[Pkg-samba-maint] [samba] annotated tag upstream/4.5.8+dfsg created (now 392beb8)

Mathieu Parent sathieu at moszumanska.debian.org
Wed Nov 8 20:15:16 UTC 2017 

This is an automated email from the git hooks/post-receive script.

sathieu pushed a change to annotated tag upstream/4.5.8+dfsg
in repository samba.

        at  392beb8   (tag)
   tagging  552f08f2607bbcf9ce5009b2cfe6161bc0743f3b (commit)
  replaces  upstream/4.5.6+dfsg
 tagged by  Mathieu Parent
        on  Sat Apr 1 17:32:08 2017 +0200

- Log -----------------------------------------------------------------
Upstream version 4.5.8+dfsg

Jeremy Allison (17):
      CVE-2017-2619: s3: smbd: Create wrapper function for OpenDir in preparation for making robust.
      CVE-2017-2619: s3: smbd: Opendir_internal() early return if SMB_VFS_OPENDIR failed.
      CVE-2017-2619: s3: smbd: Create and use open_dir_safely(). Use from OpenDir().
      CVE-2017-2619: s3: smbd: OpenDir_fsp() use early returns.
      CVE-2017-2619: s3: smbd: OpenDir_fsp() - Fix memory leak on error.
      CVE-2017-2619: s3: smbd: Move the reference counting and destructor setup to just before retuning success.
      CVE-2017-2619: s3: smbd: Correctly fallback to open_dir_safely if FDOPENDIR not supported on system.
      CVE-2017-2619: s3: smbd: Remove O_NOFOLLOW guards. We insist on O_NOFOLLOW existing.
      CVE-2017-2619: s3: smbd: Move special handling of symlink errno's into a utility function.
      CVE-2017-2619: s3: smbd: Add the core functions to prevent symlink open races.
      CVE-2017-2619: s3: smbd: Use the new non_widelink_open() function.
      s3: smbd: Fix incorrect logic exposed by fix for the security bug 12496 (CVE-2017-2619).
      s3: Test for CVE-2017-2619 regression with "follow symlinks = no".
      s3: Fixup test for CVE-2017-2619 regression with "follow symlinks = no"
      s3: smbd: Fix "follow symlink = no" regression part 2.
      s3: smbd: Fix "follow symlink = no" regression part 2.
      s3: Test for CVE-2017-2619 regression with "follow symlinks = no" - part 2

Karolin Seeger (7):
      VERSION: Bump version up to 4.5.7...
      WHATSNEW: Add release notes for Samba 4.5.7.
      VERSION: Disable GIT_SNAPSHOTS for the 4.5.7 release.
      VERSION: Up to Samba 4.5.8.
      VERSION: Re-enable GIT_SNAPSHOTS.
      WHATSNEW: Add release notes for Samba 4.5.8.
      VERSION: Disable GIT_SNAPSHOTS for the 4.5.8 release.

Mathieu Parent (1):
      New upstream version 4.5.8+dfsg

Ralph Boehme (2):
      CVE-2017-2619: s3/smbd: re-open directory after dptr_CloseDir()
      CVE-2017-2619: s4/torture: add SMB2_FIND tests with SMB2_CONTINUE_FLAG_REOPEN flag

-----------------------------------------------------------------------

No new revisions were added by this update.

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-samba/samba.git

More information about the Pkg-samba-maint mailing list