Ubuntu
samba package

Change log for samba package in Ubuntu

175 of 653 results FirstPreviousLast
Published in questing-release
Published in plucky-release
Deleted in plucky-proposed (Reason: Moved to plucky) 
samba (2:4.21.4+dfsg-1ubuntu3) plucky; urgency=medium

  * d/control: don't have bin:samba recommend bin:samba-ad-dc (LP: #2101838)

 -- Andreas Hasenack <email address hidden>  Mon, 10 Mar 2025 10:58:01 -0300
Superseded in plucky-release
Deleted in plucky-proposed (Reason: Moved to plucky) 
samba (2:4.21.4+dfsg-1ubuntu2) plucky; urgency=medium

  * d/samba-vfs-ceph.install: add the ceph_new vfs module and manpage
    (LP: #2099928)
  * python3-samba depends on python3-cryptography, which Ubuntu doesn't build
    on i386 (LP: #2099895):
    - d/control: don't recommend python3-samba on i386
    - d/rules: don't build python3-samba on ubuntu i386

 -- Andreas Hasenack <email address hidden>  Mon, 24 Feb 2025 16:05:36 -0300
Superseded in plucky-proposed 
samba (2:4.21.4+dfsg-1ubuntu1) plucky; urgency=medium

  * Merge with Debian unstable (LP: #2085212). Remaining changes:
    - debian/control: Ubuntu i386 binary compatibility:
      + enable the liburing vfs module, except on i386 where liburing is
        not available
    - d/t/control, d/t/util,d/t/samba-ad-dc-provisioning-internal-dns:
      samba AD DC provisioning and domain join tests with internal DNS
      (LP #1977746, LP #2011745)
    - d/control: adjust breaks/replaces for file move that Debian did in
      4.16.6+dfsg-5, and Ubuntu only did in 4.17.7+dfsg-1ubuntu1, to avoid
      file conflict in a dist-upgrade from earlier Ubuntu releases, like
      Kinetic (LP #2024663)
    - Fix t64 package name in 'Enhances' attribute.
    - debian/tests: launch container with security.nesting=true
      Otherwise, systemd-resolved in the member-server container will
      fail to start, and cause the test to fail. (LP #2046486)
    - d/control: make samba-vfs-modules-extra a transitional package.
      The glusterfs vfs module (the only vfs module shipped in it
      previously) is now in bin:samba-vfs-glusterfs
    - d/control: have the (now transitional) samba-vfs-modules package
      depend on samba-vfs-ceph, so that upgrades retain the ceph vfs
      module
    - d/control: samba-vfs-modules and samba-vfs-modules-extra, now
      transitional packages, should only depend on the new samba-vfs-ceph and
      samba-vfs-glusterfs packages on the architectures where those two
      packages are built (LP #2076682)
    - d/control:
      + samba-vfs-modules-extra was not built before for 32bit architectures,
        adjust Architectures line
      + samba-vfs-modules: this one was build for 32bit architectures before,
        so we need the conditional Depends for ceph
    - d/p/fix-update-motd-gpo.patch: fix crash when updating an already existing
      MOTD GPO (LP #2092308)
  * Added:
    - d/t/samba-ad-dc-provisioning-internal-dns: force samba-tool to use
      kerberos when interrogating the DNS server, otherwise it will prompt for
      a password
    - d/t/control: dpkg-vendor is also needed for the AD test
    - d/p/fix-update-motd-gpo.patch: fix another crash when the GPO doesn't
      exist yet (LP: #2098755)
Superseded in plucky-release
Deleted in plucky-proposed (Reason: Moved to plucky) 
samba (2:4.20.4+dfsg-1ubuntu5) plucky; urgency=medium

  * No-change rebuild for icu soname change.

 -- Matthias Klose <email address hidden>  Tue, 07 Jan 2025 08:36:04 +0100
Deleted in noble-proposed (Reason: The package was removed due to one or more of its SRU bug...) 
samba (2:4.19.5+dfsg-4ubuntu9.1) noble; urgency=medium

  * d/p/gpo-segfault-fix.patch: fix segfault in samba-gpupdate (LP: #2078854)
  * d/p/deprecated-readfp-configparser.patch: fix crash in samba-tool due to
    using removed method (LP: #2088094)
  * d/p/fix-update-motd-gpo.patch: fix crash when updating an already existing
    MOTD GPO (LP: #2092308)

