Package samba-devel: Information
Default inline alert: Version in the repository: 4.20.0-alt1
Binary package: samba-devel
Version: 4.17.8-alt1
Architecture: aarch64
Build time: May 29, 2023, 06:39 PM in the task #321564
Source package: samba
Category: Development/C
Report package bugDownload: samba-devel-4.17.8-alt1.aarch64.rpm
Home page: http://www.samba.org/
Summary: Developer tools for Samba libraries
Description:
The samba-devel package contains the header files for the libraries needed to develop programs that link against the SMB, RPC and other libraries in the Samba suite.
Maintainer: Evgeny Sinelnikov
List of contributors:
Evgeny Sinelnikov
Michael Shigorin
Ivan A. Melnikov
Grigory Ustinov
Alexey Shabalin
Alexey Sheplyakov
Andrey Cherepanov
Igor Vlasenko
Vitaly Kuznetsov
Evgeny Sinelnikov
Michael Shigorin
Ivan A. Melnikov
Grigory Ustinov
Alexey Shabalin
Alexey Sheplyakov
Andrey Cherepanov
Igor Vlasenko
Vitaly Kuznetsov
Last changed
May 21, 2023 Evgeny Sinelnikov 4.17.8-alt1
- Update to maintenance release of Samba 4.18: + log flood: smbd_calculate_access_mask_fsp: Access denied: message level should be lower (Samba#15302). + Floating point exception (FPE) via cli_pull_send at source3/libsmb/clireadwrite.c (Samba#15306). + Reduce flapping of ridalloc test (Samba#15329). + large_ldap test is unreliable (Samba#15351). + New filename parser doesn't check veto files smb.conf parameter (Samba#15143). + mdssvc may crash when initializing (Samba#15354). + Large directory optimization broken for non-lcomp path elements (Samba#15313). + streams_depot fails to create streams (Samba#15357). + shadow_copy2 and streams_depot don't play well together (Samba#15358). + wbinfo -u fails on ad dc with >1000 users (Samba#15366). + winbindd idmap child contacts the domain controller without a need (Samba#15317). + idmap_autorid may fail to map sids of trusted domains for the first time (Samba#15318). + idmap_hash doesn't use ID_TYPE_BOTH for reverse mappings (Samba#15319). + net ads search -P doesn't work against servers in other domains (Samba#15323). + DS ACEs might be inherited to unrelated object classes (Samba#15338). + Temporary smbXsrv_tcon_global.tdb can't be parsed (Samba#15353). + Setting veto files = /.*/ break listing directories (Samba#15360). + CVE-2020-25720 [SECURITY] Create Child permission should not allow full write to all attributes (additional changes) (Samba#14810). + Reduce flapping of ridalloc test (Samba#15329). + dsgetdcname: assumes local system uses IPv4 (Samba#15325).
March 29, 2023 Evgeny Sinelnikov 4.17.7-alt1
- Update to maintenance release of Samba 4.17 with update libldb to 2.6.2: + ldb wildcard matching makes excessive allocations (Samba#15331). - Security fixes (Samba#15276, Samba#15270, Samba#15315, Samba#14810): + CVE-2023-0225: An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory. https://www.samba.org/samba/security/CVE-2023-0225.html + CVE-2023-0922: The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection. https://www.samba.org/samba/security/CVE-2023-0922.html + CVE-2023-0614: The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure via LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC. Installations with such secrets in their Samba AD should assume they have been obtained and need replacing. https://www.samba.org/samba/security/CVE-2023-0614.html + CVE-2020-25720 Create Child permission should not allow full write to all attributes (additional changes).
March 15, 2023 Evgeny Sinelnikov 4.17.6-alt1
- Update to maintenance release of Samba 4.17: + streams_xattr is creating unexpected locks on folders (Samba#15314). + Use of the Azure AD Connect cloud sync tool is now supported for password hash synchronisation, allowing Samba AD Domains to synchronise passwords with this popular cloud environment (Samba#10635). + New samba-dcerpc architecture does not scale gracefully (Samba#15310). + vfs_ceph incorrectly uses fsp_get_io_fd() instead of fsp_get_pathref_fd() in close and fstat (Samba#15307). + fd_load() function implicitly closes the fd where it should not (Samba#15311). - Revert not treat of missing include file as an error in handle_include(). This behavior differs between the source3 and source4 parts of Samba. So, it should be the same and just not an error (Closes #44214).