[Pkg-samba-maint] [Git][samba-team/samba][master] 2 commits: update libldb symbols to 2.6.2
Michael Tokarev (@mjt)
gitlab at salsa.debian.org
Wed Mar 29 16:27:17 BST 2023
Michael Tokarev pushed to branch master at Debian Samba Team / samba
Commits:
515d24d9 by Michael Tokarev at 2023-03-29T18:23:43+03:00
update libldb symbols to 2.6.2
- - - - -
e437c928 by Michael Tokarev at 2023-03-29T18:25:10+03:00
update changelog; upload version 4.17.7+dfsg-1 to unstable
- - - - -
3 changed files:
- debian/changelog
- debian/libldb2.symbols
- debian/python3-ldb.symbols.in
Changes:
=====================================
debian/changelog
=====================================
@@ -1,3 +1,25 @@
+samba (2:4.17.7+dfsg-1) unstable; urgency=high
+
+ * upstream stable/security/bugfix release, fixing the following issues:
+ o CVE-2023-0225: An incomplete access check on dnsHostName allows
+ authenticated but otherwise unprivileged users to delete this
+ attribute from any object in the directory.
+ https://www.samba.org/samba/security/CVE-2023-0225.html
+ o CVE-2023-0922: The Samba AD DC administration tool, when operating
+ against a remote LDAP server, will by default send new or reset
+ passwords over a signed-only connection.
+ https://www.samba.org/samba/security/CVE-2023-0922.html
+ o CVE-2023-0614: Fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919
+ Confidential attribute disclosure via LDAP filters was insufficient and
+ an attacker may be able to obtain confidential BitLocker recovery keys
+ from a Samba AD DC. Installations with such secrets in their Samba AD
+ should assume they have been obtained and need replacing.
+ https://www.samba.org/samba/security/CVE-2023-0614.html
+ Closes: CVE-2023-0225 CVE-2023-0922 CVE-2023-0614
+ * update libldb symbols and versions
+
+ -- Michael Tokarev <mjt at tls.msk.ru> Wed, 29 Mar 2023 17:59:17 +0300
+
samba (2:4.17.6+dfsg-1) unstable; urgency=medium
* new upstream stable/bugfix release 4.17.6:
=====================================
debian/libldb2.symbols
=====================================
@@ -78,6 +78,7 @@ libldb.so.2 #PACKAGE# #MINVER#
LDB_2.5.0 at LDB_2.5.0 2:2.5.0
LDB_2.6.0 at LDB_2.6.0 2:2.6.0
LDB_2.6.1 at LDB_2.6.1 2:2.6.1
+ LDB_2.6.2 at LDB_2.6.2 2:2.6.2
ldb_check_critical_controls at LDB_0.9.22 0.9.22
ldb_controls_except_specified at LDB_0.9.22 0.9.22
ldb_control_to_string at LDB_1.0.2 1.0.2~git20110403
@@ -167,6 +168,7 @@ libldb.so.2 #PACKAGE# #MINVER#
ldb_extended at LDB_0.9.10 0.9.21
ldb_extended_default_callback at LDB_0.9.10 0.9.21
ldb_filter_attrs at LDB_2.0.1 2:2.0.1
+ ldb_filter_attrs_in_place at LDB_2.6.2 2:2.6.2
ldb_filter_from_tree at LDB_0.9.10 0.9.21
ldb_get_config_basedn at LDB_0.9.10 0.9.21
ldb_get_create_perms at LDB_0.9.10 0.9.21
@@ -206,6 +208,7 @@ libldb.so.2 #PACKAGE# #MINVER#
ldb_match_msg at LDB_0.9.10 0.9.21
ldb_match_msg_error at LDB_0.9.15 0.9.21
ldb_match_msg_objectclass at LDB_0.9.10 0.9.21
+ ldb_match_scope at LDB_2.6.2 2:2.6.2
ldb_mod_register_control at LDB_0.9.10 0.9.21
