Log (https://git.kernel.org/pub/scm/linux/kernel/git/sforshee/wireless-regdb.git/log/):
- Update regulatory rules for the Netherlands (NL) on 6GHz
- Update regulatory rules for China (CN)
- Update regulatory rules for South Korea (KR)
- Revert "wireless-regdb: Update regulatory rules for South Korea (KR)"
- Update regulatory rules for Spain (ES) on 6GHz
- add 802.11ah bands to world regulatory domain
- add support for US S1G channels
- Update regulatory rules for France (FR) on 6 and 60 GHz
- Update regulatory rules for South Korea (KR)
- Update regulatory rules for Croatia (HR) on 6GHz
- Raise DFS TX power limit to 250 mW (24 dBm) for the US
update 4.13.13 (2021-10-29) to 4.13.14 (2021-11-09)
release notes: https://www.samba.org/samba/history/samba-4.13.14.html
===============================
Release Notes for Samba 4.13.14
November 9, 2021
===============================
This is a security release in order to address the following defects:
o CVE-2016-2124: SMB1 client connections can be downgraded to plaintext
authentication.
https://www.samba.org/samba/security/CVE-2016-2124.html
o CVE-2020-25717: A user on the domain can become root on domain members.
https://www.samba.org/samba/security/CVE-2020-25717.html
(PLEASE READ! There are important behaviour changes described)
o CVE-2020-25718: Samba AD DC did not correctly sandbox Kerberos tickets issued
by an RODC.
https://www.samba.org/samba/security/CVE-2020-25718.html
o CVE-2020-25719: Samba AD DC did not always rely on the SID and PAC in Kerberos
tickets.
https://www.samba.org/samba/security/CVE-2020-25719.html
o CVE-2020-25721: Kerberos acceptors need easy access to stable AD identifiers
(eg objectSid).
https://www.samba.org/samba/security/CVE-2020-25721.html
o CVE-2020-25722: Samba AD DC did not do suffienct access and conformance
checking of data stored.
https://www.samba.org/samba/security/CVE-2020-25722.html
o CVE-2021-3738: Use after free in Samba AD DC RPC server.
https://www.samba.org/samba/security/CVE-2021-3738.html
o CVE-2021-23192: Subsequent DCE/RPC fragment injection vulnerability.
https://www.samba.org/samba/security/CVE-2021-23192.html
Changes since 4.13.13
---------------------
o Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* CVE-2020-25722
o Andrew Bartlett <abartlet@samba.org>
* CVE-2020-25718
* CVE-2020-25719
* CVE-2020-25721
* CVE-2020-25722
o Ralph Boehme <slow@samba.org>
* CVE-2020-25717
o Alexander Bokovoy <ab@samba.org>
* CVE-2020-25717
o Samuel Cabrero <scabrero@samba.org>
* CVE-2020-25717
o Nadezhda Ivanova <nivanova@symas.com>
* CVE-2020-25722
o Stefan Metzmacher <metze@samba.org>
* CVE-2016-2124
* CVE-2020-25717
* CVE-2020-25719
* CVE-2020-25722
* CVE-2021-23192
* CVE-2021-3738
* ldb: version 2.2.3
o Andreas Schneider <asn@samba.org>
* CVE-2020-25719
o Joseph Sutton <josephsutton@catalyst.net.nz>
* CVE-2020-17049
* CVE-2020-25718
* CVE-2020-25719
* CVE-2020-25721
* CVE-2020-25722
* MS CVE-2020-17049
update 4.13.12 (2021-09-22) to 4.13.13 (2021-10-29)
release notes:
- https://www.samba.org/samba/history/samba-4.13.13.html
Changes since 4.13.12
---------------------
o Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* BUG 14868: rodc_rwdc test flaps.
* BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.
o Andrew Bartlett <abartlet@samba.org>
* BUG 14642: Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
bit' S4U2Proxy Constrained Delegation bypass in Samba with
embedded Heimdal.
* BUG 14836: Python ldb.msg_diff() memory handling failure.
* BUG 14845: "in" operator on ldb.Message is case sensitive.
* BUG 14848: Release LDB 2.3.1 for Samba 4.14.9.
* BUG 14871: Fix Samba support for UF_NO_AUTH_DATA_REQUIRED.
* BUG 14874: Allow special chars like "@" in samAccountName when generating
the salt.
* BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.
o Isaac Boukris <iboukris@gmail.com>
* BUG 14642: Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
bit' S4U2Proxy Constrained Delegation bypass in Samba with embedded Heimdal.
* BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.
o Viktor Dukhovni <viktor@twosigma.com>
* BUG 12998: Fix transit path validation.
* BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.
o Luke Howard <lukeh@padl.com>
* BUG 14642: Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
bit' S4U2Proxy Constrained Delegation bypass in Samba with embedded Heimdal.
* BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.
o Stefan Metzmacher <metze@samba.org>
* BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.
o David Mulder <dmulder@suse.com>
* BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.
o Andreas Schneider <asn@samba.org>
* BUG 14870: Prepare to operate with MIT krb5 >= 1.20.
* BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.
o Joseph Sutton <josephsutton@catalyst.net.nz>
* BUG 14642: Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
bit' S4U2Proxy Constrained Delegation bypass in Samba with embedded Heimdal.
* BUG 14645: rpcclient NetFileEnum and net rpc file both cause lock order
violation: brlock.tdb, share_entries.tdb.
* BUG 14836: Python ldb.msg_diff() memory handling failure.
