Maintainer Evgeny Sinelnikov in the p10 branch: Information
Maintainer name: Evgeny Sinelnikov (sin)
Built source packages in this branch: 120
-
- @kernel
- @mono
- @python
- @qa_p10
Last changed
Apr 14, 2023, 06:47 PM
#317735 sent by Evgeny Sinelnikov
Security_update
A schema-less, ldap like, API and database
The Samba4 CIFS and AD client and server suite
March 29, 2023 Evgeny Sinelnikov:
- Update to security release of Samba 4.16 with update libldb to 2.5.3: + ldb wildcard matching makes excessive allocations (Samba#15331). - Security fixes (Samba#15270, Samba#15315): + CVE-2023-0922: The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection. https://www.samba.org/samba/security/CVE-2023-0922.html + CVE-2023-0614: The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure via LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC. Installations with such secrets in their Samba AD should assume they have been obtained and need replacing. https://www.samba.org/samba/security/CVE-2023-0614.html
System Security Services Daemon
Apr 13, 2023, 07:34 PM
#317242 sent by Evgeny Sinelnikov
Update_to_new_release
Active Directory Management Center
March 22, 2023 Evgeny Sinelnikov:
- Indents at selected OU's widget with policies list are minimized. - Ellipsis for too long names in description bar is added. Label is located to the right of the tree with chosen object. Tool tip for that label is added. Tool tip contains full object name. - Attribute groupType display and edit are changed from decimal to hexadecimal. Attribute value also contains flag names that were set. - Error dialog after critical policy selection is removed. Error is displayed in log now. Dialog error messages after critical policy deletion attempt are clarified. - Russian language is removed from english logs and vice versa. - Block inheritance indicator is added to OU's icon from group policy objects. - Enforced link indicator is added to policy icon from group policy objects. - Disabled policies appearence changing is added to policies from group policy objects. Policy item icon changes appearance (fades) after group policy link disabling. - Policy link indicator is added to policy icon from group policy objects. Indicator is located in left bottom policy icon corner. - Policies that are linked to domain is visible in group policy objects now. - Group policy objects order is changed. Policies is placed higher than OUs now.
Mar 27, 2023, 03:16 PM
#317035 sent by Evgeny Sinelnikov
Fix_works_with_pam_winbind
The graphical tool for changing password
March 20, 2023 Evgeny Sinelnikov:
- Support for pam_winbind (aka NT password) (Closes: #45513) - Update russian translation, reconvert it to UTF-8
Mar 15, 2023, 10:53 PM
#315989 sent by Evgeny Sinelnikov
Revert_with_security_fixes
PostgreSQL client programs and libraries (edition for 1C 8.3.13 and later)
March 7, 2023 Evgeny Sinelnikov:
- Add conflicts to another postgresql versions subpackages with same major version (closes: 45507).
Mar 15, 2023, 10:40 PM
#315936 sent by Evgeny Sinelnikov
update_to_new_release
Allows command execution as another user
Feb. 27, 2023 Evgeny Sinelnikov:
- Update to latest stable release. - Fix run_time message validation in logsrvd. - Fixed a potential double-free bug when matching a sudoers rule that contains a per-command chroot directive (CHROOT=dir).
Mar 2, 2023, 03:43 AM
#315490 sent by Evgeny Sinelnikov
security_update
The Samba4 CIFS and AD client and server suite
Feb. 20, 2023 Evgeny Sinelnikov:
- Update to maintenance release of Samba 4.16 - Security fixes: + CVE-2022-38023: Samba should refuse RC4 (aka md5) based SChannel on NETLOGON (Samba#15240). - Major fixes: + smbc_getxattr() return value is incorrect (Samba#14808). + samba-tool gpo listall fails IPv6 only - finddcs() fails to find DC when there is only an AAAA record for the DC in DNS (Samba#15226). + smbd crashes if an FSCTL request is done on a stream handle (Samba#15236). + auth3_generate_session_info_pac leaks wbcAuthUserInfo (Samba#15286). + Leak in wbcCtxPingDc2 (Samba#15164). + irpc_destructor may crash during shutdown (Samba#15280). - Share enumeration (netshareenum) fixes: + %U for include directive doesn't work for share listing (Samba#15243). + Shares missing from netshareenum response in samba 4.17.4 (Samba#15266). + Access based share enum does not work in Samba 4.16+ (Samba#15265). + Crash during share enumeration (Samba#15267).