ldb_modify at LDB_0.9.10 0.9.21
ldb_modify_default_callback at LDB_0.9.12 0.9.21
@@ -230,6 +233,7 @@ libldb.so.2 #PACKAGE# #MINVER#
ldb_modules_list_from_string at LDB_0.9.10 0.9.21
ldb_modules_load at LDB_0.9.18 0.9.21
ldb_msg_add at LDB_0.9.10 0.9.21
+ ldb_msg_add_distinguished_name at LDB_2.6.2 2:2.6.2
ldb_msg_add_empty at LDB_0.9.10 0.9.21
ldb_msg_add_fmt at LDB_0.9.10 0.9.21
ldb_msg_add_linearized_dn at LDB_0.9.10 0.9.21
@@ -255,6 +259,9 @@ libldb.so.2 #PACKAGE# #MINVER#
ldb_msg_element_compare at LDB_0.9.10 0.9.21
ldb_msg_element_compare_name at LDB_0.9.10 0.9.21
ldb_msg_element_equal_ordered at LDB_1.1.6 1:1.1.6
+ ldb_msg_element_is_inaccessible at LDB_2.6.2 2:2.6.2
+ ldb_msg_element_mark_inaccessible at LDB_2.6.2 2:2.6.2
+ ldb_msg_elements_take_ownership at LDB_2.6.2 2:2.6.2
ldb_msg_find_attr_as_bool at LDB_0.9.10 0.9.21
ldb_msg_find_attr_as_dn at LDB_0.9.10 0.9.21
ldb_msg_find_attr_as_double at LDB_0.9.10 0.9.21
@@ -272,8 +279,10 @@ libldb.so.2 #PACKAGE# #MINVER#
ldb_msg_normalize at LDB_0.9.15 0.9.21
ldb_msg_remove_attr at LDB_0.9.10 0.9.21
ldb_msg_remove_element at LDB_0.9.10 0.9.21
+ ldb_msg_remove_inaccessible at LDB_2.6.2 2:2.6.2
ldb_msg_rename_attr at LDB_0.9.10 0.9.21
ldb_msg_sanity_check at LDB_0.9.10 0.9.21
+ ldb_msg_shrink_to_fit at LDB_2.6.2 2:2.6.2
ldb_msg_sort_elements at LDB_0.9.10 0.9.21
ldb_next_del_trans at LDB_0.9.10 0.9.21
ldb_next_end_trans at LDB_0.9.10 0.9.21
@@ -294,12 +303,14 @@ libldb.so.2 #PACKAGE# #MINVER#
ldb_parse_tree at LDB_0.9.10 0.9.21
ldb_parse_tree_attr_replace at LDB_0.9.10 0.9.21
ldb_parse_tree_copy_shallow at LDB_0.9.10 0.9.21
+ ldb_parse_tree_get_attr at LDB_2.6.2 2:2.6.2
ldb_parse_tree_walk at LDB_1.1.2 1.1.2~
ldb_qsort at LDB_0.9.10 0.9.21
ldb_register_backend at LDB_0.9.10 0.9.21
ldb_register_extended_match_rule at LDB_1.1.19 1:1.1.20
ldb_register_hook at LDB_0.9.18 0.9.21
ldb_register_module at LDB_0.9.10 0.9.21
+ ldb_register_redact_callback at LDB_2.6.2 2:2.6.2
ldb_rename at LDB_0.9.10 0.9.21
ldb_reply_add_control at LDB_0.9.10 0.9.21
ldb_reply_get_control at LDB_0.9.10 0.9.21
=====================================
debian/python3-ldb.symbols.in
=====================================
@@ -61,6 +61,7 @@
PYLDB_UTIL_2.5.0 at PYLDB_UTIL_2.5.0 2:2.5.0
PYLDB_UTIL_2.6.0 at PYLDB_UTIL_2.6.0 2:2.6.0
PYLDB_UTIL_2.6.1 at PYLDB_UTIL_2.6.1 2:2.6.1
+ PYLDB_UTIL_2.6.2 at PYLDB_UTIL_2.6.2 2:2.6.2
pyldb_Dn_FromDn at PYLDB_UTIL_1.1.2 2:2.0.7
pyldb_Object_AsDn at PYLDB_UTIL_1.1.2 2:2.0.7
pyldb_check_type at PYLDB_UTIL_2.1.0 2:2.1.0
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/d5f92012ce4fcc2b9e41d516cf09f1c98053d0d8...e437c9288a3c7135f7538889cc3f770886b69d58
--
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/d5f92012ce4fcc2b9e41d516cf09f1c98053d0d8...e437c9288a3c7135f7538889cc3f770886b69d58
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-samba-maint/attachments/20230329/07f9b775/attachment-0001.htm>
More information about the Pkg-samba-maint
mailing list