* BUG 14845: "in" operator on ldb.Message is case sensitive.
* BUG 14848: Release LDB 2.3.1 for Samba 4.14.9.
* BUG 14868: rodc_rwdc test flaps.
* BUG 14871: Fix Samba support for UF_NO_AUTH_DATA_REQUIRED.
* BUG 14874: Allow special chars like "@" in samAccountName when generating
the salt.
* BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.
o Nicolas Williams <nico@twosigma.com>
* BUG 14642: Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
bit' S4U2Proxy Constrained Delegation bypass in Samba with embedded Heimdal.
* BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.
After update to 1.2.5 NFS servers discovery doesn't work anymore.
In this build added a new configuration flag --enable-rmtcalls which will be needed to enable the remote call functionality.
update 2021.04.21 to 2021.08.28
Release notes:
2021-08-28: Released
2021-08-28 wireless-regdb: update regulatory database based on preceding changes
2021-08-27 Update regulatory rules for Ecuador (EC)
2021-08-06 wireless-regdb: Update regulatory rules for Norway (NO) on 6 and 60 GHz
2021-08-02 wireless-regdb: Update regulatory rules for Germany (DE) on 6GHz
2021-07-14: Released
2021-07-14 wireless-regdb: update regulatory database based on preceding changes
2021-07-14 wireless-regdb: reduce bandwidth for 5730-5850 and 5850-5895 MHz in US
2021-07-08 wireless-regdb: remove PTMP-ONLY from 5850-5895 MHz for US
2021-07-06 wireless-regdb: recent FCC report and order allows 5850-5895 immediately
2021-06-08 wireless-regdb: update 5725-5850 MHz rule for GB
update 4.13.8 (2021-04-29) to 4.13.9 (2021-05-11)
release notes: https://www.samba.org/samba/history/samba-4.13.9.html
This is the latest stable release of the Samba 4.13 release series.
Changes since 4.13.8
--------------------
o Jeremy Allison <jra@samba.org>
* BUG 14696: s3: smbd: SMB1 SMBsplwr doesn't send a reply packet on success.
o Andrew Bartlett <abartlet@samba.org>
* BUG 14689: Add documentation for dsdb_group_audit and dsdb_group_json_audit
to "log level", synchronise "log level" in smb.conf with the code.
o Ralph Boehme <slow@samba.org>
* BUG 14672: Fix smbd panic when two clients open same file.
* BUG 14675: Fix memory leak in the RPC server.
* BUG 14679: s3: smbd: Fix deferred renames.
o Samuel Cabrero <scabrero@samba.org>
* BUG 14675: s3-iremotewinspool: Set the per-request memory context.
o Volker Lendecke <vl@samba.org>
* BUG 14675: rpc_server3: Fix a memleak for internal pipes.
o Stefan Metzmacher <metze@samba.org>
* BUG 11899: third_party: Update socket_wrapper to version 1.3.2.
* BUG 14640: third_party: Update socket_wrapper to version 1.3.3.
o Christof Schmitt <cs@samba.org>
* BUG 14663: idmap_rfc2307 and idmap_nss return wrong mapping for uid/gid
conflict.
o Martin Schwenke <martin@meltin.net
* BUG 14288: Fix the build on OmniOS.
update 4.1.7 (2021-03-24) to 4.18.8 (2021-04-29)
release notes: https://www.samba.org/samba/history/samba-4.13.8.html
==
This is a security release in order to address the following defect:
o CVE-2021-20254: Negative idmap cache entries can cause incorrect group entries
in the Samba file server process token.
=======
Details
=======
o CVE-2021-20254:
The Samba smbd file server must map Windows group identities (SIDs) into unix
group ids (gids). The code that performs this had a flaw that could allow it
to read data beyond the end of the array in the case where a negative cache
entry had been added to the mapping cache. This could cause the calling code
to return those values into the process token that stores the group
membership for a user.
Most commonly this flaw caused the calling code to crash, but an alert user
(Peter Eriksson, IT Department, Linköping University) found this flaw by
noticing an unprivileged user was able to delete a file within a network
share that they should have been disallowed access to.
Analysis of the code paths has not allowed us to discover a way for a
remote user to be able to trigger this flaw reproducibly or on demand,
but this CVE has been issued out of an abundance of caution.
Changes since 4.13.7
--------------------
o Volker Lendecke <vl@samba.org>
* BUG 14571: CVE-2021-20254: Fix buffer overrun in sids_to_unixids().
update 1.0.20200827 to 1.0.20210223
log: https://git.zx2c4.com/wireguard-tools/log/
announce: https://www.mail-archive.com/wireguard@lists.zx2c4.com/msg06037.html
--
A new version, v1.0.20210223, of wireguard-tools has been tagged in the git
repository, containing various required userspace utilities, such as the
wg(8) and wg-quick(8) commands and documentation.
== Changes ==
* wg-quick: android: do not free iterated pointer
* wg-quick: openbsd: no use for userspace support
* embeddable-wg-library: sync latest from netlink.h
* wincompat: recent mingw has inet_ntop/inet_pton
* wincompat: add resource and manifest and enable lto
* wincompat: do not elevate by default
* completion: add help and syncconf completions
* sticky-sockets: do not use SO_REUSEADDR
* man: LOG_LEVEL variables changed name
* ipc: do not use fscanf with trailing \n
* ipc: read trailing responses after set operation
This release contains commits from: Jason A. Donenfeld.