Jan 28, 2023, 12:36 PM
#313932 sent by Evgeny Sinelnikov
Latest_security_release
Allows command execution as another user
Jan. 22, 2023 Evgeny Sinelnikov:
- Update to latest stable bugfix and security release (closes: 44965). - Fixed a compilation error on Linux/aarch64 (GitHub#197). - Fixed a potential crash introduced in the fix for (GitHub#134): + If a user's sudoers entry did not have any RunAs user's set, running "sudo -U otheruser -l" would dereference a NULL pointer. - Fixed a bug introduced in sudo 1.9.12 that could prevent sudo from creating a I/O files when the "iolog_file" sudoers setting contains six or more Xs. - Fixed security issue (fixes: CVE-2023-22809), a flaw in sudo's -e option (aka sudoedit) that could allow a malicious user with sudoedit privileges to edit arbitrary files.
Jan 12, 2023, 11:11 PM
#313093 sent by Evgeny Sinelnikov
Update_to_new_release
Active Directory Management Center
Jan. 10, 2023 Evgeny Sinelnikov:
- Fix race condition problems with AdInterface.
Dec 30, 2022, 04:25 PM
#311557 sent by Evgeny Sinelnikov
Update_to_new_release
BaseALT-specific ADMX policy templates
Dec. 29, 2022 Evgeny Sinelnikov:
- Add user policies for drive maps symlinks in home directory. - Add warning when disabling network manager. - Fix correction of option name open ldap tls connections in russian. - Fix typo in cups.service
YandexBrowser-specific ADMX policy templates
Chromium-specific ADMX policy templates
Firefox-specific ADMX policy templates
Oct. 25, 2022 Evgeny Sinelnikov:
- Update Policy templates for Firefox 106 and Firefox ESR 102.4 - This release contains some typo fixes and new Russian translations thanks to lepata@
Dec 23, 2022, 04:32 PM
#311661 sent by Evgeny Sinelnikov
Update_to_new_release
BaseALT-specific ADMX policy templates
Dec. 13, 2022 Evgeny Sinelnikov:
- Add control for Yandex Browser group policies mechanism. - Improve group policies mechanisms display names and help descriptions.
Dec 22, 2022, 02:32 PM
#311615 sent by Evgeny Sinelnikov
Update_to_new_release
Active Directory Management Center
Dec. 13, 2022 Evgeny Sinelnikov:
- Action menu: Block inheritance feature is added to organizational unit context menu. Also limited group policy tab is returned. - Console: Bug with empty group policy object crushing is fixed. - Console: Non-deletable group policy containers dont dissapear from GUI after deletion attempt now. Warning message popups instead of error log dialog. - Misc: "Order" column is added to policy organizational unit results. Sort is performed with this column by default. - Console: Fix crash in policy tree after changing properties for organizational units. - Misc: Fix description bar squishing scope pane, when selected item's name is too long and description bar needs to display it. - Toolbar: Fix icons for "create" actions for organizational units, users and groups in toolbar. - Misc: Add trimming to full name autofill. - Misc: Add trimming to attribute sAMAccountName edit in create dialog for computers. - Misc: Add "find gpo" action to policy tree. It implements group policy objects search functional. - Misc: Improve "Import Query" action. So it's possible to import multiple queries at the same time.
Dec 14, 2022, 05:48 PM
#311076 sent by Evgeny Sinelnikov
Avoid_cycle_dependencies
The Samba4 CIFS and AD client and server suite
Dec. 12, 2022 Evgeny Sinelnikov:
- Update text of summary for role-usershares and smb-conf-usershares. - Update default usershare prefix allow and deny lists: + usershare prefix deny list = /etc /dev /sys /proc + usershare prefix allow list = /home /srv /mnt /media /var - Add new controls for samba-usershares: + smb-conf-usershare-allow-list + smb-conf-usershare-deny-list + smb-conf-usershare-owner-only + smb-conf-usershare-allow-guests
Dec 7, 2022, 07:35 PM
#310866 sent by Evgeny Sinelnikov
Update_with_usershares_fix
The Samba4 CIFS and AD client and server suite
Nov. 29, 2022 Evgeny Sinelnikov:
- Add role-usershares control allow or disallow for group users using of samba usershares as privilege. - Add compatibility support for sambashare group as common privilege assigned to usershares group (Closes: #44379).
default configs for alterator modules
Nov. 22, 2022 Evgeny Sinelnikov:
- Update samba defaults from samba-4.16.6-alt1 release. - Update restore script with default configuration files actually placed in default directory as in the user's system.
