#13751 closed enhancement (fixed)
Samba-4.12.5
| Reported by: | Douglas R. Reno | Owned by: | Douglas R. Reno |
|---|---|---|---|
| Priority: | high | Milestone: | 10.0 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description ¶
New security release (plus a point release attached at the end, came out 30 minutes ago)
Change History (6)
comment:1 by , 5 years ago
| Priority: | normal → high |
|---|
comment:2 by , 5 years ago
And now the changelog:
Changes since 4.12.4
--------------------
o Jeremy Allison <jra@samba.org>
* BUG 14301: Fix smbd panic on force-close share during async io.
* BUG 14374: Fix segfault when using SMBC_opendir_ctx() routine for share
folder that contains incorrect symbols in any file name.
* BUG 14391: Fix DFS links.
o Andrew Bartlett <abartlet@samba.org>
* BUG 14310: Can't use DNS functionality after a Windows DC has been in
domain.
o Alexander Bokovoy <ab@samba.org>
* BUG 14413: ldapi search to FreeIPA crashes.
o Isaac Boukris <iboukris@gmail.com>
* BUG 14396: Add net-ads-join dnshostname=fqdn option.
* BUG 14406: Fix adding msDS-AdditionalDnsHostName to keytab with Windows DC.
o Björn Jacke <bj@sernet.de>
* BUG 14386: docs-xml: Update list of posible VFS operations for
vfs_full_audit.
o Volker Lendecke <vl@samba.org>
* BUG 14382: winbindd: Fix a use-after-free when winbind clients exit.
o Andreas Schneider <asn@samba.org>
* BUG 14370: Client tools are not able to read gencache anymore.
comment:3 by , 5 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
Note:
See TracTickets
for help on using tickets.
Vulnerability Details
Release Announcements --------------------- These are security release in order to address the following defects: o CVE-2020-10730: NULL pointer de-reference and use-after-free in Samba AD DC LDAP Server with ASQ, VLV and paged_results. o CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume excessive CPU o CVE-2020-10760: LDAP Use-after-free in Samba AD DC Global Catalog with paged_results and VLV. o CVE-2020-14303: Empty UDP packet DoS in Samba AD DC nbtd. ======= Details ======= o CVE-2020-10730: A client combining the 'ASQ' and 'VLV' LDAP controls can cause a NULL pointer de-reference and further combinations with the LDAP paged_results feature can give a use-after-free in Samba's AD DC LDAP server. o CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume excessive CPU. o CVE-2020-10760: The use of the paged_results or VLV controls against the Global Catalog LDAP server on the AD DC will cause a use-after-free. o CVE-2020-14303: The AD DC NBT server in Samba 4.0 will enter a CPU spin and not process further requests once it receives an empty (zero-length) UDP packet to port 137. For more details, please refer to the security advisories. Changes since 4.12.3 -------------------- o Douglas Bagnall <douglas.bagnall@catalyst.net.nz> * BUG 14378: CVE-2020-10745: Invalid DNS or NBT queries containing dots use several seconds of CPU each. o Andrew Bartlett <abartlet@samba.org> * BUG 14364: CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and VLV combined. * BUG 14402: CVE-2020-10760: Fix use-after-free in AD DC Global Catalog LDAP server with paged_result or VLV. * BUG 14417: CVE-2020-14303: Fix endless loop from empty UDP packet sent to AD DC nbt_server. o Gary Lockyer <gary@catalyst.net.nz> * BUG 14364: CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and VLV combined, ldb: Bump version to 2.1.4.