cc26aa21c4
update 4.13.13 (2021-10-29) to 4.13.14 (2021-11-09) release notes: https://www.samba.org/samba/history/samba-4.13.14.html =============================== Release Notes for Samba 4.13.14 November 9, 2021 =============================== This is a security release in order to address the following defects: o CVE-2016-2124: SMB1 client connections can be downgraded to plaintext authentication. https://www.samba.org/samba/security/CVE-2016-2124.html o CVE-2020-25717: A user on the domain can become root on domain members. https://www.samba.org/samba/security/CVE-2020-25717.html (PLEASE READ! There are important behaviour changes described) o CVE-2020-25718: Samba AD DC did not correctly sandbox Kerberos tickets issued by an RODC. https://www.samba.org/samba/security/CVE-2020-25718.html o CVE-2020-25719: Samba AD DC did not always rely on the SID and PAC in Kerberos tickets. https://www.samba.org/samba/security/CVE-2020-25719.html o CVE-2020-25721: Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). https://www.samba.org/samba/security/CVE-2020-25721.html o CVE-2020-25722: Samba AD DC did not do suffienct access and conformance checking of data stored. https://www.samba.org/samba/security/CVE-2020-25722.html o CVE-2021-3738: Use after free in Samba AD DC RPC server. https://www.samba.org/samba/security/CVE-2021-3738.html o CVE-2021-23192: Subsequent DCE/RPC fragment injection vulnerability. https://www.samba.org/samba/security/CVE-2021-23192.html Changes since 4.13.13 --------------------- o Douglas Bagnall <douglas.bagnall@catalyst.net.nz> * CVE-2020-25722 o Andrew Bartlett <abartlet@samba.org> * CVE-2020-25718 * CVE-2020-25719 * CVE-2020-25721 * CVE-2020-25722 o Ralph Boehme <slow@samba.org> * CVE-2020-25717 o Alexander Bokovoy <ab@samba.org> * CVE-2020-25717 o Samuel Cabrero <scabrero@samba.org> * CVE-2020-25717 o Nadezhda Ivanova <nivanova@symas.com> * CVE-2020-25722 o Stefan Metzmacher <metze@samba.org> * CVE-2016-2124 * CVE-2020-25717 * CVE-2020-25719 * CVE-2020-25722 * CVE-2021-23192 * CVE-2021-3738 * ldb: version 2.2.3 o Andreas Schneider <asn@samba.org> * CVE-2020-25719 o Joseph Sutton <josephsutton@catalyst.net.nz> * CVE-2020-17049 * CVE-2020-25718 * CVE-2020-25719 * CVE-2020-25721 * CVE-2020-25722 * MS CVE-2020-17049
LibreELEC
LibreELEC is a 'Just enough OS' Linux distribution for the award-winning Kodi software on popular mediacentre hardware. Further information on the project can be found on the LibreELEC website.
Issues & Support
Please ask questions in the LibreELEC forum: Help & Support or ask a member of project staff in the #libreelec IRC channel on Libera.Chat. Please report bugs via GitHub Issues.
Donations
Contributions towards current project funding goals can be sent via PayPal to donations@libreelec.tv
License
LibreELEC original code is released under GPLv2.
Copyright
As LibreELEC includes code from many upstream projects it has many copyright owners; notably OpenELEC which we forked from after disagreeing with project direction and management, and OpenBricks/GeeXboX the uncredited source of the original 2009 build system. LibreELEC makes no claim of copyright on any upstream code. However all original LibreELEC authored code is copyright LibreELEC.tv. Patches to upstream code have the same license as the upstream project unless specified otherwise. For a complete copyright list please checkout the source code to examine license headers. Unless expressly stated otherwise all code submitted to the LibreELEC project (in any form) is licensed under GPLv2 and copyright is donated to the project. This approach gives the project freedom to maintain the code without the overhead of preserving contact with every submitter, e.g. GPLv3. You are free to retain copyright by adding your copyright header to each submitted code page. If you submit code that is not your own work it is your responsibility to place a header stating the copyright.