f69f27f06c
Release notes: https://www.samba.org/samba/history/samba-4.14.10.html This is a security release in order to address the following defects: o CVE-2016-2124: SMB1 client connections can be downgraded to plaintext authentication. https://www.samba.org/samba/security/CVE-2016-2124.html o CVE-2020-25717: A user on the domain can become root on domain members. https://www.samba.org/samba/security/CVE-2020-25717.html (PLEASE READ! There are important behaviour changes described) o CVE-2020-25718: Samba AD DC did not correctly sandbox Kerberos tickets issued by an RODC. https://www.samba.org/samba/security/CVE-2020-25718.html o CVE-2020-25719: Samba AD DC did not always rely on the SID and PAC in Kerberos tickets. https://www.samba.org/samba/security/CVE-2020-25719.html o CVE-2020-25721: Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). https://www.samba.org/samba/security/CVE-2020-25721.html o CVE-2020-25722: Samba AD DC did not do suffienct access and conformance checking of data stored. https://www.samba.org/samba/security/CVE-2020-25722.html o CVE-2021-3738: Use after free in Samba AD DC RPC server. https://www.samba.org/samba/security/CVE-2021-3738.html o CVE-2021-23192: Subsequent DCE/RPC fragment injection vulnerability. https://www.samba.org/samba/security/CVE-2021-23192.html Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> |
||
|---|---|---|
| .. | ||
| 0001-libreplace-disable-libbsd-support.patch | ||
| 0002-build-find-pre-built-heimdal-build-tools-in-case-of-.patch | ||
| 0003-Fix-unistd.h-include.patch | ||
| 0004-ldap_message_test.c-include-stdint.h-before-cmoka.h.patch | ||
| 0005-dcesrv_core-fix-build.patch | ||
| Config.in | ||
| S91smb | ||
| samba4-cache.txt | ||
| samba4.hash | ||
| samba4.mk | ||