-
samba (2:4.17.7+dfsg-1ubuntu2.3) lunar-security; urgency=medium
* SECURITY UPDATE: SMB clients can truncate files with read-only
permissions
- debian/patches/CVE-2023-4091-*.patch
- CVE-2023-4091
* SECURITY UPDATE: Samba AD DC password exposure to privileged users and
RODCs
- debian/patches/CVE-2023-4154-*.patch
- CVE-2023-4154
* SECURITY UPDATE: rpcecho development server allows Denial of Service
via sleep() call on AD DC
- debian/patches/CVE-2023-42669-*.patch
- CVE-2023-42669
* SECURITY UPDATE: Samba AD DC Busy RPC multiple listener DoS
- debian/patches/CVE-2023-42670-*.patch
- CVE-2023-42670
-- Marc Deslauriers <email address hidden> Wed, 04 Oct 2023 08:18:32 -0400
-
samba (2:4.17.7+dfsg-1ubuntu2.2) lunar; urgency=medium
* d/p/issue-when-updating-old-passwd-containing-regex-metachars.patch:
Add changes to fix uncaught exception when updating old password
containing regex metacharacters by simplifying samba-tool password
redaction (LP: #2002949).
samba (2:4.17.7+dfsg-1ubuntu2.1) lunar; urgency=medium
* d/control: adjust breaks/replaces for file move that Debian did in
4.16.6+dfsg-5, and Ubuntu only did in 4.17.7+dfsg-1ubuntu1, to avoid
file conflict in a dist-upgrade from earlier Ubuntu releases, like
Kinetic (LP: #2024663)
-- Michal Maloszewski <email address hidden> Sun, 20 Aug 2023 13:57:29 +0200
-
samba (2:4.17.7+dfsg-1ubuntu2.1) lunar; urgency=medium
* d/control: adjust breaks/replaces for file move that Debian did in
4.16.6+dfsg-5, and Ubuntu only did in 4.17.7+dfsg-1ubuntu1, to avoid
file conflict in a dist-upgrade from earlier Ubuntu releases, like
Kinetic (LP: #2024663)
-- Andreas Hasenack <email address hidden> Tue, 01 Aug 2023 18:30:42 -0300
-
samba (2:4.17.7+dfsg-1ubuntu2) lunar; urgency=medium
* d/p/secure-channel-faulty-kb5028166.patch: fix domain membership
after Windows KB5028166 update (LP: #2027716)
-- Andreas Hasenack <email address hidden> Thu, 20 Jul 2023 10:26:31 -0300
-
samba (2:4.17.7+dfsg-1ubuntu1.1) lunar-security; urgency=medium
* SECURITY UPDATE: Out-Of-Bounds read in winbind AUTH_CRAP
- debian/patches/CVE-2022-2127-*.patch
- CVE-2022-2127
* SECURITY UPDATE: SMB2 packet signing not enforced
- debian/patches/CVE-2023-3347-*.patch
- CVE-2023-3347
* SECURITY UPDATE: Spotlight mdssvc RPC Request Infinite Loop DoS
- debian/patches/CVE-2023-34966-*.patch
- CVE-2023-34966
* SECURITY UPDATE: Spotlight mdssvc RPC Request Type Confusion DoS
- debian/patches/CVE-2023-34967-*.patch
- CVE-2023-34967
* SECURITY UPDATE: Spotlight server-side Share Path Disclosure
- debian/patches/CVE-2023-34968-*.patch
- CVE-2023-34968
-- Marc Deslauriers <email address hidden> Tue, 11 Jul 2023 07:54:30 -0400
-
samba (2:4.17.7+dfsg-1ubuntu1) lunar; urgency=medium
* Merge with Debian unstable (LP: #2014052). Remaining changes:
- debian/control: Ubuntu i386 binary compatibility:
+ drop ceph support
+ enable the liburing vfs module, except on i386 where liburing is
not available
+ build-depend on libglusterfs-dev only on !i386 arches
- d/t/control, d/t/util,d/t/samba-ad-dc-provisioning-internal-dns:
samba AD DC provisioning and domain join tests with internal DNS
(LP #1977746, LP #2011745)
-- Andreas Hasenack <email address hidden> Fri, 31 Mar 2023 15:26:11 -0300
-
samba (2:4.17.5+dfsg-2ubuntu3) lunar; urgency=medium
* Add domain join tests (LP: #2011745):
- d/t/control: update dependencies for samba AD provisioning test,
which now also includes a member server join test
- d/t/util, d/t/samba-ad-dc-*: add member server join tests
-- Andreas Hasenack <email address hidden> Wed, 15 Mar 2023 20:49:56 -0300
-
samba (2:4.17.5+dfsg-2ubuntu2) lunar; urgency=medium
* d/t/samba-ad-dc-provisioning-internal-dns: test improvements
(LP: #2009485):
- increase kinit timeout, as it also does DNS lookups
- add a trap on exit to show logs in the case of some failure
-- Andreas Hasenack <email address hidden> Mon, 06 Mar 2023 11:49:34 -0300
-
samba (2:4.17.5+dfsg-2ubuntu1) lunar; urgency=medium
* Merge with Debian unstable (LP: #2002181). Remaining changes:
- debian/control: Ubuntu i386 binary compatibility:
+ drop ceph support
+ enable the liburing vfs module, except on i386 where liburing is
not available
+ build-depend on libglusterfs-dev only on !i386 arches
* Added:
- d/t/control, d/t/samba-ad-dc-provisioning-internal-dns: samba AD
DC provisioning test with internal DNS (LP: #1977746)
-- Andreas Hasenack <email address hidden> Sun, 05 Feb 2023 13:47:57 -0300
-
samba (2:4.17.3+dfsg-3ubuntu3) lunar; urgency=medium
* Rebuild against latest icu
-- Jeremy Bicha <email address hidden> Mon, 06 Feb 2023 07:57:36 -0500
-
samba (2:4.17.3+dfsg-3ubuntu2) lunar; urgency=medium
* No-change rebuild with Python 3.11 as default
-- Graham Inggs <email address hidden> Mon, 26 Dec 2022 18:01:11 +0000
-
samba (2:4.17.3+dfsg-3ubuntu1) lunar; urgency=medium
* Merge with Debian unstable (LP: #1993380). Remaining changes:
- debian/control: Ubuntu i386 binary compatibility:
+ drop ceph support
- d/control: enable the liburing vfs module, except on i386 where
liburing is not available
- d/control: build-depend on libglusterfs-dev only on !i386 arches
* Dropped:
- debian/smb.conf;
+ Add "(Samba, Ubuntu)" to server string.
[In 2:4.16.6+dfsg-1]
+ Comment out the default [homes] share, and add a comment about
"valid users = %s" to show users how to restrict access to
\\server\username to only username.
[In 2:4.16.6+dfsg-1]
- d/t/{cifs-share-access-uring,smbclient-share-access-uring}:
Skip running the tests if on i386 platform, because the uring
package is not available there.
[In 2:4.16.6+dfsg-1, improved]
- d/t/util: fix setting the password of the smb test user
(LP #1955851)
[In 2:4.16.5+dfsg-2]
- d/p/VERSION.patch: Update vendor string to "Ubuntu".
[Implemented dynamically in d/rules in 2:4.16.6+dfsg-6]
- d/rules: in Ubuntu, glusterfs is not built for i386, so don't
enable the samba glusterfs vfs mofule in that case
[In 2:4.16.6+dfsg-1]
-- Andreas Hasenack <email address hidden> Tue, 13 Dec 2022 18:36:23 -0300
-
samba (2:4.16.4+dfsg-2ubuntu2) lunar; urgency=medium
* No-change rebuild against libldap-2
-- Steve Langasek <email address hidden> Thu, 15 Dec 2022 19:55:02 +0000
-
samba (2:4.16.4+dfsg-2ubuntu1) kinetic; urgency=medium
* Merge with Debian unstable. Remaining changes:
- d/p/VERSION.patch: Update vendor string to "Ubuntu".
- debian/smb.conf;
+ Add "(Samba, Ubuntu)" to server string.
+ Comment out the default [homes] share, and add a comment about
"valid users = %s" to show users how to restrict access to
\\server\username to only username.
- debian/control: Ubuntu i386 binary compatibility:
+ drop ceph support
- d/control: enable the liburing vfs module, except on i386 where
liburing is not available
- d/t/{cifs-share-access-uring,smbclient-share-access-uring}:
Skip running the tests if on i386 platform, because the uring
package is not available there.
- d/t/util: fix setting the password of the smb test user
(LP #1955851)
- d/rules: in Ubuntu, glusterfs is not built for i386, so don't
enable the samba glusterfs vfs mofule in that case
- d/control: build-depend on libglusterfs-dev only on !i386 arches
-- Andreas Hasenack <email address hidden> Tue, 02 Aug 2022 09:30:05 -0300