Dec 1, 2022, 08:35 PM
#309178 sent by Evgeny Sinelnikov
Fix_latest_upsteam_regression
System Security Services Daemon
Nov. 7, 2022 Evgeny Sinelnikov:
- Update to latest 2.8 major release. - Important fixes: + A regression when running sss_cache when no SSSD domain is enabled would produce a syslog critical message was fixed. + Several fixes in D-Bus infopipe functions: ListByName(), Groups.ListByName() and Groups.ListByDomainAndName().
Nov 10, 2022, 10:01 PM
#309086 sent by Evgeny Sinelnikov
security_update
The Samba4 CIFS and AD client and server suite
Nov. 7, 2022 Evgeny Sinelnikov:
- Don't treat a missing include file as an error in handle_include(). This behavior differs between the source3 and source4 parts of Samba. So, it should be the same and just not an error (Closes #44214).
Nov 2, 2022, 06:54 PM
#309177 sent by Evgeny Sinelnikov
compatibility_update
System Security Services Daemon
Oct. 29, 2022 Evgeny Sinelnikov:
- Redesign become_user patch to should assign supplementary groups for server part of code only (due race condition in krb5_child, for example).
Oct 20, 2022, 07:17 PM
#308586 sent by Evgeny Sinelnikov
Update_to_latest_release
System Security Services Daemon
Oct. 15, 2022 Evgeny Sinelnikov:
- AD GPO: Fix support processing referrals for hostname - New features + Introduced the dbus function org.freedesktop.sssd.infopipe.Users.ListByAttr(attr, value, limit) listing upto limit users matching the filter attr=value. + sssctl is now able to create, list and delete indexes on the local caches. Indexes are useful for the new D-Bus ListByAttr() function. + sssctl is now able to read and set each component's debug level independently. - Important fixes + domains option in [sssd] section can now be completely omitted if domains are enabled via domains/enabled option. - New options: + core_dumpable, ldap_enumeration_refresh_offset, subdomain_refresh_interval_offset, dyndns_refresh_interval_offset refresh_expired_interval_offset, ldap_purge_cache_offset. - Configuration changes: + Option 'ad_machine_account_password_renewal_opts' now accepts an optional third part as the maximum deviation in the provided period (first part) and initial delay (second part). If the period and initial delay are provided but not the offset, the offset is assumed to be 0. If no part is provided, the default is 86400:750:300. + override_homedir now recognizes the %h template which is replaced by the original home directory retrieved from the identity provider, but in lower case.
Active Directory enrollment
Oct. 17, 2022 Evgeny Sinelnikov:
- Add support LDAP add/mod operation to set/change password: + fix unable to join to active directory after KB5008380/CVE-2021-42287 with option '--ldap-passwd'; + https://gitlab.freedesktop.org/realmd/adcli/-/issues/27 - Add support fall back to LDAPS if CLDAP ping was not successful + If the --use-ldaps option is used and there is no reply on the CLDAP 389/udp port adcli will try to send the request to the LDAPS port 636/tcp. - Fix write SID before secret to Samba's db looks like 'net changesecretpw' - Add passwd-user sub-command for (re)set a user password. - Add dont-expire-password option for computer.
