| commit | 5f0e4f1bcef5805849383fe1fec2bab4d8a6d541 | |
| author | Stefan Metzmacher <metze@samba.org> | |
| Mon, 28 Mar 2016 22:26:48 +0000 (29 00:26 +0200) | ||
| committer | Stefan Metzmacher <metze@samba.org> | |
| Wed, 30 Mar 2016 09:59:20 +0000 (30 11:59 +0200) | ||
| tree | 57b23c0ce0d3c9cb1886ccc8e574b8c4476175f8 | treesnapshot (tar.gz zip) |
| parent | b065ce641b13864eb651ff175e94304a434bd15d | commitdiff |
WHATSNEW: Add release notes for Samba 4.2.10.
o CVE-2015-5370 (Multiple errors in DCE-RPC code)
o CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
o CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
o CVE-2016-2112 (LDAP client and server don't enforce integrity)
o CVE-2016-2113 (Missing TLS certificate validation)
o CVE-2016-2114 ("server signing = mandatory" not enforced)
o CVE-2016-2115 (SMB IPC traffic is not integrity protected)
o CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11744
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
o CVE-2015-5370 (Multiple errors in DCE-RPC code)
o CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
o CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
o CVE-2016-2112 (LDAP client and server don't enforce integrity)
o CVE-2016-2113 (Missing TLS certificate validation)
o CVE-2016-2114 ("server signing = mandatory" not enforced)
o CVE-2016-2115 (SMB IPC traffic is not integrity protected)
o CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11744
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
| WHATSNEW.txt | diffblobblamehistory |