Change log for samba package in Debian
| 1 → 75 of 379 results | First • Previous • Next • Last |
| Published in sid-release |
samba (2:4.19.6+dfsg-1) unstable; urgency=medium
* new upstream stable/bugfix release:
- https://bugzilla.samba.org/show_bug.cgi?id=15527 fd_handle_destructor()
panics within an smbd_smb2_close() if vfs_stat_fsp() fails in fd_close()
- https://bugzilla.samba.org/show_bug.cgi?id=15580
Packet marshalling push support missing for
CTDB_CONTROL_TCP_CLIENT_DISCONNECTED and CTDB_CONTROL_TCP_CLIENT_PASSED
- https://bugzilla.samba.org/show_bug.cgi?id=15588
samba-gpupdate: Correctly implement site support
- https://bugzilla.samba.org/show_bug.cgi?id=15599
libgpo: Segfault in python bindings
* revert d/rules: remove Debian/Ubuntu "branding"
-- Michael Tokarev <email address hidden> Mon, 08 Apr 2024 11:18:38 +0300
| Superseded in sid-release |
samba (2:4.19.5+dfsg-5) unstable; urgency=medium
* implement pkg.samba.before-trixie build profile
(undo t64 changhes and drop build-dep)
* d/rules: remove Debian/Ubuntu "branding", no need in that
* d/control: samba-dsdb-modules: drop hardcoded dependency on libgpgme11
(Closes: #1068526)
-- Michael Tokarev <email address hidden> Sun, 07 Apr 2024 16:04:30 +0300
| Published in experimental-release |
samba (2:4.20.0+dfsg-1~exp2) experimental; urgency=medium
* implement pkg.samba.before-trixie build profile
(undo t64 changhes and drop build-dep)
* d/rules: remove Debian/Ubuntu "branding", no need in that
* d/control: samba-dsdb-modules: drop hardcoded dependency on libgpgme11
(Closes: #1068526)
-- Michael Tokarev <email address hidden> Sun, 07 Apr 2024 16:04:30 +0300
| Superseded in experimental-release |
samba (2:4.20.0+dfsg-1~exp1) experimental; urgency=medium
* new upstream release (4.20.0)
* d/control: bump tevent/talloc/tdb versions for Build-Depends
* d/libldb2.symbols, d/python3-ldb.symbols.in: add new version (2.9.0)
* d/patches/meaningful-error-if-no-python3-markdown.patch: fixup
* d/*.install: internal library names changed:
libfoo-samba4.so.0 => libfoo-private-samba.so.0
* d/samba-libs.install: update names for libdcerpc & libndr private libs
* d/samba-libs.install, d/samba-libs.links, d/samba-libs.symbols:
libndr has soversion 4 now. This breaks binaries linked with libndr!
* d/samba-libs.symbols: update with new ndr4 symbols
* d/libsmbclient.symbols: update with new symbols
* d/samba-dev.install: add smb3posix.h
* d/not-installed: add usr/bin/wspsearch experimental windows search binary
* d/control: libperl-json is not needed for build anymore
* d/control: bump minimum mit-krb5 version in Build-Depends to 1.21
(for pkg.samba.mitkrb5 build profile)
* rebase on top of 4.19.5+dfsg-4
-- Michael Tokarev <email address hidden> Thu, 28 Mar 2024 10:51:16 +0300
| Superseded in sid-release |
samba (2:4.19.5+dfsg-4) unstable; urgency=medium
* stop shipping python3/dist-packages/samba/tests
(Closes: #1064512, #1063149)
* add Debian-Specific tag to debian-specific patches
* d/genshlibs: run dh_makeshlibs on libsmbclient0
(Closes: #1065349)
-- Michael Tokarev <email address hidden> Sun, 03 Mar 2024 15:37:16 +0300
| Superseded in sid-release |
samba (2:4.19.5+dfsg-3) unstable; urgency=medium
* d/control: add versioned depends on dpkg-dev to avoid accidental
build of time64_t packages on older systems
* +lower-dns-lookup-mismatch-messages.patch (reduce log noise)
* d/control: add libtirpc-dev and rpcsvc-proto to Build-Depends-Arch
(Closes: #1065188)
-- Michael Tokarev <email address hidden> Fri, 01 Mar 2024 19:18:35 +0300
| Superseded in sid-release |
samba (2:4.19.5+dfsg-2) unstable; urgency=medium
* rename libsmbclient => libsmbclient0 for 64-bit time_t transition
Closes: #1064337
* d/libsmbclient.lintian-overrides: remove, soname now = package name
* add Breaks: of sssd packages to samba-libs
* +passchange-error-message.patch - fix password change error message
* +edns0.patch: enable EDNS0 support in internal UDP-only DNS client
https://bugzilla.samba.org/show_bug.cgi?id=15536
-- Michael Tokarev <email address hidden> Wed, 28 Feb 2024 19:38:48 +0300
| Superseded in experimental-release |
samba (2:4.20.0~rc2+dfsg-3) experimental; urgency=medium
* rename libsmbclient => libsmbclient0 for 64-bit time_t transition
* d/libsmbclient.lintian-overrides: remove, soname now = package name
* add Breaks: of sssd packages to samba-libs: 4.20 changed libndr
soname, and we now added proper sonames for it
-- Michael Tokarev <email address hidden> Wed, 21 Feb 2024 12:28:36 +0300
| Published in sid-release |
samba (2:4.19.5+dfsg-1) unstable; urgency=medium
* new upstream stable/bugfix release (4.19.5)
* reformat previous changelog entry to fit in 80cols
* d/winbind.postrm: stop recursively removing plain files
* d/winbind.postrm: winbindd_cache.tdb is in /var/lib now,
not in /var/cache
* d/control: RulesRequiresRoot:no
* d/*.symbols: use #PACKAGE# placeholders where appropriate
(or add comments where it is not)
* +silence-can-not-convert-group-sid.diff -
make another log message less annoying
* -python-fix-invalid-escape-sequences.patch (applied upstream)
* d/control: replace pkg-config=>pkgconf in Build-Depends, remove
pkg-config from Depends of libldb-dev and python3-ldb-dev
* d/samba-libs.symbols, d/control: make libsmbldapN a virtual package
provided by samba-libs too, like libndrN
-- Michael Tokarev <email address hidden> Mon, 19 Feb 2024 15:21:14 +0300
| Published in experimental-release |
samba (2:4.20.0~rc2+dfsg-2) experimental; urgency=medium
* new upstream release candidate (4.20.0-rc2)
Note: this is just release candidate, not a release yet!
* d/control: bump tevent/talloc/tdb versions for Build-Depends
* d/libldb2.symbols, d/python3-ldb.symbols.in: add new version (2.9.0)
* d/patches/meaningful-error-if-no-python3-markdown.patch: fixup
* d/*.install: internal library names changed:
libfoo-samba4.so.0 => libfoo-private-samba.so.0
* d/samba-libs.install: update names for libdcerpc & libndr private libs
* d/samba-libs.install, d/samba-libs.links, d/samba-libs.symbols:
libndr has soversion 4 now. This breaks binaries linked with libndr!
* d/samba-libs.symbols: update with new ndr4 symbols
* d/libsmbclient.symbols: update with new symbols
* d/samba-dev.install: add smb3posix.h
* d/not-installed: add usr/bin/wspsearch experimental windows search binary
* d/control: libperl-json is not needed for build anymore
* d/control: bump minimum mit-krb5 version in Build-Depends to 1.21
(for pkg.samba.mitkrb5 build profile)
* rebase on top of 4.19.5+dfsg-1
-- Michael Tokarev <email address hidden> Mon, 19 Feb 2024 15:33:31 +0300
| Superseded in experimental-release |
samba (2:4.20.0~rc2+dfsg-1) experimental; urgency=medium
* new upstream release candidate (4.20.0-rc2)
Note: this is just release candidate, not a release yet!
* omit (for now) wspsearch.1
-- Michael Tokarev <email address hidden> Thu, 15 Feb 2024 23:05:46 +0300
| Superseded in sid-release |
samba (2:4.19.4+dfsg-3) unstable; urgency=medium
* samba,winbind: remove logrotate scripts
samba does its own log rotation (max log size (=5000 by default) and renaming
to .old). The two clashes with each other in an interesting way.
* d/samba-libs.symbols, d/control: make libndrN a virtual package to ensure rdeps
pick the right dependency
-- Michael Tokarev <email address hidden> Tue, 30 Jan 2024 12:12:42 +0300
| Superseded in experimental-release |
samba (2:4.20.0~rc1+dfsg-1) experimental; urgency=medium
* new upstream release candidate (4.20.0-rc1)
Note: this is just release candidate, not a release yet!
* d/control: bump tevent/talloc/tdb versions for Build-Depends
* d/libldb2.symbols, d/python3-ldb.symbols.in: add new version (2.9.0)
* d/patches/meaningful-error-if-no-python3-markdown.patch: fixup
* d/patches/python-fix-invalid-escape-sequences.patch: remove,
applied upstream
* d/*.install: internal library names changed,
libfoo-samba4.so.0 => libfoo-private-samba.so.0
* d/samba-libs.install: update names for libdcerpc & libndr private libraries
* d/samba-libs.install, d/samba-libs.links, d/samba-libs.symbols:
libndr has soversion 4 now. This breaks binaries linked with libndr!