Oct 17, 2022, 06:11 PM
#306001 sent by Evgeny Sinelnikov
Update_to_new_group_policy_relese
ALT Local Policies Default templates
Aug. 26, 2022 Evgeny Sinelnikov:
- New directory /etc/local-policy-system with Local Group Policy Template (GPT) - Add control local-policy-system-access
BaseALT-specific ADMX policy templates
Firefox-specific ADMX policy templates
Sept. 14, 2022 Evgeny Sinelnikov:
- Update Policy templates for Firefox 103 and Firefox ESR 102.1 - While these templates will work for Firefox ESR 91, they contain new policies that are not in Firefox ESR 91: + ExemptDomainFileTypePairsFromFileTypeDownloadWarnings + StartDownloadsInTempDirectory + UseSystemPrintDialog
Chromium-specific ADMX policy templates
GPT applier
Sept. 30, 2022 Valery Sinelnikov:
- Fixed formation of the correct path for creating a user directory
Group policy editor
Sept. 29, 2022 Vladimir Rubanov:
- Fixes: + #84127 Fix invalid types for list enums. + #76835 Fix message on policy state change.
Sep 26, 2022, 08:24 PM
#306744 sent by Evgeny Sinelnikov
Update_with_latest_releases_for_samba_dc
A trivial database system
A schema-less, ldap like, API and database
The Samba4 CIFS and AD client and server suite
Sept. 12, 2022 Evgeny Sinelnikov:
- Update to latest stable release of Samba 4.16 - Major fixes: + Possible use after free of connection_struct when iterating smbd_server_connection->connections (Samba#15128). + Spotlight RPC service returns wrong response when Spotlight is disabled on a share (Samba#15086). + acl_xattr VFS module may unintentionally use filesystem permissions instead of ACL from xattr (Samba#15126). + Missing SMB2-GETINFO access checks from MS-SMB2 3.3.5.20.1. assert failed: !is_named_stream(smb_fname)") at ../../lib/util/fault.c:197 (Samba#15153). + Missing READ_LEASE break could cause data corruption (Samba#15148). + rpcclient can crash using setuserinfo(2) (Samba#15124). + Samba fails to build with glibc 2.36 caused by including <sys/mount.h> in libreplace (Samba#15132). + SMB1 negotiation can fail to handle connection errors (Samba#15152). + samba-tool domain join segfault when joining a samba ad domain (Samba#15078).
System Security Services Daemon
Sept. 7, 2022 Evgeny Sinelnikov:
- Update to latest 2.7 major release. - Lock-free client support will be only built if libc provides pthread_key_create() and pthread_once(). For glibc this means version 2.34+ - Add requirement of adcli to sssd-ad.
Active Directory Management Center
The Identity, Policy and Audit system
Sep 7, 2022, 04:05 PM
#306006 sent by Evgeny Sinelnikov
Update_to_security_release
Utilities for doing and managing mounts of the Linux CIFS filesystem
Aug. 31, 2022 Evgeny Sinelnikov:
- Update to stable release 6.15 (Samba#15025, Samba#15026) - mount.cifs: fix length check for ip option parsing (fixes: CVE-2022-27239) - mount.cifs: fix verbose messages on option parsing (fixes: CVE-2022-29869)
Aug 15, 2022, 10:04 PM
#302667 sent by Evgeny Sinelnikov
Update_to_latest_maintaince_release
A trivial database system
March 6, 2022 Evgeny Sinelnikov:
- Apply patch libtdb-revert-breaking-tdb.h.patch from fedora (resolved sssd#5793 on github, rhbz#1983011)
The talloc library
The tevent library
A schema-less, ldap like, API and database
The Samba4 CIFS and AD client and server suite
July 31, 2022 Evgeny Sinelnikov:
- Update to security release of Samba 4.15 - Security fixes: + CVE-2022-2031: Samba AD users can bypass certain restrictions associated with changing passwords (Samba#15047). + CVE-2022-32744: Samba AD users can forge password change requests for any user (Samba#15074). + CVE-2022-32745: Samba AD users can crash the server process with an LDAP add or modify request (Samba#15008). + CVE-2022-32746: Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request (Samba#15009). + CVE-2022-32742: Server memory information leak via SMB1 (Samba#15085).
C-language implementation of Javascript Object Signing and Encryption
System Security Services Daemon
July 15, 2022 Evgeny Sinelnikov:
- Update to latest 2.7 major release: + CLIENT: use thread local storage for socket to a.void the need for a lock. + SSS_CLIENT: got rid of code duplication. + SSS_CLIENT: mem-cache: fixed missing error code. + PAM P11: fixed minor mem-leak.
