Overview
Request 113255 accepted
- Update to 3.6.4.
- Samba pre-3.6.4 are affected by a vulnerability that allows remote code exe-
cution as the "root" user; PIDL based autogenerated code allows overwriting
beyond of allocated array; CVE-2012-1182; (bso#8815); (bnc#752797).
- s3-winbindd: Only use SamLogonEx when we can get unencrypted session keys;
(bso#8599).
- Correctly handle DENY ACEs when privileges apply; (bso#8797).
- s3:smb2_server: fix a logic error, we should sign non guest sessions;
(bso8749).
- Allow vfs_aio_pthread to build as a static module; (bso#8723).
- s3:dbwrap_ctdb: return the number of records in db_ctdb_traverse() for
persistent dbs; (#bso8527).
- s3: segfault in dom_sid_compare(bso#8567).
- Honor SeTakeOwnershiPrivilege when client asks for SEC_STD_WRITE_OWNER;
(bso#8768).
- s3-winbindd: Close netlogon connection if the status returned by the
NetrSamLogonEx call is timeout in the pam_auth_crap path; (bso#8771).
- s3-winbindd: set the can_do_validation6 also for trusted domain; (bso#8599).
- Fix problem when calculating the share security mask, take priviliges into
account for the connecting user; (bso#8784).
- Fix crash in dcerpc_lsa_lookup_sids_noalloc() with over 1000 groups;
(bso#8807); (bnc#751454).
Request History
lmuelle created request
- Update to 3.6.4.
- Samba pre-3.6.4 are affected by a vulnerability that allows remote code exe-
cution as the "root" user; PIDL based autogenerated code allows overwriting
beyond of allocated array; CVE-2012-1182; (bso#8815); (bnc#752797).
- s3-winbindd: Only use SamLogonEx when we can get unencrypted session keys;
(bso#8599).
- Correctly handle DENY ACEs when privileges apply; (bso#8797).
- s3:smb2_server: fix a logic error, we should sign non guest sessions;
(bso8749).
- Allow vfs_aio_pthread to build as a static module; (bso#8723).
- s3:dbwrap_ctdb: return the number of records in db_ctdb_traverse() for
persistent dbs; (#bso8527).
- s3: segfault in dom_sid_compare(bso#8567).
- Honor SeTakeOwnershiPrivilege when client asks for SEC_STD_WRITE_OWNER;
(bso#8768).
- s3-winbindd: Close netlogon connection if the status returned by the
NetrSamLogonEx call is timeout in the pam_auth_crap path; (bso#8771).
- s3-winbindd: set the can_do_validation6 also for trusted domain; (bso#8599).
- Fix problem when calculating the share security mask, take priviliges into
account for the connecting user; (bso#8784).
- Fix crash in dcerpc_lsa_lookup_sids_noalloc() with over 1000 groups;
(bso#8807); (bnc#751454).
factory-auto added a reviewer
Please review sources
saschpe approved review
Thanks
coolo accepted request
checkin
licensedigger accepted review
{"approve": "preliminary, version number changed"}
factory-auto accepted review
Builds for repo openSUSE_Factory
saschpe accepted review
Thanks