git.ipfire.org Git - people/pmueller/ipfire-2.x.git/commit

author	Adolf Belka <adolf.belka@ipfire.org>
	Fri, 30 Apr 2021 16:13:32 +0000 (18:13 +0200)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Thu, 6 May 2021 09:54:35 +0000 (09:54 +0000)
commit	b33473414dc9cfe3c51fba782355b187b8813d5c
tree	7d689ea836a75bf9deda8a583ecff204455cea68	tree \| snapshot
parent	3a7a955ba2d973b6588a125a12578522a4795281	commit \| diff

samba: Update to 4.14.4

- Update from 4.14.3 to 4.14.4
- Update of rootfile not required
- Changelog
    Release Notes for Samba 4.14.4 April 29, 2021
     This is a security release in order to address the following defect:
      o CVE-2021-20254: Negative idmap cache entries can cause incorrect
        group entries in the Samba file server process token.
    Details
      o  CVE-2021-20254:
         The Samba smbd file server must map Windows group identities (SIDs) into unix
         group ids (gids). The code that performs this had a flaw that could allow it
         to read data beyond the end of the array in the case where a negative cache
         entry had been added to the mapping cache. This could cause the calling code
         to return those values into the process token that stores the group
         membership for a user.
         Most commonly this flaw caused the calling code to crash, but an alert user
         (Peter Eriksson, IT Department, Linköping University) found this flaw by
         noticing an unprivileged user was able to delete a file within a network
         share that they should have been disallowed access to.
         Analysis of the code paths has not allowed us to discover a way for a
         remote user to be able to trigger this flaw reproducibly or on demand,
         but this CVE has been issued out of an abundance of caution.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>