 -- Andreas Hasenack <email address hidden>  Wed, 13 Nov 2024 18:26:06 -0300
Deleted in oracular-proposed (Reason: The package was removed due to one or more of its SRU bug...) 
samba (2:4.20.4+dfsg-1ubuntu1.1) oracular; urgency=medium

  * d/p/fix-update-motd-gpo.patch: fix crash when updating an already existing
    MOTD GPO (LP: #2092308)

 -- Andreas Hasenack <email address hidden>  Fri, 20 Dec 2024 17:37:45 -0300
Superseded in plucky-proposed 
samba (2:4.20.4+dfsg-1ubuntu4) plucky; urgency=medium

  * No-change rebuild for Python 3.13 as the default.

 -- Matthias Klose <email address hidden>  Sat, 04 Jan 2025 05:17:16 +0100
Superseded in plucky-release
Deleted in plucky-proposed (Reason: Moved to plucky) 
samba (2:4.20.4+dfsg-1ubuntu3) plucky; urgency=medium

  * d/p/fix-update-motd-gpo.patch: update patch to replace the motd, and not
    keep adding a new one with every update (see comment #4 in LP #2092308)

 -- Andreas Hasenack <email address hidden>  Mon, 30 Dec 2024 18:18:47 -0300
Superseded in plucky-release
Deleted in plucky-proposed (Reason: Moved to plucky) 
samba (2:4.20.4+dfsg-1ubuntu2) plucky; urgency=medium

  * d/p/fix-update-motd-gpo.patch: fix crash when updating an already existing
    MOTD GPO (LP: #2092308)

 -- Andreas Hasenack <email address hidden>  Fri, 20 Dec 2024 17:39:35 -0300
Superseded in plucky-release
Published in oracular-release
Deleted in oracular-proposed (Reason: Moved to oracular) 
samba (2:4.20.4+dfsg-1ubuntu1) oracular; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - debian/control: Ubuntu i386 binary compatibility:
      + enable the liburing vfs module, except on i386 where liburing is
        not available
    - d/t/control, d/t/util,d/t/samba-ad-dc-provisioning-internal-dns:
      samba AD DC provisioning and domain join tests with internal DNS
      (LP #1977746, LP #2011745)
    - d/control: adjust breaks/replaces for file move that Debian did in
      4.16.6+dfsg-5, and Ubuntu only did in 4.17.7+dfsg-1ubuntu1, to avoid
      file conflict in a dist-upgrade from earlier Ubuntu releases, like
      Kinetic (LP #2024663)
    - Fix t64 package name in 'Enhances' attribute.
    - debian/tests: launch container with security.nesting=true
      Otherwise, systemd-resolved in the member-server container will
      fail to start, and cause the test to fail. (LP #2046486)
    - d/control: make samba-vfs-modules-extra a transitional package.
      The glusterfs vfs module (the only vfs module shipped in it
      previously) is now in bin:samba-vfs-glusterfs
    - d/control: have the (now transitional) samba-vfs-modules package
      depend on samba-vfs-ceph, so that upgrades retain the ceph vfs
      module
  * Added:
    - d/control: samba-vfs-modules and samba-vfs-modules-extra, now
      transitional packages, should only depend on the new samba-vfs-ceph and
      samba-vfs-glusterfs packages on the architectures where those two
      packages are built (LP: #2076682)

 -- Andreas Hasenack <email address hidden>  Tue, 13 Aug 2024 10:02:30 -0300
Superseded in oracular-proposed 
samba (2:4.20.2+dfsg-10ubuntu1) oracular; urgency=medium

