Comments

103 Comments
karma

:+1:

BZ#1949442 CVE-2021-20254 samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token
BZ#1954263 samba-dc gets replaced by samba-common during F33 -> F34 upgrade
BZ#1955011 samba-4.14.4 is available
BZ#1955027 CVE-2021-20254 samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token [fedora-all]

This update has been unpushed.

User Icon asn commented & provided feedback on pam-1.4.0-7.fc33 a year ago
karma

The pam_wrapper testsuite with AddressSanitizer passes now!

$ ctest
Test project /home/asn/workspace/projects/pam_wrapper/obj-asan
    Start 1: test_pam_wrapper
1/1 Test #1: test_pam_wrapper .................   Passed    0.02 sec

100% tests passed, 0 tests failed out of 1
BZ#1894630 Memory leak in pam_start()
User Icon asn commented & provided feedback on pam-1.4.0-7.fc33 a year ago

lgtm

BZ#1894630 Memory leak in pam_start()

The libavif API still changes as 0.x versions are pre-releases.

If you can't fix avif support for a package yourself, I would suggest not to enable support for it till version 1.0 is out. It is likely that this will happen again!

If you're up for the task, I can create a build root overwrite if it already expired and we rebuild elf and add it here. Or you disable avif support in elf for f33. How do you want to proceeed?

karma

LGTM

BZ#1849489 CVE-2020-10730 samba: NULL pointer de-reference and use-after-free in Samba AD DC LDAP Server with ASQ, VLV and paged_results
BZ#1849491 CVE-2020-10745 samba: Parsing and packing of NBT and DNS packets can consume excessive CPU
BZ#1849509 CVE-2020-10760 samba: LDAP Use-after-free in Samba AD DC Global Catalog with paged_results and VLV
BZ#1851298 CVE-2020-14303 samba: Empty UDP packet DoS in Samba AD DC nbtd
BZ#1853255 CVE-2020-10730 libldb: samba: NULL pointer de-reference and use-after-free in Samba AD DC LDAP Server with ASQ, VLV and paged_results [fedora-all]
BZ#1853256 CVE-2020-10745 samba: Parsing and packing of NBT and DNS packets can consume excessive CPU [fedora-all]
BZ#1853259 CVE-2020-14303 samba: Empty UDP packet DoS in Samba AD DC nbtd [fedora-all]
BZ#1853276 CVE-2020-10760 samba: LDAP Use-after-free in Samba AD DC Global Catalog with paged_results and VLV [fedora-all]
karma

LGTM

BZ#1849489 CVE-2020-10730 samba: NULL pointer de-reference and use-after-free in Samba AD DC LDAP Server with ASQ, VLV and paged_results
BZ#1849491 CVE-2020-10745 samba: Parsing and packing of NBT and DNS packets can consume excessive CPU
BZ#1849509 CVE-2020-10760 samba: LDAP Use-after-free in Samba AD DC Global Catalog with paged_results and VLV
BZ#1851298 CVE-2020-14303 samba: Empty UDP packet DoS in Samba AD DC nbtd
BZ#1853255 CVE-2020-10730 libldb: samba: NULL pointer de-reference and use-after-free in Samba AD DC LDAP Server with ASQ, VLV and paged_results [fedora-all]
BZ#1853256 CVE-2020-10745 samba: Parsing and packing of NBT and DNS packets can consume excessive CPU [fedora-all]
BZ#1853259 CVE-2020-14303 samba: Empty UDP packet DoS in Samba AD DC nbtd [fedora-all]
BZ#1853276 CVE-2020-10760 samba: LDAP Use-after-free in Samba AD DC Global Catalog with paged_results and VLV [fedora-all]
BZ#1853440 samba-4.12.5 is available

Tested and FIPS selftest works now.

BZ#1835265 GnuTLS FIPS selftest fails on Fedora
karma

LGTM

karma

LGTM

karma

Finally works :-)

ALL OK (2 tests in 1 testsuites)

karma

Finally works :-)

ALL OK (2 tests in 1 testsuites)

BZ#1813384 GnuTLS FIPS selftest fails on Fedora

Thanks for testing. Fix on the way.

User Icon asn commented & provided feedback on samba-4.11.3-0.fc31 2 years ago
karma

LGTM

BZ#1778586 CVE-2019-14861 samba: An authenticated user can crash the DCE/RPC DNS management server by creating records with matching the zone name
BZ#1778589 CVE-2019-14870 samba: The DelegationNotAllowed Kerberos feature restriction was not being applied when processing protocol transition requests (S4U2Self), in the AD DC KDC
BZ#1781542 CVE-2019-14861 samba: An authenticated user can crash the DCE/RPC DNS management server by creating records with matching the zone name [fedora-all]
BZ#1781545 CVE-2019-14870 samba: The DelegationNotAllowed Kerberos feature restriction was not being applied when processing protocol transition requests (S4U2Self), in the AD DC KDC [fedora-all]
BZ#1757071 Deploy new samba DC cause "setup_kerberos_keys: generation of a des-cbc-md5 key failed: Bad encryption type"
BZ#1763137 CVE-2019-10218 samba: smb client vulnerable to filenames containing path separators
BZ#1764126 CVE-2019-14833 samba: AD DC check password script does not receive full password when non-ASCII characters are used
BZ#1766558 CVE-2019-10218 samba: smb client vulnerable to filenames containing path separators [fedora-all]
BZ#1766559 CVE-2019-14833 samba: AD DC check password script does not receive full password when non-ASCII characters are used [fedora-all]
BZ#1668186 %license breaks %files highlighting in rpm spec files
BZ#1752309 neovim-0.4.2 is available
BZ#1754957 Review Request: lua-luv - lua bindings for libuv
BZ#1705877 CVE-2018-16860 samba: S4U2Self with unkeyed checksum
BZ#1709679 CVE-2018-16860 samba: S4U2Self with unkeyed checksum [fedora-all]