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum) + + +=== +Details +=== + +o CVE-2018-16860: + The checksum validation in the S4U2Self handler in the embedded Heimdal KDC + did not first confirm that the checksum was keyed, allowing replacement of + the requested target (client) principal. + +For more details and workarounds, please refer to the security advisory. + + +Changes since 4.9.7: + + +o Isaac Boukris + * BUG 13685: CVE-2018-16860: Heimdal KDC: Reject PA-S4U2Self with unkeyed + checksum. + + +### +Reporting bugs & Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the "Samba 4.1 and newer" product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + + +Release notes for older releases follow: + + = Release Notes for Samba 4.9.7 May
[SCM] Samba Shared Repository - annotated tag samba-4.8.12 created
The annotated tag, samba-4.8.12 has been created at a5461cbf0307fc29c89ac9318d9e89e45a7c79f6 (tag) tagging a72d4598bf4a2186769f25050663f4779ea581e0 (commit) replaces samba-4.8.11 tagged by Karolin Seeger on Tue May 7 12:37:45 2019 +0200 - Log - samba: tag release samba-4.8.12 -BEGIN PGP SIGNATURE- iF0EABECAB0WIQRS+8C4bZVLCEMyTNxvM5FbZWi36gUCXNFf+QAKCRBvM5FbZWi3 6i7sAKDH+ZpZpfeMsgFYPq3EPcm/stlFvACeO+vChwYJshHz8rBX7feZckZQa6c= =4GQl -END PGP SIGNATURE- Isaac Boukris (2): CVE-2018-16860 selftest: Add test for S4U2Self with unkeyed checksum CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum Karolin Seeger (4): VERSION: Bump version up to 4.8.12. VERSION: Re-enable GIT_SNAPSHOT. WHATSNEW: Add release notes for Samba 4.8.12. VERSION: Disable GIT_SNAPSHOT for the 4.8.12 release. --- -- Samba Shared Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via af4ea9b NEWS[4.10.3]: Samba 4.10.3, 4.9.8 and 4.8.12 Security Releases Available from 60eab79 Add Samba 4.9.7 to the list. https://git.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit af4ea9b9d702945c2f4583be5d71933635a6b519 Author: Karolin Seeger Date: Tue May 7 11:12:08 2019 +0200 NEWS[4.10.3]: Samba 4.10.3, 4.9.8 and 4.8.12 Security Releases Available Signed-off-by: Karolin Seeger --- Summary of changes: history/header_history.html | 3 + history/samba-4.10.3.html| 53 history/{samba-4.8.11.html => samba-4.8.12.html} | 34 ++--- history/samba-4.9.8.html | 53 history/security.html| 18 +++ posted_news/20190510-082106.4.10.3.body.html | 23 posted_news/20190510-082106.4.10.3.headline.html | 4 + security/CVE-2018-16860.html | 165 +++ 8 files changed, 336 insertions(+), 17 deletions(-) create mode 100644 history/samba-4.10.3.html copy history/{samba-4.8.11.html => samba-4.8.12.html} (50%) create mode 100644 history/samba-4.9.8.html create mode 100644 posted_news/20190510-082106.4.10.3.body.html create mode 100644 posted_news/20190510-082106.4.10.3.headline.html create mode 100644 security/CVE-2018-16860.html Changeset truncated at 500 lines: diff --git a/history/header_history.html b/history/header_history.html index 7d361df..229a679 100755 --- a/history/header_history.html +++ b/history/header_history.html @@ -9,9 +9,11 @@ Release Notes + samba-4.10.3 samba-4.10.2 samba-4.10.1 samba-4.10.0 + samba-4.9.8 samba-4.9.7 samba-4.9.6 samba-4.9.5 @@ -20,6 +22,7 @@ samba-4.9.2 samba-4.9.1 samba-4.9.0 + samba-4.8.12 samba-4.8.11 samba-4.8.10 samba-4.8.9 diff --git a/history/samba-4.10.3.html b/history/samba-4.10.3.html new file mode 100644 index 000..bc5148e --- /dev/null +++ b/history/samba-4.10.3.html @@ -0,0 +1,53 @@ +http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd;> +http://www.w3.org/1999/xhtml;> + +Samba 4.10.3 - Release Notes + + +Samba 4.10.3 Available for Download + +https://download.samba.org/pub/samba/stable/samba-4.10.3.tar.gz;>Samba 