The Identity, Policy and Audit system
AD editor
Aug 1, 2022, 06:13 PM
#304143 sent by Evgeny Sinelnikov
Fix_running_application
A free interior design application, with a 3D preview
July 22, 2022 Evgeny Sinelnikov:
- update to new version - add JAVA_HOME to run script (closed: 43326)
Jul 20, 2022, 02:43 PM
#303677 sent by Evgeny Sinelnikov
Fix_checking_Well-known_SIDs_and_update_the_computer_account_password
Alterator module for system wide auth settings
July 12, 2022 Evgeny Sinelnikov:
- task-auth-ad-sssd: add requires for sssd-tools and adcli for machine password
Jul 11, 2022, 07:08 PM
#302743 sent by Evgeny Sinelnikov
Fix_backup_restore
The Samba4 CIFS and AD client and server suite
June 28, 2022 Evgeny Sinelnikov:
- Fix samba-tool domain backup DC with forced local samdb.
Jun 28, 2022, 05:22 PM
#302317 sent by Evgeny Sinelnikov
Update_to_latest_stable_release
C-language implementation of Javascript Object Signing and Encryption
System Security Services Daemon
June 18, 2022 Evgeny Sinelnikov:
- Update russian translations (by Elena Mishina <lepata@basealt.ru>)
Jun 22, 2022, 04:23 PM
#297975 sent by Evgeny Sinelnikov
Update to latest bugfix release
A schema-less, ldap like, API and database
The Samba4 CIFS and AD client and server suite
April 5, 2022 Evgeny Sinelnikov:
- Update to latest bugfix release of Samba 4.14 - Fixes: + Renaming file on DFS root fails with NT_STATUS_OBJECT_PATH_NOT_FOUND. + Samba does not response STATUS_INVALID_PARAMETER when opening 2 objects with same lease key. + NT error code is not set when overwriting a file during rename in libsmbclient. + net ads info shows LDAP Server: 0.0.0.0 depending on contacted server. + wbinfo -a doesn't work reliable with upn names. + Problem when winbind renews Kerberos. + NT_STATUS_ACCESS_DENIED translates into EPERM instead of EACCES in SMBC_server_internal. + Multpile RODC fixes: - Simple bind doesn't work against an RODC (with non-preloaded users). - Crash of winbind on RODC. - Uncached logon on RODC always fails once. - Changing the machine password against an RODC likely destroys the domain join. - Simple bind doesn't work against an RODC (with non-preloaded users). + Avoid mixing the main krbtgt account keys with an RODC if the msDS-KeyVersionNumber is larger than 65535 (set 16 upper bits to zero). + Use Heimdal 8.0 (pre) rather than an earlier snapshot. + LDAP simple binds should honour "old password allowed period". + Fix ldap simple bind with TLS auditing. + "password hash userPassword schemes = CryptSHA256" does not seem to work with samba-tool.
System Security Services Daemon
Jan. 27, 2022 Evgeny Sinelnikov:
- AD Domain in the AD Forest Missing after sssd latest update - sdap_idmap.c/sssd_idmap.c incorrectly calculates rangesize from upper/lower - Regression on rawhide with ssh auth using password - sssd-ad broken in 2.6.2, 389 used as kerberos port - sssd error triggers backtrace: write_krb5info_file_from_fo_server
Jun 14, 2022, 05:55 PM
#301368 sent by Evgeny Sinelnikov
Fix_work_with_newest_versions_of_samba
The GNOME virtual filesystem libraries
June 13, 2022 Evgeny Sinelnikov:
- Update to latest 1.48 bugfix release (thanks to Ondrej Holy): + smb: Rework anonymous handling to avoid EINVAL + smb: Ignore EINVAL for kerberos/ccache login + sftp: Adapt on new OpenSSH password prompts + Translation updates
Apr 20, 2022, 06:13 PM
#298675 sent by Evgeny Sinelnikov
Update_with_rtmps_support_for_telegram_translations
Free and open source software for video recording and live streaming
April 19, 2022 Evgeny Sinelnikov:
- new version 27.2.4 - build with rtmps support
Mar 25, 2022, 09:38 AM
#296769 sent by Evgeny Sinelnikov
Fix_bug_with_darken_screen_and_not_available_desktop_ALT#42152
Mar 15, 2022, 03:51 AM
#293575 sent by Evgeny Sinelnikov
Security_update_with_apply_support_s4u
A schema-less, ldap like, API and database
Dec. 13, 2021 Evgeny Sinelnikov:
- Update to latest regression fixes for samba-4.14.10: + CVE-2021-3670 ldb: Confirm the request has not yet timed out
The Samba4 CIFS and AD client and server suite
March 3, 2022 Evgeny Sinelnikov:
- Fix linking of some libraries (libsmbldap.so.2.1.0, libpopt-samba3-samba4.so, libsamba-modules-samba4.so, winbind_krb5_locator.so and smbpasswd.so): + find-requires: ERROR: /usr/lib/rpm/lib.req failed.