* d/samba-libs.symbols: update with new ndr4 symbols
* d/libsmbclient.symbols: update with new symbols
* d/samba-dev.install: add smb3posix.h
* d/not-installed: add usr/bin/wspsearch experimental windows search binary
* d/control: libperl-json is not needed for build anymore
* d/control: bump minimum mit-krb5 version in Build-Depends to 1.21
(for pkg.samba.mitkrb5 build profile)
-- Michael Tokarev <email address hidden> Mon, 29 Jan 2024 21:43:00 +0300
| Superseded in sid-release |
samba (2:4.19.4+dfsg-2) unstable; urgency=medium * d/samba.smbd.service, d/samba.nmbd.service: expand forgotten @BINDIR@ -- Michael Tokarev <email address hidden> Mon, 08 Jan 2024 20:44:51 +0300
| Superseded in sid-release |
samba (2:4.19.3+dfsg-2) unstable; urgency=medium * d/rules: simplify LDFLAGS assignment * d/rules: add -mlong-jump-table-offsets to CFLAGS on m68k (fix FTBFS there) * d/rules: CFLAGS += -ffile-prefix-map=../../= * d/control: fix versioned dependency on samba for samba-ad-dc * +python-fix-invalid-escape-sequences.patch from upstream (Closes: #1057668) -- Michael Tokarev <email address hidden> Mon, 11 Dec 2023 13:19:18 +0300
| Published in bookworm-release |
samba (2:4.17.12+dfsg-0+deb12u1) bookworm-security; urgency=medium
* new stable security bugfix release:
o CVE-2023-3961: https://www.samba.org/samba/security/CVE-2023-3961.html
Unsanitized pipe names allow SMB clients to connect as root
to existing unix domain sockets on the file system.
o CVE-2023-4091: https://www.samba.org/samba/security/CVE-2023-4091.html
SMB client can truncate files to 0 bytes by opening files with OVERWRITE
disposition when using the acl_xattr Samba VFS module with the smb.conf
setting "acl_xattr:ignore system acls = yes"
o CVE-2023-4154: https://www.samba.org/samba/security/CVE-2023-4154.html
An RODC and a user with the GET_CHANGES right can view all attributes,
including secrets and passwords. Additionally, the access check fails
open on error conditions.
o CVE-2023-42669: https://www.samba.org/samba/security/CVE-2023-42669.html
Calls to the rpcecho server on the AD DC can request that the server
block for a user-defined amount of time, denying service.
o CVE-2023-42670: https://www.samba.org/samba/security/CVE-2023-42670.html
Samba can be made to start multiple incompatible RPC listeners,
disrupting service on the AD DC.
-- Michael Tokarev <email address hidden> Tue, 10 Oct 2023 18:17:19 +0300
| Superseded in sid-release |
samba (2:4.19.3+dfsg-1) unstable; urgency=medium
* new upstream stable/bugfix release:
- https://bugzilla.samba.org/show_bug.cgi?id=13595
CVE-2018-14628 [SECURITY] Deleted Object tombstones visible in AD LDAP
to normal users (Closes: #1034803). Please see WHATSNEW.txt file for
more information about this issue: actual fix requires extra steps to
be performed against samba-based AD-DC
- https://bugzilla.samba.org/show_bug.cgi?id=15093
Files without "read attributes" NFS4 ACL permission are not listed
in directories
- https://bugzilla.samba.org/show_bug.cgi?id=15487
smbd crashes if asked to return full information on close of
a stream handle with delete on close disposition set
- https://bugzilla.samba.org/show_bug.cgi?id=15492
Kerberos TGS-REQ with User2User does not work for normal accounts
- https://bugzilla.samba.org/show_bug.cgi?id=15499
Improve logging for failover scenarios
- https://bugzilla.samba.org/show_bug.cgi?id=15507
vfs_gpfs stat calls fail due to file system permissions
- https://bugzilla.samba.org/show_bug.cgi?id=15513
Samba doesn't build with Python 3.12
- https://bugzilla.samba.org/show_bug.cgi?id=15520
sid_strings test broken by unix epoch > 1700000000
- https://bugzilla.samba.org/show_bug.cgi?id=15521
smbd: fix close order of base_fsp and stream_fsp
in smb_fname_fsp_destructor()
* d/samba-common.maintscript: fix version number for dhcp hook removal
(Closes: #1053780)
-- Michael Tokarev <email address hidden> Mon, 27 Nov 2023 22:22:54 +0300
| Superseded in sid-release |
samba (2:4.19.2+dfsg-1) unstable; urgency=medium
* new upstream stable/bugfix release:
- https://bugzilla.samba.org/show_bug.cgi?id=15423
Use-after-free in aio_del_req_from_fsp during smbd shutdown
after failed IPC FSCTL_PIPE_TRANSCEIVE
- https://bugzilla.samba.org/show_bug.cgi?id=15426
clidfs.c do_connect() missing a "return" after a cli_shutdown() call
- https://bugzilla.samba.org/show_bug.cgi?id=15463
macOS mdfind returns only 50 results
- https://bugzilla.samba.org/show_bug.cgi?id=15481
GETREALFILENAME_CACHE can modify incoming new filename
with previous cache entry value
- https://bugzilla.samba.org/show_bug.cgi?id=15464
libnss_winbind causes memory corruption since samba-4.18,
impacts sendmail, zabbix, potentially more
- https://bugzilla.samba.org/show_bug.cgi?id=15479
ctdbd: setproctitle not initialized messages flooding logs
- https://bugzilla.samba.org/show_bug.cgi?id=15491
CVE-2023-5568 Heap buffer overflow with freshness tokens
in the Heimdal KDC in Samba 4.19
- https://bugzilla.samba.org/show_bug.cgi?id=15477
The heimdal KDC doesn't detect s4u2self correctly when fast is in use
* d/samba-common.maintscript: remove obsolete conffile
/etc/dhcp/dhclient-enter-hooks.d/samba conffile (Closes: #1053780)
-- Michael Tokarev <email address hidden> Mon, 16 Oct 2023 18:26:31 +0300
| Superseded in sid-release |
samba (2:4.19.1+dfsg-4) unstable; urgency=medium * d/samba-common.postinst: restore installing of smb.conf using ucf -- Michael Tokarev <email address hidden> Tue, 10 Oct 2023 22:33:32 +0300
| Superseded in sid-release |
samba (2:4.19.1+dfsg-3) unstable; urgency=medium * d/ctdb.install: sync ceph arch list * d/control: mention other places where ceph arch list is used -- Michael Tokarev <email address hidden> Tue, 10 Oct 2023 20:12:20 +0300
| Superseded in bookworm-release |
samba (2:4.17.11+dfsg-0+deb12u1) bookworm; urgency=medium
* new upstream stable/bugfix release 4.17.11, including:
o https://bugzilla.samba.org/show_bug.cgi?id=9959
Windows client join fails if a second container CN=System exists somewhere
o https://bugzilla.samba.org/show_bug.cgi?id=15342
Spotlight sometimes returns no results on latest macOS
o https://bugzilla.samba.org/show_bug.cgi?id=15346
2-3min delays at reconnect with smb2_validate_sequence_number:
bad message_id 2
o https://bugzilla.samba.org/show_bug.cgi?id=15384
net ads lookup (with unspecified realm) fails
o https://bugzilla.samba.org/show_bug.cgi?id=15401
Improve GetNChanges to address some (but not all "Azure AD Connect")
syncronisation tool looping during the initial user sync phase
o https://bugzilla.samba.org/show_bug.cgi?id=15407
Samba replication logs show (null) DN
o https://bugzilla.samba.org/show_bug.cgi?id=15417
Renaming results in NT_STATUS_SHARING_VIOLATION
if previously attempted to remove the destination
o https://bugzilla.samba.org/show_bug.cgi?id=15419
Weird filename can cause assert to fail in openat_pathref_fsp_nosymlink()
o https://bugzilla.samba.org/show_bug.cgi?id=15420
reply_sesssetup_and_X() can dereference uninitialized tmp pointer
o https://bugzilla.samba.org/show_bug.cgi?id=15427
Spotlight results return wrong date in result list
o https://bugzilla.samba.org/show_bug.cgi?id=15430
Missing return in reply_exit_done()
o https://bugzilla.samba.org/show_bug.cgi?id=15432
TREE_CONNECT without SETUP causes smbd to use uninitialized pointer
o https://bugzilla.samba.org/show_bug.cgi?id=15435
Regression DFS not working with widelinks = true
o https://bugzilla.samba.org/show_bug.cgi?id=15441
samba-tool ntacl get segfault if aio_pthread appended
o https://bugzilla.samba.org/show_bug.cgi?id=15446
DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED can't be parsed
o https://bugzilla.samba.org/show_bug.cgi?id=15449
mdssvc: Do an early talloc_free() in _mdssvc_open()
o https://bugzilla.samba.org/show_bug.cgi?id=15451
ctdb_killtcp fails to work with --enable-pcap and libpcap ≥ 1.9.1
o https://bugzilla.samba.org/show_bug.cgi?id=15453
File doesn't show when user doesn't have permission
if aio_pthread is loaded
o https://bugzilla.samba.org/show_bug.cgi?id=15463
macOS mdfind returns only 50 results
* d/control: indicate the git branch in Vcs-Git URL (-b bookworm)
* d/control: fix description of samba-common-bin (samba-client)
* d/salsa-ci.yml: set RELEASE to bookworm
-- Michael Tokarev <email address hidden> Tue, 12 Sep 2023 15:55:41 +0300
| Superseded in sid-release |
samba (2:4.19.0+dfsg-1) unstable; urgency=medium
* new upstream release. Some highlights:
o changed command-line interface of smbget utility
o improved winbindd logging
o AD database prepared to FL 2016 standards for new domains
o initial, partial implementation of AD FL 2012, 2012R2 and 2016
o samba-tool support for silos, claims, sites and subnets
o updated Heimdal import
o other improvements and changes, see WHATSNEW.txt file for details.