  * Merge with Debian unstable (LP: #2072504). Remaining changes:
    - debian/control: Ubuntu i386 binary compatibility:
      + enable the liburing vfs module, except on i386 where liburing is
        not available
    - d/t/control, d/t/util,d/t/samba-ad-dc-provisioning-internal-dns:
      samba AD DC provisioning and domain join tests with internal DNS
      (LP #1977746, LP #2011745)
    - d/control: adjust breaks/replaces for file move that Debian did in
      4.16.6+dfsg-5, and Ubuntu only did in 4.17.7+dfsg-1ubuntu1, to avoid
      file conflict in a dist-upgrade from earlier Ubuntu releases, like
      Kinetic (LP #2024663)
    - d/t/util: handle breakage introduced by lxd-installer. If on
      Ubuntu, assume lxd comes from a snap and install it if needed
    - d/t/util: ignore cloud-init's warning exit status, which is
      happening because of LP #2048129 (also see LP #2048522)
    - Fix t64 package name in 'Enhances' attribute.
    - debian/tests: launch container with security.nesting=true
      Otherwise, systemd-resolved in the member-server container will
      fail to start, and cause the test to fail. (LP #2046486)
  * Dropped:
    - glusterfs is no longer in main, create new binary package in
      universe to ship the samba glusterfs vfs modules and manpages
      (LP #2045063):
      + d/control: new samba-vfs-modules-glusterfs package
      + d/rules: glusterfs vfs modules and manpages are now in the
        samba-vfs-modules-extra package
      + d/samba-vfs-modules-extra.install: add glusterfs vfs modules and
        manpage
  * Added:
    - d/control: make samba-vfs-modules-extra a transitional package.
      The glusterfs vfs module (the only vfs module shipped in it
      previously) is now in bin:samba-vfs-glusterfs
    - d/control: have the (now transitional) samba-vfs-modules package
      depend on samba-vfs-ceph, so that upgrades retain the ceph vfs
      module

 -- Andreas Hasenack <email address hidden>  Mon, 05 Aug 2024 14:04:55 -0300
Superseded in oracular-release
Deleted in oracular-proposed (Reason: Moved to oracular) 
samba (2:4.20.2+dfsg-2ubuntu2) oracular; urgency=medium

  * debian/tests: launch container with security.nesting=true
    Otherwise, systemd-resolved in the member-server container will
    fail to start, and cause the test to fail. (LP: #2046486)

 -- Nick Rosbrook <email address hidden>  Tue, 09 Jul 2024 14:46:44 -0400
Superseded in oracular-release
Deleted in oracular-proposed (Reason: Moved to oracular) 
samba (2:4.20.2+dfsg-2ubuntu1) oracular; urgency=medium

  * Merge with Debian unstable (LP: #2064384). Remaining changes:
    - debian/control: Ubuntu i386 binary compatibility:
      + enable the liburing vfs module, except on i386 where liburing is
        not available
    - d/t/control, d/t/util,d/t/samba-ad-dc-provisioning-internal-dns:
      samba AD DC provisioning and domain join tests with internal DNS
      (LP #1977746, LP #2011745)
    - d/control: adjust breaks/replaces for file move that Debian did in
      4.16.6+dfsg-5, and Ubuntu only did in 4.17.7+dfsg-1ubuntu1, to avoid
      file conflict in a dist-upgrade from earlier Ubuntu releases, like
      Kinetic (LP #2024663)
    - glusterfs is no longer in main, create new binary package in
      universe to ship the samba glusterfs vfs modules and manpages
      (LP #2045063):
      + d/control: new samba-vfs-modules-glusterfs package
      + d/rules: glusterfs vfs modules and manpages are now in the
        samba-vfs-modules-extra package
      + d/samba-vfs-modules-extra.install: add glusterfs vfs modules and
        manpage
    - d/t/util: handle breakage introduced by lxd-installer. If on
      Ubuntu, assume lxd comes from a snap and install it if needed
    - d/t/util: ignore cloud-init's warning exit status, which is
      happening because of LP #2048129 (also see LP #2048522)
    - Fix t64 package name in 'Enhances' attribute.
  * Dropped:
    - Drop explicit, wrong, redundant dependency from samba-dsdb-modules on
      libgpgme11.
      [Included in 2:4.19.5+dfsg-5]
    - d/control: python3-samba has a runtime dep on python3-markdown
      [Fixed in 2:4.19.6+dfsg-2 via
       meaningful-error-if-no-python3-markdown.patch]
Deleted in noble-proposed (Reason: roll back unnecessary transition) 
samba (2:4.19.5+dfsg-4ubuntu10) noble; urgency=medium

  * No-change rebuild against liburing2t64.

 -- Matthias Klose <email address hidden>  Fri, 19 Apr 2024 18:56:11 +0200
Superseded in oracular-release
Published in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
samba (2:4.19.5+dfsg-4ubuntu9) noble; urgency=high

  * No change rebuild against libgpgme11t64.

 -- Julian Andres Klode <email address hidden>  Mon, 08 Apr 2024 16:49:25 +0200
Superseded in noble-release
Superseded in noble-proposed 
samba (2:4.19.5+dfsg-4ubuntu8) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- Steve Langasek <email address hidden>  Sun, 31 Mar 2024 08:22:04 +0000
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
samba (2:4.19.5+dfsg-4ubuntu7) noble; urgency=medium

  * Fix t64 package name in 'Enhances' attribute.