System Security Services Daemon
Jan. 27, 2022 Evgeny Sinelnikov:
- AD Domain in the AD Forest Missing after sssd latest update - sdap_idmap.c/sssd_idmap.c incorrectly calculates rangesize from upper/lower - Regression on rawhide with ssh auth using password - sssd-ad broken in 2.6.2, 389 used as kerberos port - sssd error triggers backtrace: write_krb5info_file_from_fo_server
Feb 22, 2022, 05:12 PM
#295055 sent by Evgeny Sinelnikov
Update_to_latest_release
System Security Services Daemon
Jan. 27, 2022 Evgeny Sinelnikov:
- AD Domain in the AD Forest Missing after sssd latest update - sdap_idmap.c/sssd_idmap.c incorrectly calculates rangesize from upper/lower - Regression on rawhide with ssh auth using password - sssd-ad broken in 2.6.2, 389 used as kerberos port - sssd error triggers backtrace: write_krb5info_file_from_fo_server
Nov 23, 2021, 11:14 AM
#288704 sent by Evgeny Sinelnikov
Update_to_latest_security_release
A tool to test PAM applications and PAM modules
A schema-less, ldap like, API and database
Nov. 7, 2021 Evgeny Sinelnikov:
- Update to the 2.3.2 with backported all C code changes from ldb-2.4.1 - Fix overflow timestring test for 32 bits platforms
The Samba4 CIFS and AD client and server suite
Nov. 13, 2021 Evgeny Sinelnikov:
- Add support samba-tool-plus alternative for samba-dc build with heimdal.
System Security Services Daemon
Nov. 15, 2021 Evgeny Sinelnikov:
- Revert reverted patch with change owner/permissions of user deskprofile path due it still needed.
Extended samba-tool (netcmd) version
Nov. 13, 2021 Evgeny Sinelnikov:
- Add support samba-tool-plus alternatives for various samba-dc and samba-dc-mitkrb5 builds with Heimdal and MIT Kerberos respectively.
Nov 18, 2021, 05:46 PM
#288829 sent by Evgeny Sinelnikov
Add_support_systemd-networkd
helpers for etcnet administration
alterator module for tcp/ip connections configuration
Oct. 29, 2021 Evgeny Sinelnikov:
- Add systemd-networkd control mode
Oct 28, 2021, 07:09 PM
#284676 sent by Evgeny Sinelnikov
New release with multiple fixes and improvements.
Python interface for smbclient
BaseALT-specific ADMX policy templates
Oct. 22, 2021 Evgeny Sinelnikov:
- Fixed typo in screensaver setting in Russian translations - Improve English translation of gsettings strings - Fix authetication method bug for gsetting oprtion: org.gnome.Vino.authentication-methods
ALT Local policies
Sept. 14, 2021 Evgeny Sinelnikov:
- Adjust local policy templates - Add control system-policy for gpupdate
GPT applier
Oct. 25, 2021 Evgeny Sinelnikov:
- Added exception for org.gnome.Vino authentication-methods - Fixed bug for alternative-port in org.gnome.Vino
Oct 21, 2021, 06:48 PM
#286568 sent by Evgeny Sinelnikov
Update_to_latest_release
NSS API library and admin tools for roles and privilegies
Oct. 8, 2021 Evgeny Sinelnikov:
- Add mutual exclusion for show system role (-S or --system) and show role in additional file option (-f or --file) options.
