search for: smbc_readdir_internal

...he authenticated DRSUAPI RPC service. o CVE-2018-10919: Missing access control checks allow discovery of confidential attribute values via authenticated LDAP search expressions. Changes: -------- o Jeremy Allison <jra at samba.org> * BUG 13453: CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against returns from malicious servers. o Andrew Bartlett <abartlet at samba.org> * BUG 13374: CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes, ldb: Release LDB 1.3.5 for CVE-2018-1140 * BUG 13552: CVE-2018-10918: cracknames: F...

...he authenticated DRSUAPI RPC service. o CVE-2018-10919: Missing access control checks allow discovery of confidential attribute values via authenticated LDAP search expressions. Changes: -------- o Jeremy Allison <jra at samba.org> * BUG 13453: CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against returns from malicious servers. o Andrew Bartlett <abartlet at samba.org> * BUG 13374: CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes, ldb: Release LDB 1.3.5 for CVE-2018-1140 * BUG 13552: CVE-2018-10918: cracknames: F...

...is used. SMB_VFS_FCHMOD_ACL: Removed: Only FCHMOD is used. Any external VFS modules will need to be updated to match these changes in order to work with 4.9.x. CHANGES SINCE 4.9.0rc2 ====================== o Jeremy Allison <jra at samba.org> * BUG 13453: CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against returns from malicious servers. o Andrew Bartlett <abartlet at samba.org> * BUG 13374: CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes, ldb: Release LDB 1.3.5 for CVE-2018-1140 * BUG 13552: CVE-2018-10918: cracknames: F...

...is used. SMB_VFS_FCHMOD_ACL: Removed: Only FCHMOD is used. Any external VFS modules will need to be updated to match these changes in order to work with 4.9.x. CHANGES SINCE 4.9.0rc2 ====================== o Jeremy Allison <jra at samba.org> * BUG 13453: CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against returns from malicious servers. o Andrew Bartlett <abartlet at samba.org> * BUG 13374: CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes, ldb: Release LDB 1.3.5 for CVE-2018-1140 * BUG 13552: CVE-2018-10918: cracknames: F...

...alph Wuerthner <ralph.wuerthner at de.ibm.com> * BUG 13568: s3: vfs: time_audit: fix handling of token_blob in smb_time_audit_offload_read_recv(). CHANGES SINCE 4.9.0rc2 ====================== o Jeremy Allison <jra at samba.org> * BUG 13453: CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against returns from malicious servers. o Andrew Bartlett <abartlet at samba.org> * BUG 13374: CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes, ldb: Release LDB 1.3.5 for CVE-2018-1140 * BUG 13552: CVE-2018-10918: cracknames: F...

...alph Wuerthner <ralph.wuerthner at de.ibm.com> * BUG 13568: s3: vfs: time_audit: fix handling of token_blob in smb_time_audit_offload_read_recv(). CHANGES SINCE 4.9.0rc2 ====================== o Jeremy Allison <jra at samba.org> * BUG 13453: CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against returns from malicious servers. o Andrew Bartlett <abartlet at samba.org> * BUG 13374: CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes, ldb: Release LDB 1.3.5 for CVE-2018-1140 * BUG 13552: CVE-2018-10918: cracknames: F...

...alph Wuerthner <ralph.wuerthner at de.ibm.com> * BUG 13568: s3: vfs: time_audit: fix handling of token_blob in smb_time_audit_offload_read_recv(). CHANGES SINCE 4.9.0rc2 ====================== o Jeremy Allison <jra at samba.org> * BUG 13453: CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against returns from malicious servers. o Andrew Bartlett <abartlet at samba.org> * BUG 13374: CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes, ldb: Release LDB 1.3.5 for CVE-2018-1140 * BUG 13552: CVE-2018-10918: cracknames: F...

...alph Wuerthner <ralph.wuerthner at de.ibm.com> * BUG 13568: s3: vfs: time_audit: fix handling of token_blob in smb_time_audit_offload_read_recv(). CHANGES SINCE 4.9.0rc2 ====================== o Jeremy Allison <jra at samba.org> * BUG 13453: CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against returns from malicious servers. o Andrew Bartlett <abartlet at samba.org> * BUG 13374: CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes, ldb: Release LDB 1.3.5 for CVE-2018-1140 * BUG 13552: CVE-2018-10918: cracknames: F...

...alph Wuerthner <ralph.wuerthner at de.ibm.com> * BUG 13568: s3: vfs: time_audit: fix handling of token_blob in smb_time_audit_offload_read_recv(). CHANGES SINCE 4.9.0rc2 ====================== o Jeremy Allison <jra at samba.org> * BUG 13453: CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against returns from malicious servers. o Andrew Bartlett <abartlet at samba.org> * BUG 13374: CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes, ldb: Release LDB 1.3.5 for CVE-2018-1140 * BUG 13552: CVE-2018-10918: cracknames: F...

...alph Wuerthner <ralph.wuerthner at de.ibm.com> * BUG 13568: s3: vfs: time_audit: fix handling of token_blob in smb_time_audit_offload_read_recv(). CHANGES SINCE 4.9.0rc2 ====================== o Jeremy Allison <jra at samba.org> * BUG 13453: CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against returns from malicious servers. o Andrew Bartlett <abartlet at samba.org> * BUG 13374: CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes, ldb: Release LDB 1.3.5 for CVE-2018-1140 * BUG 13552: CVE-2018-10918: cracknames: F...