 -- Matthias Klose <email address hidden>  Sat, 23 Mar 2024 18:12:30 +0100
Superseded in noble-proposed 
samba (2:4.19.5+dfsg-4ubuntu6) noble; urgency=high

  * No change rebuild against libkrb5-26t64-heimdal.

 -- Julian Andres Klode <email address hidden>  Fri, 22 Mar 2024 18:18:35 +0100
Superseded in noble-proposed 
samba (2:4.19.5+dfsg-4ubuntu5) noble; urgency=medium

  * Drop explicit, wrong, redundant dependency from samba-dsdb-modules on
    libgpgme11.

 -- Michael Hudson-Doyle <email address hidden>  Thu, 21 Mar 2024 09:47:23 +1300
Superseded in noble-proposed 
samba (2:4.19.5+dfsg-4ubuntu4) noble; urgency=medium

  * No-change rebuild against libcups2t64

 -- Michael Hudson-Doyle <email address hidden>  Wed, 20 Mar 2024 13:56:46 +1300
Superseded in noble-proposed 
samba (2:4.19.5+dfsg-4ubuntu3) noble; urgency=medium

  * No-change rebuild against libgpgme t64.

 -- Matthias Klose <email address hidden>  Fri, 15 Mar 2024 16:50:16 +0100
Superseded in noble-proposed 
samba (2:4.19.5+dfsg-4ubuntu2) noble; urgency=medium

  * No-change rebuild against libgnutls30t64

 -- Steve Langasek <email address hidden>  Sun, 10 Mar 2024 02:13:07 +0000
Superseded in noble-proposed 
samba (2:4.19.5+dfsg-4ubuntu1) noble; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - debian/control: Ubuntu i386 binary compatibility:
      + enable the liburing vfs module, except on i386 where liburing is
        not available
    - d/t/control, d/t/util,d/t/samba-ad-dc-provisioning-internal-dns:
      samba AD DC provisioning and domain join tests with internal DNS
      (LP #1977746, LP #2011745)
    - d/control: adjust breaks/replaces for file move that Debian did in
      4.16.6+dfsg-5, and Ubuntu only did in 4.17.7+dfsg-1ubuntu1, to avoid
      file conflict in a dist-upgrade from earlier Ubuntu releases, like
      Kinetic (LP #2024663)
    - d/control: python3-samba has a runtime dep on python3-markdown
    - glusterfs is no longer in main, create new binary package in
      universe to ship the samba glusterfs vfs modules and manpages
      (LP #2045063):
      + d/control: new samba-vfs-modules-glusterfs package
      + d/rules: glusterfs vfs modules and manpages are now in the
        samba-vfs-modules-extra package
      + d/samba-vfs-modules-extra.install: add glusterfs vfs modules and
        manpage
    - d/t/util: handle breakage introduced by lxd-installer. If on
      Ubuntu, assume lxd comes from a snap and install it if needed
    - d/t/util: ignore cloud-init's warning exit status, which is
      happening because of LP #2048129 (also see LP #2048522)

 -- Andreas Hasenack <email address hidden>  Mon, 04 Mar 2024 15:05:13 -0300
Superseded in noble-proposed 
samba (2:4.19.5+dfsg-2ubuntu1) noble; urgency=medium

  * Merge with Debian unstable (LP: #2055414). Remaining changes:
    - debian/control: Ubuntu i386 binary compatibility:
      + enable the liburing vfs module, except on i386 where liburing is
        not available
    - d/t/control, d/t/util,d/t/samba-ad-dc-provisioning-internal-dns:
      samba AD DC provisioning and domain join tests with internal DNS
      (LP #1977746, LP #2011745)
    - d/control: adjust breaks/replaces for file move that Debian did in
      4.16.6+dfsg-5, and Ubuntu only did in 4.17.7+dfsg-1ubuntu1, to avoid
      file conflict in a dist-upgrade from earlier Ubuntu releases, like
      Kinetic (LP #2024663)
    - d/control: python3-samba has a runtime dep on python3-markdown
    - glusterfs is no longer in main, create new binary package in
      universe to ship the samba glusterfs vfs modules and manpages
      (LP #2045063):
      + d/control: new samba-vfs-modules-glusterfs package
      + d/rules: glusterfs vfs modules and manpages are now in the
        samba-vfs-modules-extra package
      + d/samba-vfs-modules-extra.install: add glusterfs vfs modules and
        manpage
    - d/t/util: handle breakage introduced by lxd-installer. If on
      Ubuntu, assume lxd comes from a snap and install it if needed
    - d/t/util: ignore cloud-init's warning exit status, which is
      happening because of LP #2048129 (also see LP #2048522)