Oct 20, 2021, 07:48 PM
#286522 sent by Evgeny Sinelnikov
Update_to_latest_release_with_regression_fixes
The Samba4 CIFS and AD client and server suite
Oct. 6, 2021 Evgeny Sinelnikov:
- Update to latest security release of Samba 4.14 - Fix performance regressions in lsa_LookupSids3/LookupNames4 since Samba 4.9 by using an explicit database handle cache and address a signifcant in database access in the AD DC since Samba 4.12. - Fix an unuthenticated user can crash the AD DC KDC by omitting the server name in a TGS-REQ (Fixes: CVE-2021-3671).
Sep 23, 2021, 07:55 PM
#285317 sent by Evgeny Sinelnikov
Fix_polkit_chalenge_for_domain_users.
PolicyKit Authorization Framework
Sept. 16, 2021 Evgeny Sinelnikov:
- Fix the ability to add user_of_subject to user_identities - Refactoring the addition_to_user_identities_user_of_subject function
Sep 22, 2021, 05:54 PM
#285071 sent by Evgeny Sinelnikov
Update to latest stable release with getgroups() handling.
Allows command execution as another user
Sept. 11, 2021 Evgeny Sinelnikov:
- Update to latest stable release with bugfixes and improvements: + Sudo now can handle the getgroups() function returning a different number of groups for subsequent invocations.
Sep 16, 2021, 07:42 PM
#285065 sent by Evgeny Sinelnikov
Fix CVE fix regression in latest release.
Utilities for doing and managing mounts of the Linux CIFS filesystem
Sept. 12, 2021 Evgeny Sinelnikov:
- Fix kerberos mount regression in commit e461afd (Arch). This is the fix for CVE-2021-20208 (Closes: 40887)
Sep 9, 2021, 09:36 PM
#284377 sent by Evgeny Sinelnikov
Fix_segfault_with_no_ip_in_discover_dc_dns().
The Samba4 CIFS and AD client and server suite
Sept. 1, 2021 Evgeny Sinelnikov:
- Fix net ads join segmentation fault problem if ldap SRV host record not found.
Jul 31, 2021, 12:09 AM
#281323 sent by Evgeny Sinelnikov
Update_to_latest_release_with_p9_compatibility
Utilities for doing and managing mounts of the Linux CIFS filesystem
July 29, 2021 Evgeny Sinelnikov:
- Rebuild with explicitly enabled man pages and other build options - Added rst2man.py3 to configure search list for compatibility with branch p9
Jul 31, 2021, 12:03 AM
#281321 sent by Evgeny Sinelnikov
Update_to_latest_release
A library passing all socket communications through Unix sockets
July 29, 2021 Evgeny Sinelnikov:
- Update to latest release with support for fd-passing via unix sockets - Add public libsocket_wrapper_noop library
Jul 30, 2021, 11:59 PM
#281319 sent by Evgeny Sinelnikov
Update_to_latest_release
System Security Services Daemon
July 29, 2021 Evgeny Sinelnikov:
- Update to 2.5.2: + auto_private_groups option can be set centrally through ID range setting in IPA (see ipa idrange commands family). + Default value of ldap_sudo_random_offset changed to 0 (disabled). + originalADgidNumber attribute in the SSSD cache is now indexed. + Add new config option fallback_to_nss.
Jul 30, 2021, 11:43 PM
#281302 sent by Evgeny Sinelnikov
New_minor_release
GPT applier
July 28, 2021 Evgeny Sinelnikov:
- Fix Shortcuts applier double running in user context - Add LogonUser variable to expand_windows_var() function - Add support of path variable expansion to Shortcuts applier
Jul 22, 2021, 05:40 PM
#279946 sent by Evgeny Sinelnikov
Fix regression witn samba-4.14
Extended samba-tool (netcmd) version
July 21, 2021 Evgeny Sinelnikov:
- Fix using obsoleted in samba-4.14 cmd_user_create class with renamed cmd_user_add class (closes: 40557) - Add conflicts with old samba package provided python3(samba.netcmd.user)