* d/patches: remove patches applied upstream, refresh patches
* d/control: update talloc/tevent/tdb build-deps
* d/smbclient.install: remove smbgetrc.5
* d/patches: add ldb 2.7.1 & 2.7.2 ABI files
* d/libldb2.symbols: add new symbols (ldb_val_as_*) and new version (2.8.0)
* d/python3-ldb.symbols: remove unused versions, add new version
* d/control: fix description of samba-common-bin (samba-client)
* d/samba-common-bin.install: install samba-log-parser (for winbindd for now)
* d/samba-libs.install: 2 new libs
* d/samba-libs.install, d/samba-testsuite.install: move libshares-samba4.so.0
from samba-libs to samba-testsuite
* d/samba-libs.install, d/samba-vfs-modules.install: move
libdfs-server-ad-samba4.so.0 from samba-libs to samba-vfs-modules
* d/samba-libs.install, d/samba-common-bin.install: move
libnet-keytab-samba4.so.0 from samba-libs to samba-common-bin (used by net)
* d/samba-libs.install, d/samba-common-bin.install: move
libRPC-WORKER-samba4.so.0 from samba-libs to samba-common-bin
(used by usr/libexec/samba/rpcd_*)
* samba-libs: add libndr 3.0.1 symbols
* d/source/lintian-overrides: remove unused source-is-missing override
* d/samba-vfs-modules.lintian-overrides: remove unused
spelling-error-in-binary override
-- Michael Tokarev <email address hidden> Mon, 04 Sep 2023 22:57:48 +0300
| Deleted in experimental-release (Reason: None provided.) |
samba (2:4.19.0~rc4+dfsg-2) experimental; urgency=medium * samba-libs: add libndr 3.0.1 symbols -- Michael Tokarev <email address hidden> Mon, 28 Aug 2023 19:40:39 +0300
| Superseded in sid-release |
samba (2:4.18.6+dfsg-1) unstable; urgency=medium
* new upstream stable/bugfix release:
- https://bugzilla.samba.org/show_bug.cgi?id=9959
Windows client join fails if a second container CN=System exists somewhere
- https://bugzilla.samba.org/show_bug.cgi?id=15289
post-exec password redaction for samba-tool is more reliable for
fully random passwords as it no longer uses regular expressions
containing the password value itself
- https://bugzilla.samba.org/show_bug.cgi?id=15342
Spotlight sometimes returns no results on latest macOS
- https://bugzilla.samba.org/show_bug.cgi?id=15346
2-3min delays at reconnect with smb2_validate_sequence_number:
bad message_id 2
- https://bugzilla.samba.org/show_bug.cgi?id=15390
Python tarfile extraction needs change to avoid a warning
(CVE-2007-4559 mitigation)
- https://bugzilla.samba.org/show_bug.cgi?id=15400
rpcserver no longer accepts double backslash in dfs pathname
- https://bugzilla.samba.org/show_bug.cgi?id=15414
"net offlinejoin provision" does not work as non-root user
- https://bugzilla.samba.org/show_bug.cgi?id=15417
Renaming results in NT_STATUS_SHARING_VIOLATION if previously attempted
to remove the destination
- https://bugzilla.samba.org/show_bug.cgi?id=15420
reply_sesssetup_and_X() can dereference uninitialized tmp pointer
- https://bugzilla.samba.org/show_bug.cgi?id=15427
Spotlight results return wrong date in result list
- https://bugzilla.samba.org/show_bug.cgi?id=15430
Missing return in reply_exit_done()
- https://bugzilla.samba.org/show_bug.cgi?id=15433
cm_prepare_connection() calls close(fd) for the second time
- https://bugzilla.samba.org/show_bug.cgi?id=15435
Regression DFS not working with widelinks = true
- https://bugzilla.samba.org/show_bug.cgi?id=15441
samba-tool ntacl get segfault if aio_pthread appended
- https://bugzilla.samba.org/show_bug.cgi?id=15446
DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED can't be parsed
- https://bugzilla.samba.org/show_bug.cgi?id=15449
mdssvc: Do an early talloc_free() in _mdssvc_open()
-- Michael Tokarev <email address hidden> Wed, 16 Aug 2023 20:11:26 +0300
| Superseded in experimental-release |
samba (2:4.19.0~rc2+dfsg-1) experimental; urgency=medium
* new upstream release candidate
* d/patches: remove patches applied upstream, refresh patches
* d/control: update talloc/tevent/tdb build-deps
* d/smbclient.install: remove smbgetrc.5
* d/patches: add ldb 2.7.1 & 2.7.2 ABI files
* d/libldb2.symbols: add new symbols (ldb_val_as_*) and new version (2.8.0)
* d/python3-ldb.symbols: remove unused versions, add new version
* d/control: fix description of samba-common-bin (samba-client)
* d/samba-common-bin.install: install samba-log-parser (for winbindd for now)
* d/samba-libs.install: 2 new libs
* d/samba-libs.install, d/samba-testsuite.install: move libshares-samba4.so.0
from samba-libs to samba-testsuite
* d/samba-libs.install, d/samba-vfs-modules.install: move
libdfs-server-ad-samba4.so.0 from samba-libs to samba-vfs-modules
* d/samba-libs.install, d/samba-common-bin.install: move
libnet-keytab-samba4.so.0 from samba-libs to samba-common-bin (used by net)
* d/samba-libs.install, d/samba-common-bin.install: move
libRPC-WORKER-samba4.so.0 from samba-libs to samba-common-bin
(used by usr/libexec/samba/rpcd_*)
* d/source/lintian-overrides: remove unused source-is-missing override
* d/samba-vfs-modules.lintian-overrides: remove unused
spelling-error-in-binary override
-- Michael Tokarev <email address hidden> Tue, 08 Aug 2023 10:52:58 +0300
| Superseded in sid-release |
samba (2:4.18.5+dfsg-2) unstable; urgency=medium
* d/rules, d/control: only build glusterfs support on 64bits
(Closes: #1041996)
* d/rules: make ceph conditional similar to gluster
* d/rules: wrap _PYTHON_SYSCONFIGDATA_NAME setting to cross-compile case
On e.g. buster, _PYTHON_SYSCONFIGDATA_NAME is different, so this assignment
does not work right. In order for it to work on buster, add condition on
host vs build gnu type. This breaks compilation with foreign python binary.
* d/control: fix description of samba-common-bin (samba-client)
-- Michael Tokarev <email address hidden> Fri, 04 Aug 2023 17:29:06 +0300
| Superseded in experimental-release |
samba (2:4.19.0~rc1+dfsg-3) experimental; urgency=medium
* d/rules: wrap _PYTHON_SYSCONFIGDATA_NAME setting to cross-compile case
On e.g. buster, _PYTHON_SYSCONFIGDATA_NAME is different, so this assignment
does not work right. In order for it to work on buster, add condition on
host vs build gnu type. This breaks compilation with foreign python binary.
-- Michael Tokarev <email address hidden> Fri, 04 Aug 2023 14:30:04 +0300
| Superseded in bookworm-release |
samba (2:4.17.9+dfsg-0+deb12u3) bookworm; urgency=medium
* +fix-unsupported-netr_LogonGetCapabilities-l2.patch
Fix windows logon/trust issues with 2023-07 windows updates:
https://bugzilla.samba.org/show_bug.cgi?id=15418
-- Michael Tokarev <email address hidden> Fri, 14 Jul 2023 12:34:30 +0300
| Superseded in sid-release |
samba (2:4.18.5+dfsg-1) unstable; urgency=medium
* new upstream stable/security release 4.18.5, including:
o CVE-2022-2127: When winbind is used for NTLM authentication,
a maliciously crafted request can trigger an out-of-bounds read
in winbind and possibly crash it.
https://www.samba.org/samba/security/CVE-2022-2127.html
o CVE-2023-3347: SMB2 packet signing is not enforced if an admin
configured "server signing = required" or for SMB2 connections to
Domain Controllers where SMB2 packet signing is mandatory.
https://www.samba.org/samba/security/CVE-2023-3347.html
o CVE-2023-34966: An infinite loop bug in Samba's mdssvc RPC service
for Spotlight can be triggered by an unauthenticated attacker by
issuing a malformed RPC request.
https://www.samba.org/samba/security/CVE-2023-34966.html
o CVE-2023-34967: Missing type validation in Samba's mdssvc RPC service
for Spotlight can be used by an unauthenticated attacker to trigger
a process crash in a shared RPC mdssvc worker process.
https://www.samba.org/samba/security/CVE-2023-34967.html
o CVE-2023-34968: As part of the Spotlight protocol Samba discloses
the server-side absolute path of shares and files and directories
in search results.
https://www.samba.org/samba/security/CVE-2023-34968.html
o BUG 15418: Secure channel faulty since Windows 10/11 update 07/2023.
https://bugzilla.samba.org/show_bug.cgi?id=15418
(this has been patched in the previous upload; Closes: #1041043)
-- Michael Tokarev <email address hidden> Wed, 19 Jul 2023 17:55:58 +0300
| Superseded in sid-release |
samba (2:4.18.4+dfsg-2) unstable; urgency=medium
* +fix-unsupported-netr_LogonGetCapabilities-l2.patch
Fix windows logon/trust issues with 2023-07 windows updates:
https://bugzilla.samba.org/show_bug.cgi?id=15418
* d/copyright: also remove ctdb/doc/*.?.html pre-generated manpages
from the upstream tarball (forgotten previously)
* d/rules: add comment about -latomic gcc issue and drop --as-needed
there since it is already in use
-- Michael Tokarev <email address hidden> Fri, 14 Jul 2023 12:30:31 +0300
| Superseded in sid-release |
samba (2:4.18.4+dfsg-1) unstable; urgency=medium
* new upstream stable/bugfix release, including:
- https://bugzilla.samba.org/show_bug.cgi?id=2312
smbcacls and smbcquotas do not check // before the server
- https://bugzilla.samba.org/show_bug.cgi?id=14030
Named crashes on DLZ zone update (was in debian before)
- https://bugzilla.samba.org/show_bug.cgi?id=15355
NSS_WRAPPER_HOSTNAME doesn't match NSS_WRAPPER_HOSTS entry
and causes test timeouts
- https://bugzilla.samba.org/show_bug.cgi?id=15381
Register Samba processes with GPFS
- https://bugzilla.samba.org/show_bug.cgi?id=15382
cli_list loops 100% CPU against pre-lanman2 servers
- https://bugzilla.samba.org/show_bug.cgi?id=15383
Remove comments about deprecated 'write cache size'
- https://bugzilla.samba.org/show_bug.cgi?id=15384
net ads lookup (with unspecified realm) fails
- https://bugzilla.samba.org/show_bug.cgi?id=15390
Python tarfile extraction needs change to avoid a warning
(CVE-2007-4559 mitigation)
- https://bugzilla.samba.org/show_bug.cgi?id=15391
smbclient leaks fds with showacls
- https://bugzilla.samba.org/show_bug.cgi?id=15398
The winbind child segfaults when listing users with
`winbind scan trusted domains = yes`
- https://bugzilla.samba.org/show_bug.cgi?id=15402
smbd returns NOT_FOUND when creating files on a r/o filesystem
- https://bugzilla.samba.org/show_bug.cgi?id=15403
smbget memory leak if failed to download files recursively
- https://bugzilla.samba.org/show_bug.cgi?id=15404
Backport --pidl-developer fixes
* remove dnsserver-rename-dns_name_equal.patch (applied upstream)
-- Michael Tokarev <email address hidden> Wed, 05 Jul 2023 18:14:20 +0300
| Superseded in sid-release |
samba (2:4.18.3+dfsg-3) unstable; urgency=medium
* d/rules: query for DEB_HOST_ARCH, not DEB_HOST_ARCH_CPU,
for -latomic workaround
-- Michael Tokarev <email address hidden> Wed, 21 Jun 2023 23:11:59 +0300
| Superseded in sid-release |
samba (2:4.18.3+dfsg-2) unstable; urgency=medium
* d/rules: include -latomic gcc issue workaround for select arches
apparently due to a gcc issue, some architectures (armel, mipsel, ...)
fail to link samba due to not finidng __atomic_load_8 etc symbols
after using atomic_load etc from stdatomic.h (part of gcc).
Add -latomic explicitly to the list of libraries we link with.
* d/rules: add libwbclient0 to the list of krb5-versioned packages
(thanks to Andrew Kornilov)
-- Michael Tokarev <email address hidden> Tue, 20 Jun 2023 11:35:13 +0300
| Superseded in sid-release |
samba (2:4.18.3+dfsg-1) unstable; urgency=medium
* new upstream stable/bugfix release:
- https://bugzilla.samba.org/show_bug.cgi?id=15375
Symlinks to files can have random DOS mode information
in a directory listing
- https://bugzilla.samba.org/show_bug.cgi?id=15378
vfs_fruit might cause a failing open for delete
- https://bugzilla.samba.org/show_bug.cgi?id=15361
winbind recurses into itself via rpcd_lsad
- https://bugzilla.samba.org/show_bug.cgi?id=15366
wbinfo -u fails on ad dc with >1000 users
- https://bugzilla.samba.org/show_bug.cgi?id=15338
DS ACEs might be inherited to unrelated object classes
- https://bugzilla.samba.org/show_bug.cgi?id=15362
a lot of messages: get_static_share_mode_data:
get_static_share_mode_data_fn failed: NT_STATUS_NOT_FOUND
- https://bugzilla.samba.org/show_bug.cgi?id=15374
aes256 smb3 encryption algorithms are not allowed in smb3_sid_parse()
- https://bugzilla.samba.org/show_bug.cgi?id=15360
Setting veto files = /.*/ break listing directories
- https://bugzilla.samba.org/show_bug.cgi?id=15363
"samba-tool domain provision" does not run interactive mode
if no arguments are given
- https://bugzilla.samba.org/show_bug.cgi?id=15325
dsgetdcname: assumes local system uses IPv4
* dnsserver-rename-dns_name_equal.patch
(forgotten) patch from upstream targetting next stable
Fixes crashes of named with samba DLZ plugin due to
symbol name conflict (dns_name_equal() function).
There's no resulting code changes, just a symbol rename.
https://bugzilla.samba.org/show_bug.cgi?id=14030
Closes: #1036587, #927747
* remove generated manpage files upstream ships in
docs/manpages/ and ctdb/doc/
-- Michael Tokarev <email address hidden> Wed, 31 May 2023 20:09:05 +0300
samba (2:4.17.8+dfsg-2) unstable; urgency=medium
* dnsserver-rename-dns_name_equal.patch
(forgotten) patch from upstream targetting next stable
Fixes crashes of named with samba DLZ plugin due to
symbol name conflict (dns_name_equal() function).
There's no resulting code changes, just a symbol
rename.
https://bugzilla.samba.org/show_bug.cgi?id=14030
Closes: #1036587, #927747
-- Michael Tokarev <email address hidden> Wed, 24 May 2023 22:54:43 +0300
| Superseded in sid-release |
samba (2:4.17.8+dfsg-1) unstable; urgency=medium
* upstream stable/security/bugfix release, fixing the following issues:
* https://bugzilla.samba.org/show_bug.cgi?id=14810
CVE-2020-25720 Create Child permission should not allow
full write to all attributes (additional changes)
* https://bugzilla.samba.org/show_bug.cgi?id=15143
New filename parser doesn't check veto files smb.conf parameter
* https://bugzilla.samba.org/show_bug.cgi?id=15302
log flood: smbd_calculate_access_mask_fsp: Access denied: message
level should be lower (this was included in Debian package already)
* https://bugzilla.samba.org/show_bug.cgi?id=15306
Floating point exception (FPE) via cli_pull_send
at source3/libsmb/clireadwrite.c
* https://bugzilla.samba.org/show_bug.cgi?id=15313
Large directory optimization broken for non-lcomp path elements
* https://bugzilla.samba.org/show_bug.cgi?id=15317
winbindd idmap child contacts the domain controller without a need
* https://bugzilla.samba.org/show_bug.cgi?id=15318
idmap_autorid may fail to map sids of trusted domains for the
* https://bugzilla.samba.org/show_bug.cgi?id=15319
idmap_hash doesn't use ID_TYPE_BOTH for reverse mappings
* https://bugzilla.samba.org/show_bug.cgi?id=15323
net ads search -P doesn't work against servers in other domains
* https://bugzilla.samba.org/show_bug.cgi?id=15325
dsgetdcname: assumes local system uses IPv4
* https://bugzilla.samba.org/show_bug.cgi?id=15328
test_tstream_more_tcp_user_timeout_spin fails intermittently
on Rackspace GitLab runners
* https://bugzilla.samba.org/show_bug.cgi?id=15329
Reduce flapping of ridalloc test
* https://bugzilla.samba.org/show_bug.cgi?id=15329
Reduce flapping of ridalloc test
* https://bugzilla.samba.org/show_bug.cgi?id=15338
DS ACEs might be inherited to unrelated object classes
* https://bugzilla.samba.org/show_bug.cgi?id=15351
large_ldap test is unreliable
* https://bugzilla.samba.org/show_bug.cgi?id=15353
Temporary smbXsrv_tcon_global.tdb can't be parsed
* https://bugzilla.samba.org/show_bug.cgi?id=15354
mdssvc may crash when initializing
* https://bugzilla.samba.org/show_bug.cgi?id=15357
streams_depot fails to create streams
* https://bugzilla.samba.org/show_bug.cgi?id=15358
shadow_copy2 and streams_depot don't play well together
* https://bugzilla.samba.org/show_bug.cgi?id=15360
Setting veto files = /.*/ break listing directories
* https://bugzilla.samba.org/show_bug.cgi?id=15366
wbinfo -u fails on ad dc with >1000 users
* d/gbp.conf: switch debian-branch to "bookworm"
-- Michael Tokarev <email address hidden> Thu, 11 May 2023 10:52:40 +0300
| Deleted in experimental-release (Reason: None provided.) |
samba (2:4.18.2+dfsg-1) experimental; urgency=medium
* new upstream stable/bugfix release:
- https://bugzilla.samba.org/show_bug.cgi?id=15302
Log flood: smbd_calculate_access_mask_fsp: Access denied:
message level should be lower.
- https://bugzilla.samba.org/show_bug.cgi?id=15306
Floating point exception (FPE) via cli_pull_send
at source3/libsmb/clireadwrite.c.
- https://bugzilla.samba.org/show_bug.cgi?id=15328
test_tstream_more_tcp_user_timeout_spin fails intermittently
on Rackspace GitLab runners.
- https://bugzilla.samba.org/show_bug.cgi?id=15329
Reduce flapping of ridalloc test.
- https://bugzilla.samba.org/show_bug.cgi?id=15351
large_ldap test is unreliable.
- https://bugzilla.samba.org/show_bug.cgi?id=15143
New filename parser doesn't check veto files smb.conf parameter.
- https://bugzilla.samba.org/show_bug.cgi?id=15354
mdssvc may crash when initializing.
- https://bugzilla.samba.org/show_bug.cgi?id=15313
large directory optimization broken for non-lcomp path elements.
- https://bugzilla.samba.org/show_bug.cgi?id=15357
streams_depot fails to create streams.
- https://bugzilla.samba.org/show_bug.cgi?id=15358
shadow_copy2 and streams_depot don't play well together.
- https://bugzilla.samba.org/show_bug.cgi?id=15316
Flapping tests in samba_tool_drs_show_repl.py.
- https://bugzilla.samba.org/show_bug.cgi?id=15317
winbindd idmap child contacts the domain controller without a need.
- https://bugzilla.samba.org/show_bug.cgi?id=15318
idmap_autorid may fail to map sids of trusted domains for the first time.
- https://bugzilla.samba.org/show_bug.cgi?id=15319
idmap_hash doesn't use ID_TYPE_BOTH for reverse mappings.
- https://bugzilla.samba.org/show_bug.cgi?id=15323
net ads search -P doesn't work against servers in other domains.
- https://bugzilla.samba.org/show_bug.cgi?id=15353
Temporary smbXsrv_tcon_global.tdb can't be parsed.
- https://bugzilla.samba.org/show_bug.cgi?id=15316
Flapping tests in samba_tool_drs_show_repl.py.
- https://bugzilla.samba.org/show_bug.cgi?id=15343
Tests use depricated and removed methods like assertRegexpMatches.
* d/rules, d/libldb2.symbols; add ldb 2.6.2 version
* heimdal-to-support-KEYRING-ccache.patch: enable KEYRING in heimdal
(Closes: #1023609)
* d/control: build-depend on libkeyutils-dev
(it is pulled by some other dep, but better to be safe)
* -s3-smbd-open.c-smbd_calculate_access_mask_fsp-lower-.patch
(the change has been applied upstream)
-- Michael Tokarev <email address hidden> Wed, 19 Apr 2023 14:02:49 +0300
| Superseded in sid-release |
samba (2:4.17.7+dfsg-1) unstable; urgency=high
* upstream stable/security/bugfix release, fixing the following issues:
o CVE-2023-0225: An incomplete access check on dnsHostName allows
authenticated but otherwise unprivileged users to delete this
attribute from any object in the directory.
https://www.samba.org/samba/security/CVE-2023-0225.html
o CVE-2023-0922: The Samba AD DC administration tool, when operating
against a remote LDAP server, will by default send new or reset
passwords over a signed-only connection.
https://www.samba.org/samba/security/CVE-2023-0922.html
o CVE-2023-0614: Fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919
Confidential attribute disclosure via LDAP filters was insufficient and
an attacker may be able to obtain confidential BitLocker recovery keys
from a Samba AD DC. Installations with such secrets in their Samba AD
should assume they have been obtained and need replacing.
https://www.samba.org/samba/security/CVE-2023-0614.html
Closes: CVE-2023-0225 CVE-2023-0922 CVE-2023-0614
* update libldb symbols and versions
-- Michael Tokarev <email address hidden> Wed, 29 Mar 2023 17:59:17 +0300
| Deleted in experimental-release (Reason: None provided.) |
samba (2:4.18.1+dfsg-1~exp1) experimental; urgency=high
* upstream stable/security/bugfix release, fixing the following issues:
o CVE-2023-0225: An incomplete access check on dnsHostName allows
authenticated but otherwise unprivileged users to delete this
attribute from any object in the directory.
https://www.samba.org/samba/security/CVE-2023-0225.html
o CVE-2023-0922: The Samba AD DC administration tool, when operating
against a remote LDAP server, will by default send new or reset
passwords over a signed-only connection.
https://www.samba.org/samba/security/CVE-2023-0922.html
o CVE-2023-0614: Fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919
Confidential attribute disclosure via LDAP filters was insufficient and
an attacker may be able to obtain confidential BitLocker recovery keys
from a Samba AD DC. Installations with such secrets in their Samba AD
should assume they have been obtained and need replacing.
https://www.samba.org/samba/security/CVE-2023-0614.html
Closes: CVE-2023-0225 CVE-2023-0922 CVE-2023-0614
* update libldb symbols and versions
-- Michael Tokarev <email address hidden> Wed, 29 Mar 2023 17:59:17 +0300
| Superseded in sid-release |
samba (2:4.17.6+dfsg-1) unstable; urgency=medium
* new upstream stable/bugfix release 4.17.6:
* https://bugzilla.samba.org/show_bug.cgi?id=15314
streams_xattr is creating unexpected locks on folders.
* https://bugzilla.samba.org/show_bug.cgi?id=10635
Use of the Azure AD Connect cloud sync tool is now supported for password
hash synchronisation, allowing Samba AD Domains to synchronise passwords
with this popular cloud environment.
* https://bugzilla.samba.org/show_bug.cgi?id=15299
Spotlight doesn't work with latest macOS Ventura.
* https://bugzilla.samba.org/show_bug.cgi?id=15310
New samba-dcerpc architecture does not scale gracefully.
* https://bugzilla.samba.org/show_bug.cgi?id=15307
vfs_ceph incorrectly uses fsp_get_io_fd() instead of fsp_get_pathref_fd()
in close and fstat.
* https://bugzilla.samba.org/show_bug.cgi?id=15293
With clustering enabled samba-bgqd can core dump due to use after free.
* https://bugzilla.samba.org/show_bug.cgi?id=15311
fd_load() function implicitly closes the fd where it should not.
* debian/po/ro.po update from Remus-Gabriel Chelu
* s3-smbd-open.c-smbd_calculate_access_mask_fsp-lower-.patch
makes smbd a bit less spammy in logs
* d/control: clarify some package descriptions (Closes: #1031922)
-- Michael Tokarev <email address hidden> Thu, 09 Mar 2023 12:52:14 +0300
| Superseded in experimental-release |
samba (2:4.18.0+dfsg-1~exp1) experimental; urgency=medium
* new upstream release (4.18.0):
* SMB Server performance improvements
* More succinct samba-tool error messages
* Colour output with samba-tool --color
* New samba-tool dsacl subcommand for deleting ACES
* New wbinfo option --change-secret-at
* New option to change the NT ACL default location
* Azure Active Directory / Office365 synchronisation improvements
* new smb.conf parameters:
server addresses
acl_xattr:security_acl_name
* For more details, please refer to WHATSNEW.txt file.
* d/control: bump talloc/tdb/tevent build-deps
* patches:
- refresh: hurd-compat.patch
- refresh: spelling.patch, remove many, add 3 new changes
- new: heimdal-spelling.patch, spelling fixes for third_party/heimdal
- remove: unwrap-getresgid-typo.patch, not needed
* d/samba-libs.install: add new internal library libstable-sort-samba4.so.0
* d/libldb2.symbols, python3-ldb.symbols.in: add new versions (2.7.0, 2.7.1)
* d/libwbclient0.symbols: add new version and two new symbols:
wbcChangeTrustCredentialsAt wbcCtxChangeTrustCredentialsAt
-- Michael Tokarev <email address hidden> Thu, 09 Mar 2023 14:47:05 +0300
| Superseded in experimental-release |
samba (2:4.18.0~rc4+dfsg-1) experimental; urgency=medium
* new upstream release candidate (4.18.0rc4)
* d/control: bump talloc/tdb/tevent build-deps
* patches:
- refresh: hurd-compat.patch
- refresh: spelling.patch, remove many, add 3 new changes
- new: heimdal-spelling.patch, spelling fixes for third_party/heimdal
- remove: unwrap-getresgid-typo.patch, not needed
* d/samba-libs.install: add new internal library libstable-sort-samba4.so.0
* d/libldb2.symbols, python3-ldb.symbols.in: add new versions (2.7.0, 2.7.1)
* d/libwbclient0.symbols: add new version and two new symbols:
wbcChangeTrustCredentialsAt wbcCtxChangeTrustCredentialsAt
-- Michael Tokarev <email address hidden> Wed, 01 Mar 2023 16:50:46 +0300
| Superseded in experimental-release |
samba (2:4.18.0~rc3+dfsg-1) experimental; urgency=medium
* new upstream release candidate (4.18.0rc3)
* d/control: bump talloc/tdb/tevent build-deps
* patches:
- refresh: hurd-compat.patch
- refresh: spelling.patch, remove many, add 3 new changes
- new: heimdal-spelling.patch, spelling fixes for third_party/heimdal
- remove: unwrap-getresgid-typo.patch, not needed
* d/samba-libs.install: add new internal library libstable-sort-samba4.so.0
* d/libldb2.symbols, python3-ldb.symbols.in: add new versions (2.7.0, 2.7.1)
* d/libwbclient0.symbols: add new version and two new symbols:
wbcChangeTrustCredentialsAt wbcCtxChangeTrustCredentialsAt
-- Michael Tokarev <email address hidden> Thu, 16 Feb 2023 11:53:47 +0300
| Superseded in sid-release |
samba (2:4.17.5+dfsg-2) unstable; urgency=medium
* d/control: samba: depends on exact version of python3-samba
* d/control: fix typo
* more tweaks for foreign/cross build
* d/control: work around autodep8 #904999 again
* introduce upstream-like aliases for debian .service names,
add rationale
-- Michael Tokarev <email address hidden> Sat, 04 Feb 2023 17:15:40 +0300
| Superseded in experimental-release |
samba (2:4.18.0~rc2+dfsg-1) experimental; urgency=medium
* new upstream release candidate (4.18.0rc2)
* d/control: bump talloc/tdb/tevent build-deps
* patches:
- refresh: hurd-compat.patch
- refresh: spelling.patch, remove many, add 3 new changes
- new: heimdal-spelling.patch, spelling fixes for third_party/heimdal
- remove: unwrap-getresgid-typo.patch, not needed
* d/samba-libs.install: add new internal library libstable-sort-samba4.so.0
* d/libldb2.symbols, python3-ldb.symbols.in: ad the new version
* d/libwbclient0.symbols: add new version and two new symbols:
wbcChangeTrustCredentialsAt wbcCtxChangeTrustCredentialsAt
-- Michael Tokarev <email address hidden> Thu, 02 Feb 2023 00:05:39 +0300
| Superseded in sid-release |
samba (2:4.17.5+dfsg-1) unstable; urgency=medium
* new upstream stable/bugfix release. From WHATSNEW.txt:
* BUG 14808: smbc_getxattr() return value is incorrect.
* BUG 15172: Compound SMB2 FLUSH+CLOSE requests from MacOSX
are not handled correctly.
* BUG 15210: synthetic_pathref AFP_AfpInfo failed errors.
* BUG 15226: samba-tool gpo listall fails IPv6 only - finddcs()
fails to find DC when there is only an AAAA record for the DC in DNS
(Closes: #1023606).
* BUG 15236: smbd crashes if an FSCTL request is done on a stream handle.
* BUG 15277: DFS links don't work anymore on Mac clients since 4.17.
* BUG 15283: vfs_virusfilter segfault on access,
directory edgecase (accessing NULL value).
* BUG 15240: CVE-2022-38023 [SECURITY] Samba should refuse RC4 (aka md5)
based SChannel on NETLOGON (additional changes).
* BUG 15243: %U for include directive doesn't work for share listing
(netshareenum) (the fix was in debian before).
* BUG 15266: Shares missing from netshareenum response in samba 4.17.4
(the fix was in debian before).
* BUG 15269: ctdb: use-after-free in run_proc.
* BUG 15280: irpc_destructor may crash during shutdown.
* BUG 15286: auth3_generate_session_info_pac leaks wbcAuthUserInfo.
* BUG 15268: smbclient segfaults with use after free on an optimized build
* BUG 15282: smbstatus leaking files in msg.sock and msg.lock.
* BUG 15164: Leak in wbcCtxPingDc2.
* BUG 15265: Access based share enum does not work in Samba 4.16+.
* BUG 15267: Crash during share enumeration.
* BUG 15271: rep_listxattr on FreeBSD does not properly check
for reads off end of returned buffer.
* BUG 15281: Avoid relying on C89 features in a few places.
* remove patches applied upstream:
- reload-registry-shares-after-reloading-services.patch
- rpc_server_srvsvc-retrieve_share_ACL_via_root_context.patch
* d/control: Standards-Version: 4.6.2 (no changes)
* d/control: put all doc-generating build-deps into one line
* little prep for cross-compilation
- build-depend on python3:any and python3-dev:any
- build-depend on libpython3-dev for actual module building,
and use arch-specific python3-config from there
- set and export _PYTHON_SYSCONFIGDATA_NAME to get foreign-arch values
provided by libpython3-dev (also helps when python itself is foreign)
- depend on perl:any not just perl
- export CC/CPP/LD/PKGCONFIG for ./configure (buildtools.mk)
* d/gbp.conf: unignore branch
* d/control: samba, ctdb, winbind: do not depend on lsb-base
(the script is in sysvinit-utils now)
* d/control: drop unused build-dep on libncurses5-dev
-- Michael Tokarev <email address hidden> Fri, 27 Jan 2023 11:15:01 +0300
| Superseded in experimental-release |
samba (2:4.18.0~rc1+dfsg-1exp) experimental; urgency=medium
* new upstream release candidate (4.18.0rc1)
* d/control: bump talloc/tdb/tevent build-deps
* patches:
- refresh: hurd-compat.patch
- refresh: spelling.patch, remove many, add 3 new changes
- new: heimdal-spelling.patch, spelling fixes for third_party/heimdal
- remove: unwrap-getresgid-typo.patch, not needed
- remove: reload-registry-shares-after-reloading-services.patch
- remove: rpc_server_srvsvc-retrieve_share_ACL_via_root_context.patch
* d/gbp.conf: unignore branch (gbp import-orig does fun stuff if it is set)
* d/samba-libs.install: add new internal library libstable-sort-samba4.so.0
* d/libldb2.symbols, python3-ldb.symbols.in: ad the new version
* d/libwbclient0.symbols: add new version and two new symbols:
wbcChangeTrustCredentialsAt
wbcCtxChangeTrustCredentialsAt
-- Michael Tokarev <email address hidden> Sat, 21 Jan 2023 11:20:58 +0300
| Superseded in sid-release |
samba (2:4.17.4+dfsg-3) unstable; urgency=medium
* +rpc_server_srvsvc-retrieve_share_ACL_via_root_context.patch
https://bugzilla.samba.org/show_bug.cgi?id=15265
* +reload-registry-shares-after-reloading-services.patch
https://bugzilla.samba.org/show_bug.cgi?id=15266
* d/samba.postinst: fix /var/spool/samba => /var/tmp handling
(old spooldir can be referred to in other sections too)
* create common script "is-configured" to check if the service is configured
in smb.conf, and stop masking services in postinst
* rewrite SysV init scripts (simplify, make consistent, etc)
* d/winbind.postinst: create/change /var/lib/samba/winbindd_privileged
at install time only (it should be in /run/samba/ somewhere these days)
* d/control: change version of samba which samba-ad-provisioning
Breaks to where provisioning was split out
-- Michael Tokarev <email address hidden> Tue, 03 Jan 2023 10:45:36 +0300
| Superseded in sid-release |
samba (2:4.17.4+dfsg-2) unstable; urgency=medium
* d/control: samba-dc-provision Replaces+Breaks samba (< 4.17.4+dfsg-2).
Closes: #1026387
-- Michael Tokarev <email address hidden> Mon, 19 Dec 2022 16:36:00 +0300
| Superseded in sid-release |
samba (2:4.17.4+dfsg-1) unstable; urgency=medium
* new upstream stable/security release, with the following changes:
- CVE-2022-37966: Windows Kerberos RC4-HMAC Elevation of Privilege
Vulnerability disclosed by Microsoft on Nov 8 2022, see
https://www.samba.org/samba/security/CVE-2022-37966.html
- CVE-2022-37967: Windows Kerberos Elevation of Privilege Vulnerability
disclosed by Microsoft on Nov 8 2022. See
https://www.samba.org/samba/security/CVE-2022-37967.html
- CVE-2022-38023: Weak "RC4" (rc4-hmac) protection of the NetLogon Secure
channel uses, see https://www.samba.org/samba/security/CVE-2022-38023.html
There are several important behavior changes included in this release,
which may cause compatibility problems interacting with system still
expecting the former behavior. Please read the documents referenced above!
See also the WHATSNEW.txt document, as there are several new, changed
and deprecated smb.conf parameters.
* Other bugfixes in this release (from WHATSNEW.txt):
https://bugzilla.samba.org/show_bug.cgi?id=14929 CVE-2022-44640
Upstream Heimdal free of user-controlled pointer in FAST.
https://bugzilla.samba.org/show_bug.cgi?id=15219
Heimdal session key selection in AS-REQ examines wrong entry.
https://bugzilla.samba.org/show_bug.cgi?id=13135 The KDC logic around
msDs-supportedEncryptionTypes differs from Windows.
https://bugzilla.samba.org/show_bug.cgi?id=14611 CVE-2021-20251
Bad password count not incremented atomically.
https://bugzilla.samba.org/show_bug.cgi?id=15206 libnet: change_password()
doesn't work with dcerpc_samr_ChangePasswordUser4()
https://bugzilla.samba.org/show_bug.cgi?id=15230
Memory leak in snprintf replacement functions.
https://bugzilla.samba.org/show_bug.cgi?id=15253 RODC doesn't reset
badPwdCount reliable via an RWDC (CVE-2021-20251 regression).
https://bugzilla.samba.org/show_bug.cgi?id=15198
Prevent EBADF errors with vfs_glusterfs.
https://bugzilla.samba.org/show_bug.cgi?id=15243
%U for include directive doesn't work for share listing (netshareenum).
https://bugzilla.samba.org/show_bug.cgi?id=15257
Stack smashing in net offlinejoin requestodj.
* removed patches which are now included upstream:
- nsswitch-pam-data-time_t.patch
- CVE-2022-42898-lib-krb5-fix-_krb5_get_int64-on-32bit.patch
-- Michael Tokarev <email address hidden> Thu, 15 Dec 2022 21:54:31 +0300
| Superseded in sid-release |
samba (2:4.17.3+dfsg-4) unstable; urgency=medium
* create samba-ad-provision package with contents of /usr/share/samba/setup.
It is recommended by samba, so can be uninstalled if not needed.
* create samba-ad-dc package. It is an empty metapackage for now, but with
dependencies needed to run an Active Directory Domain Controller (AD-DC)
* samba-ad-provision.lintian-overrides: license files
* print meaningful error message if samba-ad-provision is not installed
(meaningful-error-if-no-samba-ad-provision.patch)
* print meaningful error message if python3-markdown is not installed
(meaningful-error-if-no-python3-markdown.patch)
* ctdb: move rundir from /var/run to /run
* fix typo in fruit patch
* a few more spelling fixes
* add #DEBHELPER# tokens to libnss-winbind.{postinst,postrm}
* remove mentions of /var/spool/samba from samba.lintian-overrides
(moved to /var/tmp)
* change embedded-library heimdal lintian override in a way to be understood
by both old and new lintian, so the package can be uploaded
-- Michael Tokarev <email address hidden> Mon, 05 Dec 2022 14:39:43 +0300
| Superseded in sid-release |
samba (2:4.17.3+dfsg-3) unstable; urgency=medium
* d/control: winbind should depend on the same binary:Version
of libwbclient, or else its components can't talk to the daemon.
Thank you Stefan Weichinger for the patience while finding this one!
* libnss-winbind: add postinst/postrm scripts to add/remove nsswitch.conf
entry for winbind (but not for wins)
-- Michael Tokarev <email address hidden> Thu, 01 Dec 2022 22:38:07 +0300
| Superseded in sid-release |
samba (2:4.17.3+dfsg-2) unstable; urgency=medium
* fruit-disable-useless-size_t-overflow-check.patch (Closes: #974868)
* CVE-2022-42898-lib-krb5-fix-_krb5_get_int64-on-32bit.patch
Fix regression on 32bit systems:
https://bugzilla.samba.org/show_bug.cgi?id=15203
-- Michael Tokarev <email address hidden> Mon, 21 Nov 2022 20:41:46 +0300
| Superseded in sid-release |
samba (2:4.17.3+dfsg-1) unstable; urgency=medium
* new upstream security release 4.17.3, fixing the following issue:
CVE-2022-42898: Heimdal Kerberos libraries suffers from an integer
multiplication overflow vulnerability which affects 32bit platforms,
see https://www.samba.org/samba/security/CVE-2022-42898.html
This changes third_party/heimdal/, it does not affect mitkrb5 builds.
* d/rules: stop stripping +dfsg suffix from ldb version
* d/control: declare dependency on password (for groupadd in postinst)
for winbind and samba (Closes: #1023759)
* implement pkg.samba.mitkrb5 build profile to build with system mit-krb5
(with "mitkrb5" version suffix in some packages for now)
* d/control: mark libufing-dev build dep with <!pkg.samba.nouring>
(to simplify out-of-archive builds for older systems)
* d/rules: parametrise list of packages to omit (eg on ubuntu-i386)
with ${omit-pkgs}
* d/rules: use variables in a more consistent way, use single ${config-args}
* d/control: tdb-tools and lmdb-utils packages are also needed for tests
(everything is commented out for now anyway)
* d/rules: update knownfail tests
* d/rules: stop exporting buildflags, export compiler options when needed
* d/rules: always define rados:Depends & vfsmods:Depends substvars
* unwrap-getresgid-typo.patch - fix crash during p11-kit execution
(https://bugzilla.samba.org/show_bug.cgi?id=15227) (for the testsuite only)
* nsswitch-pam-data-time_t.patch - fix time_t not fit in a pointer (eg x32)
(https://bugzilla.samba.org/show_bug.cgi?id=15224)
-- Michael Tokarev <email address hidden> Tue, 15 Nov 2022 19:26:10 +0300
| Superseded in sid-release |
samba (2:4.17.2+dfsg-9) unstable; urgency=medium
* hurd-compat.patch: some minor compatibility tweaks for hurd
* d/rules compat work:
- ceph is linux-only like glusterfs
- d/rules: add another conditional, with_snapper
- combine linux features into single block
* d/rules: support "terse" build option for non-verbose build
* d/rules: remove third_party/heimdal/lib/gssapi/gssapi.h before build
(Closes: #1013205). This fixes -I path order and <gssapi/gssapi.h>
include mess which caused samba to FTBFS on sparc64 for quite some time
-- Michael Tokarev <email address hidden> Sun, 06 Nov 2022 20:13:19 +0300
| Superseded in sid-release |
samba (2:4.17.2+dfsg-8) unstable; urgency=medium
* d/rules: do not explicitly enable quotas on non-linux:
enable everything interesting on linux explicitly and let ./configure
to figure it out in other systems. This should fix FTBFS problem on hurd.
* d/rules: do not disable systemd on non-linux, let ./configure figure it out
* d/winbind.postinst: switch addgroup => groupadd and eliminate getent.
winbind package never declared dependency on adduser but always used
addgroup command in its postinst script. Finally this broke piuparts.
Switch to groupadd which is even easier to use.
* d/samba.postinst: switch addgroup => groupadd and eliminate getent
* d/smb.conf: use useradd in example create user script too
-- Michael Tokarev <email address hidden> Thu, 03 Nov 2022 15:04:46 +0300
| Superseded in sid-release |
samba (2:4.17.2+dfsg-7) unstable; urgency=medium
* another way to work around #1013259: provide a compatibility symlink
libndr.so.2 pointing to libndr.so.3:
- libndr-debug-level-compat.diff, libndr-revert-so3.diff: remove
- d/samba-libs.symbols: adjust symbols/versions
- d/samba-libs.install: libndr.so.2 => libndr.so.3
- d/samba-libs.links: provide the compat libndr.so.2 symlink
* d/samba-libs.links: add comments describing libndr.so.N issue
* d/samba-libs.links: add libndr.so.1 compat symlink too (for bullseye sssd)
* d/control: unbreak bullseye/jammy sssd-ad-common, sssd-ad, sssd-ipa
by samba-libs once libndr.so.1 compat link is here
-- Michael Tokarev <email address hidden> Wed, 02 Nov 2022 20:43:53 +0300
| Superseded in sid-release |
samba (2:4.17.2+dfsg-6) unstable; urgency=medium * d/control: fix comment in previous upload -- Michael Tokarev <email address hidden> Wed, 02 Nov 2022 10:45:26 +0300
| Superseded in sid-release |
samba (2:4.17.2+dfsg-5) unstable; urgency=medium
* d/control: bump version of broken-by-samba-libs sssd
and add more affected sssd packages;
also reformat the comment there so dpkg-gencontrol does not complain
-- Michael Tokarev <email address hidden> Wed, 02 Nov 2022 09:34:10 +0300
| Superseded in sid-release |
samba (2:4.17.2+dfsg-4) unstable; urgency=medium
* d/control: stop suggesting old/orphaned/gone-upstream smbldap-tools
* libndr work (Closes: #1013259):
- d/control: samba-libs breaks bullseye sssd-ad due to libndr.so.1=>.2 bump
- d/samba-libs.install: be more explicit about sonames of public libs
to catch soname changes
- libndr-debug-level-compat.diff, libndr-revert-so3.diff: revert
libndr.so.2->3 soname bump by providing compat wrapper for new symbol
- d/samba-libs.symbols: provide symbols for libndr.so.2
-- Michael Tokarev <email address hidden> Tue, 01 Nov 2022 12:53:22 +0300
| Superseded in sid-release |
samba (2:4.17.2+dfsg-3) unstable; urgency=low
* rebase on top of debian 4.16.6+dfsg-6 release, include some
history of 4.17.* experimental releases in changelog
* d/samba-libs.lintian-overrides: update package-name-doesnt-match-sonames
to match all libs
* urgency is set to low to delay unstable->testing transition a bit
-- Michael Tokarev <email address hidden> Sun, 30 Oct 2022 16:23:51 +0300
| Superseded in sid-release |
samba (2:4.16.6+dfsg-6) unstable; urgency=medium
* d/rules: use the right dir for dh_shlibdeps -l (long-standing issue)
* rewrite shlibs/symbols-generating file d/genshlibs, make whole process
much more clean and strighforward, and 10x times faster too
* debian/libnss-winbind.triggers: activate ldconfig trigger
* add debian/samba-libs.symbols with libsmbldap library
* d/samba.examples: do not install smbadduser: csh considered harmful
* d/rules: remove long-unused commented-out override_dh_perl-arch
* d/samba.lintian-overrides: *docs-outside-share-doc usr/share/samba/setup/
* d/genshlibs: add the forgotten mkdir for d/$pkg/DEBIAN
* remove static/fixed branding d/patches/VERSION.patch
* d/rules: implement dynamic branding of VERSION file based on dpkg-vendor
* d/rules: simplify package interdependency checking rules
* d/rules: add a lot more interpackage dependency checks
* d/NEWS: merge it into d/samba.NEWS (removes several lintian warnings)
-- Michael Tokarev <email address hidden> Sat, 29 Oct 2022 08:28:53 +0300
| Superseded in sid-release |
samba (2:4.16.6+dfsg-5) unstable; urgency=medium
* move samba:idmap_script.8.gz and samba-libs:idmap_rfc2307.8.gz manpages to
winbind package where they belong and where actual idmap modules lives.
(install all idmap_*.8 manpages to winbind package)
* d/rules: install pam.d/samba with mode 0644, not 0755
* many lintian-override updates:
- source: ctdb/doc/*.html actually has sources
- source: +very-long-line-length-in-source-file * (for generated files)
- source: +debian-control-has-unusual-field-spacing Breaks
- winbind: +spare-manual-page for module manpages
- *: update some overrides for new lintian
- libpam-winbind: +spare-manual-page pam_winbind.8
- libldb2: +package-contains-empty-directory .../ldb/modules/ldb/
- *: +hardening-no-fortify-functions for some simple shared libs
-- Michael Tokarev <email address hidden> Wed, 26 Oct 2022 22:27:00 +0300
| Superseded in sid-release |
samba (2:4.16.6+dfsg-4) unstable; urgency=medium
* poptGetArg-misuse-fixes-1022826.diff: fix poptGetArg() misuse
for popt-1.9 (Closes: #1022826)
-- Michael Tokarev <email address hidden> Wed, 26 Oct 2022 19:45:38 +0300
| Superseded in sid-release |
samba (2:4.16.6+dfsg-3) unstable; urgency=medium
* d/rules: stop dh_installpam from installing samba.pam
to the samba package (Closes: #1022775, #1022776)
-- Michael Tokarev <email address hidden> Tue, 25 Oct 2022 20:13:53 +0300
| Deleted in experimental-release (Reason: None provided.) |
samba (2:4.17.2+dfsg-2) experimental; urgency=medium
* d/rules: stop dh_installpam from installing samba.pam
to the samba package (Closes: #1022775, #1022776)
-- Michael Tokarev <email address hidden> Tue, 25 Oct 2022 20:13:53 +0300
| Superseded in sid-release |
samba (2:4.16.6+dfsg-2) unstable; urgency=medium * d/rules: pam.d/samba should go to /etc, not / * d/README.source.md: it is README.source.md not README.source * d/control: bump Standards-Version to 4.6.1 (no changes) * d/rules: verify that samba-libs does not depend on samba -- Michael Tokarev <email address hidden> Tue, 25 Oct 2022 13:55:33 +0300
| Superseded in sid-release |
samba (2:4.16.6+dfsg-1) unstable; urgency=medium
* new upstream security release 4.16.6, fixing:
CVE-2022-3437: There is a limited write heap buffer overflow in the GSSAPI
unwrap_des() and unwrap_des3() routines of Heimdal (included in Samba).
https://www.samba.org/samba/security/CVE-2022-3437.html
* use explicit_bzero() instead of bzero() for the substitute of memset_s()
* d/rules: make it a bit more consistent with other samba packages
* d/rules: stop exporting ${PYTHON}
* a bunch of ubuntu-related changes:
- d/rules: omit glusterfs on ubuntu-i386
- apply Ubuntu changes to smb.conf at install time (d/smb.conf.ubuntu.diff)
- d/tests/: ensure io_uring module is built before testing it
- d/rules: inline parallel check from dpkg/buildopts.mk
(buildopts.mk does not exist on ubuntu 20.04 focal)
-- Michael Tokarev <email address hidden> Tue, 25 Oct 2022 12:48:20 +0300
| Superseded in experimental-release |
samba (2:4.17.2+dfsg-1) experimental; urgency=medium
* upstream 4.17.0 release:
Closes: CVE-2022-1615
Closes: CVE-2022-32743
- removed spelling.patch (partially applied upstream)
- removed weak-crypto-allowed-clarify.diff (applied upstream)
- removed dont-ignore-errors-in-random-number-generation-CVE-2022-1615.patch
(applied upstream)
- refresh: ctdb-create-piddir.patch
- refresh: fix-nfs-service-name-to-nfs-kernel-server.patch
- d/control: update minimum versions for talloc/tevent/tdb
- d/rules: do not install ctdb.service, it is installed by upstream now
- d/ctdb.install: do not install ctdb_wrapper (not used anymore)
- d/libldb2.symbols, d/d/python3-ldb.symbols.in: new versions: 2.6.0 2.6.1
* upstream 4.17.1 security release:
CVE-2021-20251 Bad password count not incremented atomically.
* upstream 4.17.2 security release:
CVE-2022-3592 A malicious client can use a symlink to escape the exported
directory. https://www.samba.org/samba/security/CVE-2022-3592.html
(Samba 4.17 only)
* new patch: spelling.patch: a few more spelling fixes
* per upstream, re-version symbols added in 2.5.2 as added in 2.6.1
(ldb users needs to be recompiled anyway after updating libldb)
* move libpac-samba4.so.0 from samba to samba-libs (Closes: #1021450)
* d/rules: no need to build compile_et,asn1_compile intermediate targets
anymore; also remove now-unused ${WAFv} macro
* this release re-does all changes in the former experimental branch
-- Michael Tokarev <email address hidden> Tue, 25 Oct 2022 14:30:44 +0300
| Superseded in experimental-release |
samba (2:4.17.1+dfsg-1) experimental; urgency=medium
* new upstream bugfix release containing a security fix:
* CVE-2021-20251 Bad password count not incremented atomically.
* Merge changes from 4.16.x (debian/master) branch.
* use-bzero-instead-of-memset_s.diff : use explicit_bzero() instead of
bzero() for the substitute of memset_s(). bzero() is wrong here because
it, just like memset, can be optimized out by the compiler.
* d/rules: stop using dh_installpam for installing a single pam.d file
-- Michael Tokarev <email address hidden> Wed, 19 Oct 2022 21:34:11 +0300
| Superseded in experimental-release |
samba (2:4.17.0+dfsg-2) experimental; urgency=medium * mention closing of CVE-2022-32743 by the 4.17.0 upload * mention closing of CVE-2022-1615 by the 4.17.0 upload * move libpac-samba4.so.0 from samba to samba-libs (Closes: #1021450) * d/rules: verify that samba-libs does not depend on samba -- Michael Tokarev <email address hidden> Sat, 08 Oct 2022 23:00:05 +0300
| Superseded in sid-release |
samba (2:4.16.5+dfsg-2) unstable; urgency=medium
[ Michael Tokarev ]
* d/tests/util: use printf for formatting password for smbpasswd,
not non-standard echo \n (mr !60)
* introduce LDB_2.4.4 version symbol (Closes: #1021371)
Create an empty ABI file just to make the scripts run during the build
stage to introduce LDB_2.4.4 version symbol into libldb.so, and remove
this empty file in the clean target. It is a bit hackish but works fine.
This is only needed to upgrade from bullseye to bookworm, from
4.13.13+dfsg-1~deb11u5+ to the next release, 4.16+.
Remove this for bookworm+.
* dont-ignore-errors-in-random-number-generation-CVE-2022-1615.patch:
GnuTLS gnutls_rnd() can fail and give predictable random values.
Closes: #1021024, CVE-2022-1615
[ John Paul Adrian Glaubitz ]
* disable ceph support on ppc64 and x32 (Closes: #1020781, #1012165)
-- Michael Tokarev <email address hidden> Sat, 08 Oct 2022 15:11:15 +0300
| Superseded in experimental-release |
samba (2:4.17.0+dfsg-1) experimental; urgency=medium
* new upstream release 4.17.0
* removed: spelling.patch (partially applied upstream)
* removed: weak-crypto-allowed-clarify.diff (applied upstream)
* refresh: ctdb-create-piddir.patch
* refresh: fix-nfs-service-name-to-nfs-kernel-server.patch
* d/control: update minimum versions for talloc/tevent/tdb
* d/rules: do not install ctdb.service, it is installed by upstream now
* d/ctdb.install: do not install ctdb_wrapper (not used anymore)
* d/libldb2.symbols, d/d/python3-ldb.symbols.in: new versions: 2.6.0 2.6.1
per upstream, re-version symbols added in 2.5.2 as added in 2.6.1
(ldb users needs to be recompiled anyway after updating libldb)
* new: spelling.patch: a few more spelling fixes
* d/control: bump Standards-Version to 4.6.1 (no changes)
-- Michael Tokarev <email address hidden> Tue, 13 Sep 2022 20:47:05 +0300
| Published in bullseye-release |
samba (2:4.13.13+dfsg-1~deb11u5) bullseye-security; urgency=medium
* 3 patches:
- CVE-2022-32742-bug-15085-4.13.patch
- kpasswd_bugs_v15_4-13.patch
- ldb-memory-bug-15096-4.13-v3.patch
fixing:
o CVE-2022-2031: Samba AD users can bypass certain restrictions associated
with changing passwords.
https://www.samba.org/samba/security/CVE-2022-2031.html
o CVE-2022-32742: Server memory information leak via SMB1.
https://www.samba.org/samba/security/CVE-2022-32742.html
o CVE-2022-32744: Samba AD users can forge password change requests
for any user.
https://www.samba.org/samba/security/CVE-2022-32744.html
o CVE-2022-32745: Samba AD users can crash the server process with an LDAP
add or modify request.
https://www.samba.org/samba/security/CVE-2022-32745.html
o CVE-2022-32746: Samba AD users can induce a use-after-free in the server
process with an LDAP add or modify request.
https://www.samba.org/samba/security/CVE-2022-32746.html
* Closes: #1016449, CVE-2022-2031 CVE-2022-32742, CVE-2022-32744,
CVE-2022-32745, CVE-2022-32746
* Build-Depend on libldb-dev >= 2.2.3-2~deb11u2
(which includes the new symbols in libldb used by this update)
* d/rules: use dpkg-query instead of pkg-config to find debian package
version of libldb-dev, since this is what we actually want, not the
internal version libldb thinks it is at.
-- Michael Tokarev <email address hidden> Wed, 10 Aug 2022 00:19:38 +0300
| Superseded in sid-release |
samba (2:4.16.5+dfsg-1) unstable; urgency=medium * new (minor) upstream release 4.16.5 * removed fix-samba-tool-domain-join-segfault.patch (included upstream) * d/gbp.conf: no need to filter orig.tar: uscan already does that -- Michael Tokarev <email address hidden> Thu, 08 Sep 2022 12:44:38 +0300
| 1 → 75 of 379 results | First • Previous • Next • Last |
