Hi,
I understand that bug 12497 was originally made private before the
fixes were released, since a CVE was involved.
>From the summary details below, I think that some of my DCs might be
suffering from this bug and I would like to find out more info on it -
however, even after logging into bugzilla I still can't view the
details.
I'm not sure what samba policy is in cases such as this - will the bug
remain private?
https://bugzilla.samba.org/show_bug.cgi?id=12497
Thanks
Jonathan
On Tue, 21 Jan 2020 at 11:10, Jonathan Hunter <jmhunter1 at gmail.com>
wrote:>
> Thanks, all.
>
> This is good news for me in that I think I may have been suffering
> from bug 12497 for some time; at least, on the surface it would
> explain the problems I have had in accessing parts of my tree that
> have custom ACLs.
>
> Is this bug able to be made public on bugzilla now? Even after logging
> in I can't view the bug yet; I guess because it had been made private
> until this announcement was published.
>
> I'd like to look into the details so that I can plan what remedial
> action I need to take - i.e. if I have one DC with ACLs that work, and
> others where I can't query parts of the tree, do I need to be careful
> about replication; is there a 'forward-fix' script as part of
one-time
> upgrade to these versions; etc.
>
> Many thanks :)
>
> Jonathan
>
> On Tue, 21 Jan 2020 at 09:57, Karolin Seeger via samba
> <samba at lists.samba.org> wrote:
> >
> > Release Announcements
> > ---------------------
> >
> > These are security releases in order to address the following defects:
> >
> > o CVE-2019-14902: Replication of ACLs set to inherit down a subtree on
AD
> > Directory not automatic.
> > o CVE-2019-14907: Crash after failed character conversion at log level
3 or
> > above.
> > o CVE-2019-19344: Use after free during DNS zone scavenging in Samba
AD DC.
> >
> >
> > ======> > Details
> > ======> >
> > o CVE-2019-14902:
> > The implementation of ACL inheritance in the Samba AD DC was not
complete,
> > and so absent a 'full-sync' replication, ACLs could get out
of sync between
> > domain controllers.
> >
> > o CVE-2019-14907:
> > When processing untrusted string input Samba can read past the end
of the
> > allocated buffer when printing a "Conversion error"
message to the logs.
> >
> > o CVE-2019-19344:
> > During DNS zone scavenging (of expired dynamic entries) there is a
read of
> > memory after it has been freed.
> >
> > For more details and workarounds, please refer to the security
advisories.
> >
> >
> > Changes:
> > --------
> >
> > o Andrew Bartlett <abartlet at samba.org>
> > * BUG 12497: CVE-2019-14902: Replication of ACLs down subtree on AD
Directory
> > not automatic.
> > * BUG 14208: CVE-2019-14907: lib/util: Do not print the failed to
convert
> > string into the logs.
> >
> > o Gary Lockyer <gary at catalyst.net.nz>
> > * BUG 14050: CVE-2019-19344: kcc dns scavenging: Fix use after free
in
> > dns_tombstone_records_zone.
> >
> >
> > #######################################
> > Reporting bugs & Development Discussion
> > #######################################
> >
> > Please discuss this release on the samba-technical mailing list or by
> > joining the #samba-technical IRC channel on irc.freenode.net.
> >
> > If you do report problems then please try to send high quality
> > feedback. If you don't provide vital information to help us track
down
> > the problem then you will probably be ignored. All bug reports should
> > be filed under the "Samba 4.1 and newer" product in the
project's Bugzilla
> > database (https://bugzilla.samba.org/).
> >
> >
> >
=====================================================================> >
== Our Code, Our Bugs, Our Responsibility.
> > == The Samba Team
> >
=====================================================================> >
> >
> >
> > ===============> > Download Details
> > ===============> >
> > The uncompressed tarballs and patch files have been signed
> > using GnuPG (ID 6F33915B6568B7EA). The source code can be downloaded
> > from:
> >
> > https://download.samba.org/pub/samba/stable/
> >
> > The release notes are available online at:
> >
> > https://www.samba.org/samba/history/samba-4.11.5.html
> > https://www.samba.org/samba/history/samba-4.10.12.html
> > https://www.samba.org/samba/history/samba-4.9.18.html
> >
> > Our Code, Our Bugs, Our Responsibility.
> > (https://bugzilla.samba.org/)
> >
> > --Enjoy
> > The Samba Team
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
>
>
>
> --
> "If we knew what it was we were doing, it would not be called
> research, would it?"
> - Albert Einstein
--
"If we knew what it was we were doing, it would not be called
research, would it?"
- Albert Einstein