← Back to team overview

group.of.nepali.translators team mailing list archive

[Bug 1670508] Re: CIFS: Enable encryption for SMB3

 

This bug was fixed in the package linux - 4.4.0-87.110

---------------
linux (4.4.0-87.110) xenial; urgency=low

  * linux: 4.4.0-87.110 -proposed tracker (LP: #1704982)

  * CVE-2017-1000364
    - mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
    - mm/mmap.c: expand_downwards: don't require the gap if !vm_prev

  * CIFS causes oops (LP: #1704857)
    - CIFS: Fix null pointer deref during read resp processing
    - CIFS: Fix some return values in case of error in 'crypt_message'

 -- Kleber Sacilotto de Souza <kleber.souza@xxxxxxxxxxxxx>  Tue, 18 Jul
2017 13:58:43 +0200

** Changed in: linux (Ubuntu Xenial)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-1000364

** Changed in: linux (Ubuntu Xenial)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1670508

Title:
  CIFS: Enable encryption for SMB3

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Released
Status in linux source package in Yakkety:
  Fix Released
Status in linux source package in Zesty:
  Fix Released

Bug description:
  There has been work upstream to enable encryption support for SMB3
  connections. This is a particularly valuable (and commonly requested)
  feature with the Azure Files service as encryption is required to
  connect to an Azure Files storage share from on-prem or from a
  different Azure region.

  The relevant commits are as follows:

  CIFS: Fix possible use after free in demultiplex thread
  Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5

  CIFS: Allow to switch on encryption with seal mount option
  Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31

  CIFS: Add capability to decrypt big read responses
  Commit c42a6abe3012832a68a371dabe17c2ced97e62ad

  CIFS: Decrypt and process small encrypted packets
  Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840

  CIFS: Add copy into pages callback for a read operation
  Commit d70b9104b1ca586f73aaf59426756cec3325a40e

  CIFS: Add mid handle callback
  Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e

  CIFS: Add transform header handling callbacks
  Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e

  CIFS: Encrypt SMB3 requests before sending
  Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398

  CIFS: Enable encryption during session setup phase
  Commit cabfb3680f78981d26c078a26e5c748531257ebb

  CIFS: Add capability to transform requests before sending
  Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85

  CIFS: Separate RFC1001 length processing for SMB2 read
  Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6

  CIFS: Separate SMB2 sync header processing
  Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef

  CIFS: Send RFC1001 length in a separate iov
  Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf

  CIFS: Make send_cancel take rqst as argument
  Commit fb2036d817584df42504910fe104f68517e8990e

  CIFS: Make SendReceive2() takes resp iov
  Commit da502f7df03d2d0b416775f92ae022f3f82bedd5

  CIFS: Separate SMB2 header structure
  Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7

  cifs: Add soft dependencies
  Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a

  cifs: Only select the required crypto modules
  Commit 3692304bba6164be3810afd41b84ecb0e1e41db1

  cifs: Simplify SMB2 and SMB311 dependencies
  Commit c1ecea87471bbb614f8121e00e5787f363140365

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions