samba 2:3.4.2-1ubuntu1 source package in Ubuntu

Changelog

samba (2:3.4.2-1ubuntu1) lucid; urgency=low

  * Merge from debian unstable, remaining changes:
    + debian/patches/VERSION.patch:
      - set SAMBA_VERSION_SUFFIX to Ubuntu
    + debian/smb.conf:
      - Add "(Samaba, Ubuntu)" to server string.
      - Comment out the default [homes] share, and add a comment about "valid users = %s" to show users
        how to restrict access to \\server\username to only username.
      - Set 'usershare allow guests', so that usershare admins are
        allowed to create public shares in addition to authenticated ones.
      - add map to guest = Bad user, maps bad username to guest access.
    + debian/samba-common.config:
      - Do not change priority to high if dhclient3 is installed.
      - Use priority medium instead of high for the workgroup question.
    + debian/mksambapasswd.awk:
      - Do not add user with UID less than 1000 to smbpasswd.
    + debian/control:
      - Make libwbclient0 replace/conflict with hardy's likewise-open.
      - Don't build against ctdb.
      - Build-depend on libreadline-dev instead of libreadline5-dev.
    + debian/rules:
      - enable "native" PIE hardening.
    + Add ufw integration:
      - Created debian/samba.ufw.profile
      - debian/rules, debian/samba.dirs, debian/samba.files: install
    + debian/patches/fix-smbclient-long-names.patch: Samba shares with more than 12 characters are not
      displayed. (LP: #449735)
    + Dropped:
      - debian/patches/536757.patch: Already upstream
      - debian/patches/net-usershare-list-3.4.0.patch: Already upstream
      - debian/patches/fix-crash-when-loading-interfaces.patch: Already upstream
      - debian/patches/fix-upstream-6680.patch: Already upstream
      - debian/patches/security-CVE-2009-2813.patch: Already upstream
      - debian/patches/security-CVE-2009-2948.patch: Already upstream
      - debian/patches/security-CVE-2009-2906.patch: Already upstream

samba (2:3.4.2-1) unstable; urgency=high

  * New upstream release. Security update.
  * CVE-2009-2813:
    Connecting to the home share of a user will use the root of the
    filesystem as the home directory if this user is misconfigured to
    have an empty home directory in /etc/passwd.
  * CVE-2009-2948:
    If mount.cifs is installed as a setuid program, a user can pass it
    a credential or password path to which he or she does not have
    access and then use the --verbose option to view the first line of
    that file.
  * CVE-2009-2906:
    Specially crafted SMB requests on authenticated SMB connections
    can send smbd into a 100% CPU loop, causing a DoS on the Samba
    server.

samba (2:3.4.1-2) unstable; urgency=low

  * ./configure --disable-avahi, to avoid accidentally picking up an avahi
    dependency when libavahi-common-dev is installed.

samba (2:3.4.1-1) unstable; urgency=low

  [ Christian Perrier ]
  * New upstream release. This fixes the following bugs:
    - smbd SIGSEGV when breaking oplocks. Thanks to Petr Vandrovec
      for the clever analysis and collaboration with upstream.
      Closes: #541171
    - Fix password change propagation with ldapsam. Closes: #505215
    - Source package contains non-free IETF RFC/I-D. Closes: #538034
  * Turn the build dependency on libreadline5-dev to libreadline-dev
    to make further binNMUs easier when libreadline soname changes
    Thanks to Matthias Klose for the suggestion

  [ Steve Langasek ]
  * Don't build talloctort when using --enable-external-talloc; and don't
    try to include talloctort in the samba-tools package, since we're
    building with --enable-external-talloc. :)  Closes: #546828.

samba (2:3.4.0-5) unstable; urgency=low

  * Move /etc/pam.d/samba back to samba-common, because it's shared with
    samba4.  Closes: #545764.

samba (2:3.4.0-4) unstable; urgency=low

  [ Steve Langasek ]
  * debian/samba.pamd: include common-session-noninteractive instead of
    common-session, to avoid pulling in modules specific to interactive
    logins such as pam_ck_connector.
  * debian/control: samba depends on libpam-runtime (>= 1.0.1-11) for the
    above.
  * rename debian/samba.pamd to debian/samba.pam and call dh_installpam
    from debian/rules install, bringing us a smidge closer to a stock
    debhelper build
  * don't call pyversions from debian/rules, this throws a useless error
    message during build.
  * fix up the list of files that need to be removed by hand in the clean
    target; the majority of these are now correctly handled upstream.
  * debian/rules: fix the update-arch target for the case of unversioned
    build-deps.
  * Pull avr32 into the list of supported Linux archs.  Closes: #543543.
  * Fix LSB header in winbind.init; thanks to Petter Reinholdtsen for the
    patch. Closes: #541367.

  [ Christian Perrier ]
  * Use DEP-3 for patches meta-information

  [ Steve Langasek ]
  * Change swat update-inetd call to use --remove only on purge,
    and --disable on removal.
  * Add missing build-dependency on pkg-config, needed to fix libtalloc
    detection
  * debian/patches/external-talloc-support.patch: fix the Makefile so it
    works when using external talloc instead of giving a missing-depend
    error.
  * debian/patches/autoconf.patch: resurrect this patch, needed for the
    above.
  * debian/rules: build with --without-libtalloc
    --enable-external-libtalloc, also needed to fix the build failure.

 -- Chuck Short <email address hidden>   Wed, 21 Oct 2009 22:14:57 +0100