 -- Andreas Hasenack <email address hidden>  Thu, 29 Feb 2024 09:55:25 -0300
Superseded in noble-proposed 
samba (2:4.19.5+dfsg-1ubuntu2) noble; urgency=medium

  * No-change rebuild against libtirpc3t64

 -- Steve Langasek <email address hidden>  Thu, 29 Feb 2024 09:33:34 +0000
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
samba (2:4.19.5+dfsg-1ubuntu1) noble; urgency=medium

  * Merge with Debian unstable (LP: #2054592). Remaining changes:
    - debian/control: Ubuntu i386 binary compatibility:
      + enable the liburing vfs module, except on i386 where liburing is
        not available
    - d/t/control, d/t/util,d/t/samba-ad-dc-provisioning-internal-dns:
      samba AD DC provisioning and domain join tests with internal DNS
      (LP #1977746, LP #2011745)
    - d/control: adjust breaks/replaces for file move that Debian did in
      4.16.6+dfsg-5, and Ubuntu only did in 4.17.7+dfsg-1ubuntu1, to avoid
      file conflict in a dist-upgrade from earlier Ubuntu releases, like
      Kinetic (LP #2024663)
    - d/control: python3-samba has a runtime dep on python3-markdown
    - glusterfs is no longer in main, create new binary package in
      universe to ship the samba glusterfs vfs modules and manpages
      (LP #2045063):
      + d/control: new samba-vfs-modules-glusterfs package
      + d/rules: glusterfs vfs modules and manpages are now in the
        samba-vfs-modules-extra package
      + d/samba-vfs-modules-extra.install: add glusterfs vfs modules and
        manpage
    - d/t/util: handle breakage introduced by lxd-installer. If on
      Ubuntu, assume lxd comes from a snap and install it if needed
    - d/t/util: ignore cloud-init's warning exit status, which is
      happening because of LP #2048129 (also see LP #2048522)

 -- Andreas Hasenack <email address hidden>  Sun, 25 Feb 2024 14:45:54 -0300
Published in jammy-updates
Deleted in jammy-proposed (Reason: moved to -updates) 
samba (2:4.15.13+dfsg-0ubuntu1.6) jammy; urgency=medium

  * d/p/lp2046994-spotlight-doesnt-work-with-latest-macos-ventura.patch: fix
    spotlight search function on macos ventura (LP: #2046994).

 -- Mitchell Dzurick <email address hidden>  Fri, 05 Jan 2024 14:23:01 -0700
Published in focal-updates
Deleted in focal-proposed (Reason: moved to -updates) 
samba (2:4.15.13+dfsg-0ubuntu0.20.04.8) focal; urgency=medium

  * d/p/lp2046994-spotlight-doesnt-work-with-latest-macos-ventura.patch: fix
    spotlight search function on macos ventura (LP: #2046994).

 -- Mitchell Dzurick <email address hidden>  Thu, 01 Feb 2024 11:24:27 -0700
Deleted in noble-updates (Reason: superseded by release)
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
samba (2:4.19.4+dfsg-3ubuntu1) noble; urgency=medium

  * Merge with Debian unstable (LP: #2051717). Remaining changes:
    - debian/control: Ubuntu i386 binary compatibility:
      + enable the liburing vfs module, except on i386 where liburing is
        not available
    - d/t/control, d/t/util,d/t/samba-ad-dc-provisioning-internal-dns:
      samba AD DC provisioning and domain join tests with internal DNS
      (LP #1977746, LP #2011745)
    - d/control: adjust breaks/replaces for file move that Debian did in
      4.16.6+dfsg-5, and Ubuntu only did in 4.17.7+dfsg-1ubuntu1, to avoid
      file conflict in a dist-upgrade from earlier Ubuntu releases, like
      Kinetic (LP #2024663)
    - d/control: python3-samba has a runtime dep on python3-markdown
    - glusterfs is no longer in main, create new binary package in
      universe to ship the samba glusterfs vfs modules and manpages
      (LP #2045063):
      + d/control: new samba-vfs-modules-glusterfs package
      + d/rules: glusterfs vfs modules and manpages are now in the
        samba-vfs-modules-extra package
      + d/samba-vfs-modules-extra.install: add glusterfs vfs modules and
        manpage
  * Added:
    - d/t/util: handle breakage introduced by lxd-installer. If on
      Ubuntu, assume lxd comes from a snap and install it if needed
    - d/t/util: ignore cloud-init's warning exit status, which is
      happening because of LP #2048129 (also see LP #2048522)