4.10.3 (gzipped) +https://download.samba.org/pub/samba/stable/samba-4.10.3.tar.asc;>Signature + + +https://download.samba.org/pub/samba/patches/samba-4.10.2-4.10.3.diffs.gz;>Patch (gzipped) against Samba 4.10.2 +https://download.samba.org/pub/samba/patches/samba-4.10.2-4.10.3.diffs.asc;>Signature + + + + == + Release Notes for Samba 4.10.3 +May 14, 2019 + == + + +This is a security release in order to address the following defect: + +o CVE-2018-16860 (Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum) + + +=== +Details +=== + +o CVE-2018-16860: + The checksum validation in the S4U2Self handler in the embedded Heimdal KDC + did not first confirm that the checksum was keyed, allowing replacement of + the requested target (client) principal. + +For more details and workarounds, please refer to the security advisory. + + +Changes since 4.10.2: +- + +o Isaac Boukris ibouk...@gmail.com + * BUG 13685: CVE-2018-16860: Heimdal KDC: Reject PA-S4U2Self with unkeyed + checksum. + + + + + + diff --git a/history/samba-4.8.11.html b/history/samba-4.8.12.html similarity index 50% copy from history/samba-4.8.11.html copy to history/samba-4.8.12.html index 5be432b..ad104eb 100644 --- a/history/samba-4.8.11.html +++ b/history/samba-4.8.12.html @@ -2,49 +2,49 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd;> http://www.w3.org/1999/xhtml;> -Samba 4.8.11 - Release Notes +Samba 4.8.12 - Release Notes -Samba 4.8.11 Available for Download +Samba 4.8.12 Available for Download -https://download.samba.org/pub/samba/stable/samba-4.8.11.tar.gz;>Samba 4.8.11 (gzipped) -https://download.samba.org/pub/samba/stable/samba-4.8.11.tar.asc;>Signature +https://download.samba.org/pub/samba/stable/samba-4.8.12.tar.gz;>Samba 4.8.12 (gzipped) +https://download.samba.org/pub/samba/stable/samba-4.8.12.tar.asc;>Signature -https://download.samba.org/pub/samba/patches/samba-4.8.10-4.8.11.diffs.gz;>Patch (gzipped) against Samba 4.8.10
[SCM] Samba Shared Repository - annotated tag samba-4.9.8 created
The annotated tag, samba-4.9.8 has been created at e97437961bd62312a17441ff04d2f177a4f33b00 (tag) tagging 9dfd4419b50b17ed916957372829057af8e27893 (commit) replaces samba-4.9.7 tagged by Karolin Seeger on Tue May 7 12:30:53 2019 +0200 - Log - samba: tag release samba-4.9.8 -BEGIN PGP SIGNATURE- iF0EABECAB0WIQRS+8C4bZVLCEMyTNxvM5FbZWi36gUCXNFeXQAKCRBvM5FbZWi3 6mgVAJsHm4k4CQpvyJ+fV1/ie72P5cLIQwCfQ05UO3tjAcIFgApgWleViFf4u/k= =GrWT -END PGP SIGNATURE- Isaac Boukris (2): CVE-2018-16860 selftest: Add test for S4U2Self with unkeyed checksum CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum Karolin Seeger (3): VERSION: Bump version up to 4.9.8... WHATSNEW: Add release notes for Samba 4.9.8. VERSION: Disable GIT_SNAPSHOT for the 4.9.8 release. --- -- Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag samba-4.10.3 created
The annotated tag, samba-4.10.3 has been created at 12d7ef3f8273e36f0fec477794d92d327ea76e22 (tag) tagging 70a164b3214026fe6f94c7b4c468c49d0557e2e5 (commit) replaces samba-4.10.2 tagged by Karolin Seeger on Tue May 7 11:11:51 2019 +0200 - Log - samba: tag release samba-4.10.3 -BEGIN PGP SIGNATURE- iF0EABECAB0WIQRS+8C4bZVLCEMyTNxvM5FbZWi36gUCXNFL1wAKCRBvM5FbZWi3 6qRXAJ4i9RdxsWDYeOEdhx6YuZr6L4GVsQCgvpvHnDL+FLrb2bNKsT0Gwf01+ZA= =fcvC -END PGP SIGNATURE- Isaac Boukris (2): CVE-2018-16860 selftest: Add test for S4U2Self with unkeyed checksum CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum Karolin Seeger (4): VERSION: Bump version up to 4.10.3. VERSION: Re-enable GIT_SNAPSHOT. WHATSNEW: Add release notes for Samba 4.10.3. VERSION: Disable GIT_SNAPSHOT for the 4.10.3 release. --- -- Samba Shared Repository