-
samba (2:4.13.17~dfsg-0ubuntu0.21.10.2) impish; urgency=medium
* d/p/lp-1951490-fix-printing-KB5006743.patch: Fix printing after
Windows 2021-10 Monthly Rollup patch (LP: #1951490)
-- Andreas Hasenack <email address hidden> Thu, 10 Mar 2022 10:52:15 -0300
-
samba (2:4.13.17~dfsg-0ubuntu0.21.10.1) impish-security; urgency=medium
* Update to 4.13.17 as a security update
- CVE-2021-43566, CVE-2021-44142, CVE-2022-0336
* Removed patches included in new version:
- debian/patches/trusted_domain_regression_fix.patch
- debian/patches/bug14901-*.patch
- debian/patches/bug14922.patch
-- Marc Deslauriers <email address hidden> Mon, 31 Jan 2022 08:11:13 -0500
-
samba (2:4.13.14+dfsg-0ubuntu0.21.10.4) impish-security; urgency=medium
* SECURITY REGRESSION: Kerberos authentication on standalone server in
MIT realm broken
- debian/patches/bug14922.patch: fix MIT Realm regression in
source3/auth/user_krb5.c.
-- Marc Deslauriers <email address hidden> Mon, 13 Dec 2021 07:11:23 -0500
-
samba (2:4.13.14+dfsg-0ubuntu0.21.10.3) impish-security; urgency=medium
* SECURITY REGRESSION: undesired side effects for the local nt token
- debian/patches/bug14901-*.patch: upstream patches to fix some
mapping issues.
* SECURITY REGRESSION: backup command raises FileNotFoundError
(LP: #1952187)
- debian/patches/bug14918-*.patch: upstream patches to properly handle
dangling symlinks.
-- Marc Deslauriers <email address hidden> Thu, 02 Dec 2021 07:56:37 -0500
-
samba (2:4.13.14+dfsg-0ubuntu0.21.10.2) impish; urgency=medium
* samba.postinst: do not populate sambashare from the Ubuntu admin group
(LP: #1942195)
-- Paride Legovini <email address hidden> Fri, 12 Nov 2021 11:17:14 +0100
-
samba (2:4.13.14+dfsg-0ubuntu0.21.10.1) impish-security; urgency=medium
* Update to 4.13.14 as a security update (LP: #1950363)
- debian/patches/CVE-2021-20254.patch: removed, included in new
version.
- debian/control: bump ldb Build-Depends to 2.2.3.
- debian/samba-libs.install: added libdcerpc-pkt-auth.so.0.
- debian/patches/trusted_domain_regression_fix.patch: fix regression
introduced in 4.13.14.
- CVE-2016-2124, CVE-2020-25717, CVE-2020-25718, CVE-2020-25719,
CVE-2020-25721, CVE-2020-25722, CVE-2021-3738, CVE-2021-23192
-- Marc Deslauriers <email address hidden> Tue, 09 Nov 2021 14:52:07 -0500
-
samba (2:4.13.5+dfsg-2ubuntu3) impish; urgency=medium
* d/samba.postinst: do not populate sambashare from the admin group
(Debian packaging cherry-pick. LP: #1942195)
-- Paride Legovini <email address hidden> Wed, 06 Oct 2021 10:31:14 +0200
-
samba (2:4.13.5+dfsg-2ubuntu2) impish; urgency=medium
* No-change rebuild due to OpenLDAP soname bump.
-- Sergio Durigan Junior <email address hidden> Mon, 21 Jun 2021 18:08:36 -0400
-
samba (2:4.13.5+dfsg-2ubuntu1) impish; urgency=medium
* Merge with Debian unstable. Remaining changes:
- d/p/VERSION.patch: Update vendor string to "Ubuntu".
- debian/smb.conf;
+ Add "(Samba, Ubuntu)" to server string.
+ Comment out the default [homes] share, and add a comment about
"valid users = %s" to show users how to restrict access to
\\server\username to only username.
- d/control: Disable glusterfs support because it's not in main.
MIR bug is https://launchpad.net/bugs/1274247
- debian/control: Ubuntu i386 binary compatibility:
+ drop ceph support
- d/control: add a versioned libgnutls28-dev build-depends to reduce
the amount of in-tree crypto code that is built
- d/control: enable the liburing vfs module, except on i386 where
liburing is not available
- d/t/{cifs-share-access-uring,smbclient-share-access-uring}:
Skip running the tests if on i386 platform, because the uring
package is not available there.
* Dropped changes:
- debian/samba-common.config:
+ Do not change priority to high if dhclient3 is installed.
[Included in 2:4.13.4+dfsg-1]
- d/p/fix-nfs-service-name-to-nfs-kernel-server.patch:
change nfs service name from nfs to nfs-kernel-server
(LP #722201)
[Included in 2:4.13.4+dfsg-1]
- d/p/ctdb-config-enable-syslog-by-default.patch:
enable syslog and systemd journal by default
[Included in 2:4.13.4+dfsg-1]
- debian/rules: Ubuntu i386 binary compatibility:
+ drop ceph support
+ disable the following binary packages:
- ctdb
- libnss-winbind
- libpam-winbind
- python3-samba
- samba
- samba-common-bin
- samba-testsuite
- winbind
[Included in 2:4.13.4+dfsg-1]
- debian/rules: Ubuntu i386 binary compatibility:
+ re-enable the following binary packages:
- libnss-winbind
- samba-common-bin
- python3-samba
- winbind
[Included in 2:4.13.4+dfsg-1]
- SECURITY UPDATE: wrong group entries via negative idmap cache entries
+ debian/patches/CVE-2021-20254.patch: Simplify sids_to_unixids() in
source3/passdb/lookup_sid.c.
+ CVE-2021-20254
[Included in 2:4.13.5+dfsg-2]
-- Athos Ribeiro <email address hidden> Mon, 17 May 2021 11:51:54 -0300
-
samba (2:4.13.3+dfsg-1ubuntu2.1) hirsute-security; urgency=medium
* SECURITY UPDATE: wrong group entries via negative idmap cache entries
- debian/patches/CVE-2021-20254.patch: Simplify sids_to_unixids() in
source3/passdb/lookup_sid.c.
- CVE-2021-20254
-- Marc Deslauriers <email address hidden> Thu, 29 Apr 2021 06:48:54 -0400
-
samba (2:4.13.3+dfsg-1ubuntu2) hirsute; urgency=medium
* No change rebuild to pick up liburing, and also
fix d/t/cifs-share-access-uring. (LP: #1914145)
-- Mauricio Faria de Oliveira <email address hidden> Wed, 03 Feb 2021 09:14:25 -0300