 -- Andreas Hasenack <email address hidden>  Sat, 03 Feb 2024 10:14:42 -0300
Superseded in noble-proposed 
samba (2:4.19.4+dfsg-2ubuntu2) noble; urgency=medium

  * No-change rebuild with Python 3.12 as default

 -- Graham Inggs <email address hidden>  Sat, 20 Jan 2024 19:20:19 +0000
Superseded in noble-proposed 
samba (2:4.19.4+dfsg-2ubuntu1) noble; urgency=medium

  * Merge with Debian unstable (LP: #2040363). Remaining changes:
    - debian/control: Ubuntu i386 binary compatibility:
      + enable the liburing vfs module, except on i386 where liburing is
        not available
    - d/t/control, d/t/util,d/t/samba-ad-dc-provisioning-internal-dns:
      samba AD DC provisioning and domain join tests with internal DNS
      (LP #1977746, LP #2011745)
    - d/control: adjust breaks/replaces for file move that Debian did in
      4.16.6+dfsg-5, and Ubuntu only did in 4.17.7+dfsg-1ubuntu1, to avoid
      file conflict in a dist-upgrade from earlier Ubuntu releases, like
      Kinetic (LP #2024663)
  * Dropped:
    - d/rules: ceph is not available in Ubuntu i386, disable it
      [In 2:4.19.1+dfsg-1]
    - debian/control: Ubuntu i386 binary compatibility:
      + drop ceph support
      [In 2:4.19.1+dfsg-1]
  * Added:
    - d/control: python3-samba has a runtime dep on python3-markdown
    - glusterfs is no longer in main, create new binary package in
      universe to ship the samba glusterfs vfs modules and manpages
      (LP: #2045063):
      + d/control: new samba-vfs-modules-glusterfs package
      + d/rules: glusterfs vfs modules and manpages are now in the
        samba-vfs-modules-extra package
      + d/samba-vfs-modules-extra.install: add glusterfs vfs modules and
        manpage

 -- Andreas Hasenack <email address hidden>  Mon, 15 Jan 2024 12:21:28 -0300
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
samba (2:4.18.6+dfsg-1ubuntu2.2) noble; urgency=medium

  * No-change rebuild for ICU soname change.

 -- Matthias Klose <email address hidden>  Tue, 19 Dec 2023 18:41:25 +0100
Superseded in focal-updates
Published in focal-security 
samba (2:4.15.13+dfsg-0ubuntu0.20.04.7) focal-security; urgency=medium

  * No-change rebuild to fix build issue resulting in regressions.
    (LP: #2039031)

 -- Marc Deslauriers <email address hidden>  Wed, 11 Oct 2023 13:30:13 -0400
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble)
Superseded in noble-proposed
Published in mantic-updates
Published in mantic-security 
samba (2:4.18.6+dfsg-1ubuntu2.1) mantic-security; urgency=medium

  * SECURITY UPDATE: SMB clients can truncate files with read-only
    permissions
    - debian/patches/CVE-2023-4091-*.patch
    - CVE-2023-4091
  * SECURITY UPDATE: Samba AD DC password exposure to privileged users and
    RODCs
    - debian/patches/CVE-2023-4154-*.patch
    - CVE-2023-4154
  * SECURITY UPDATE: rpcecho development server allows Denial of Service
    via sleep() call on AD DC
    - debian/patches/CVE-2023-42669-*.patch
    - CVE-2023-42669
  * SECURITY UPDATE: Samba AD DC Busy RPC multiple listener DoS
    - debian/patches/CVE-2023-42670-*.patch
    - CVE-2023-42670

 -- Marc Deslauriers <email address hidden>  Tue, 10 Oct 2023 12:25:20 -0400
Superseded in focal-updates
Superseded in focal-security 
samba (2:4.15.13+dfsg-0ubuntu0.20.04.6) focal-security; urgency=medium

