update 1.11 (2021-01-07) to 1.17 (2021-08-22)
changelog: https://git.kernel.org/pub/scm/network/wireless/iwd.git/tree/ChangeLog
ver 1.17:
- Fix issue with sending additional and vendor IEs.
- Fix issue with IE ordering for 802.11-2020 support.
- Fix issue with frequency update on channel switch events.
- Fix issue with drivers and handling of IF_OPER_UP setting.
ver 1.16:
- Fix issue with writing provisioning files with a passphrase.
- Add support for Authenticator & Supplicant RSN Extension elements.
- Add support for handling Transition Disable info.
- Add support for SAE Hash-to-Element feature.
ver 1.15:
- Add support for FT-over-DS procedure with multiple BSS.
- Add support for estimation of VHT RX data rate.
- Add support for exporting Daemon information.
ver 1.14:
- Fix issue with scanning property and quick scan cancellation.
- Fix issue with handling authentication timeouts from SAE.
- Fix issue with handling association timeouts and retries.
- Fix issue with handling roaming frequencies after roaming.
- Fix issue with requesting neighbor report after roaming.
- Add support for handling PSK offload connections.
ver 1.13:
- Fix issue with EAPoL protocol version 2010 handling.
- Fix issue with authenticator method logic handling.
- Fix issue with getting scan results from firmware.
- Add support for handling SAE offload connections.
- Add support for roaming with FullMAC devices.
ver 1.12:
- Fix issue with handling retry roaming without higher RSSI.
- Fix issue with WPA3, OWE and FILS authentication handling.
- Fix issue with handling locally generated deauth frames.
- Fix issue with quick scanning and connect interaction.
- Add support for diagnostic D-Bus interfaces.
update 2021.04.21 to 2021.08.28
Release notes:
2021-08-28: Released
2021-08-28 wireless-regdb: update regulatory database based on preceding changes
2021-08-27 Update regulatory rules for Ecuador (EC)
2021-08-06 wireless-regdb: Update regulatory rules for Norway (NO) on 6 and 60 GHz
2021-08-02 wireless-regdb: Update regulatory rules for Germany (DE) on 6GHz
2021-07-14: Released
2021-07-14 wireless-regdb: update regulatory database based on preceding changes
2021-07-14 wireless-regdb: reduce bandwidth for 5730-5850 and 5850-5895 MHz in US
2021-07-08 wireless-regdb: remove PTMP-ONLY from 5850-5895 MHz for US
2021-07-06 wireless-regdb: recent FCC report and order allows 5850-5895 immediately
2021-06-08 wireless-regdb: update 5725-5850 MHz rule for GB
update 4.13.8 (2021-04-29) to 4.13.9 (2021-05-11)
release notes: https://www.samba.org/samba/history/samba-4.13.9.html
This is the latest stable release of the Samba 4.13 release series.
Changes since 4.13.8
--------------------
o Jeremy Allison <jra@samba.org>
* BUG 14696: s3: smbd: SMB1 SMBsplwr doesn't send a reply packet on success.
o Andrew Bartlett <abartlet@samba.org>
* BUG 14689: Add documentation for dsdb_group_audit and dsdb_group_json_audit
to "log level", synchronise "log level" in smb.conf with the code.
o Ralph Boehme <slow@samba.org>
* BUG 14672: Fix smbd panic when two clients open same file.
* BUG 14675: Fix memory leak in the RPC server.
* BUG 14679: s3: smbd: Fix deferred renames.
o Samuel Cabrero <scabrero@samba.org>
* BUG 14675: s3-iremotewinspool: Set the per-request memory context.
o Volker Lendecke <vl@samba.org>
* BUG 14675: rpc_server3: Fix a memleak for internal pipes.
o Stefan Metzmacher <metze@samba.org>
* BUG 11899: third_party: Update socket_wrapper to version 1.3.2.
* BUG 14640: third_party: Update socket_wrapper to version 1.3.3.
o Christof Schmitt <cs@samba.org>
* BUG 14663: idmap_rfc2307 and idmap_nss return wrong mapping for uid/gid
conflict.
o Martin Schwenke <martin@meltin.net
* BUG 14288: Fix the build on OmniOS.
update 4.1.7 (2021-03-24) to 4.18.8 (2021-04-29)
release notes: https://www.samba.org/samba/history/samba-4.13.8.html
==
This is a security release in order to address the following defect:
o CVE-2021-20254: Negative idmap cache entries can cause incorrect group entries
in the Samba file server process token.
=======
Details
=======
o CVE-2021-20254:
The Samba smbd file server must map Windows group identities (SIDs) into unix
group ids (gids). The code that performs this had a flaw that could allow it
to read data beyond the end of the array in the case where a negative cache
entry had been added to the mapping cache. This could cause the calling code
to return those values into the process token that stores the group
membership for a user.
Most commonly this flaw caused the calling code to crash, but an alert user
(Peter Eriksson, IT Department, Linköping University) found this flaw by
noticing an unprivileged user was able to delete a file within a network
share that they should have been disallowed access to.
Analysis of the code paths has not allowed us to discover a way for a
remote user to be able to trigger this flaw reproducibly or on demand,
but this CVE has been issued out of an abundance of caution.
Changes since 4.13.7
--------------------
o Volker Lendecke <vl@samba.org>
* BUG 14571: CVE-2021-20254: Fix buffer overrun in sids_to_unixids().