  * SECURITY UPDATE: SMB clients can truncate files with read-only
    permissions
    - debian/patches/CVE-2023-4091-*.patch
    - CVE-2023-4091
  * SECURITY UPDATE: Samba AD DC password exposure to privileged users and
    RODCs
    - debian/patches/CVE-2023-4154-*.patch
    - CVE-2023-4154
  * SECURITY UPDATE: rpcecho development server allows Denial of Service
    via sleep() call on AD DC
    - debian/patches/CVE-2023-42669.patch
    - CVE-2023-42669

 -- Marc Deslauriers <email address hidden>  Wed, 04 Oct 2023 09:02:06 -0400
Superseded in jammy-updates
Published in jammy-security 
samba (2:4.15.13+dfsg-0ubuntu1.5) jammy-security; urgency=medium

  * SECURITY UPDATE: SMB clients can truncate files with read-only
    permissions
    - debian/patches/CVE-2023-4091-*.patch
    - CVE-2023-4091
  * SECURITY UPDATE: Samba AD DC password exposure to privileged users and
    RODCs
    - debian/patches/CVE-2023-4154-*.patch
    - CVE-2023-4154
  * SECURITY UPDATE: rpcecho development server allows Denial of Service
    via sleep() call on AD DC
    - debian/patches/CVE-2023-42669.patch
    - CVE-2023-42669

 -- Marc Deslauriers <email address hidden>  Wed, 04 Oct 2023 08:38:27 -0400
Published in lunar-updates
Published in lunar-security 
samba (2:4.17.7+dfsg-1ubuntu2.3) lunar-security; urgency=medium

  * SECURITY UPDATE: SMB clients can truncate files with read-only
    permissions
    - debian/patches/CVE-2023-4091-*.patch
    - CVE-2023-4091
  * SECURITY UPDATE: Samba AD DC password exposure to privileged users and
    RODCs
    - debian/patches/CVE-2023-4154-*.patch
    - CVE-2023-4154
  * SECURITY UPDATE: rpcecho development server allows Denial of Service
    via sleep() call on AD DC
    - debian/patches/CVE-2023-42669-*.patch
    - CVE-2023-42669
  * SECURITY UPDATE: Samba AD DC Busy RPC multiple listener DoS
    - debian/patches/CVE-2023-42670-*.patch
    - CVE-2023-42670

 -- Marc Deslauriers <email address hidden>  Wed, 04 Oct 2023 08:18:32 -0400
Superseded in noble-release
Published in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
samba (2:4.18.6+dfsg-1ubuntu2) mantic; urgency=medium

  * No-change rebuild with glusterfs 10.3 (LP: #2035127)

 -- Andreas Hasenack <email address hidden>  Wed, 13 Sep 2023 09:57:01 -0300
Superseded in lunar-updates
Deleted in lunar-proposed (Reason: moved to -updates) 
samba (2:4.17.7+dfsg-1ubuntu2.2) lunar; urgency=medium

  * d/p/issue-when-updating-old-passwd-containing-regex-metachars.patch:
    Add changes to fix uncaught exception when updating old password
    containing regex metacharacters by simplifying samba-tool password
    redaction (LP: #2002949).
Superseded in jammy-updates
Deleted in jammy-proposed (Reason: moved to -updates) 
samba (2:4.15.13+dfsg-0ubuntu1.4) jammy; urgency=medium

  * d/p/issue-when-updating-old-passwd-containing-regex-metachars.patch:
    Add changes to fix uncaught exception when updating old password
    containing regex metacharacters by simplifying samba-tool password
    redaction (LP: #2002949).

 -- Michal Maloszewski <email address hidden>  Fri, 18 Aug 2023 15:53:14 +0200
Superseded in focal-updates
Deleted in focal-proposed (Reason: moved to -updates) 
samba (2:4.15.13+dfsg-0ubuntu0.20.04.5) focal; urgency=medium

  * d/p/issue-when-updating-old-passwd-containing-regex-metachars.patch:
    Add changes to fix uncaught exception when updating old password
    containing regex metacharacters by simplifying samba-tool password
    redaction (LP: #2002949).

 -- Michal Maloszewski <email address hidden>  Fri, 18 Aug 2023 22:56:58 +0200
Superseded in lunar-proposed 
samba (2:4.17.7+dfsg-1ubuntu2.1) lunar; urgency=medium

  * d/control: adjust breaks/replaces for file move that Debian did in
    4.16.6+dfsg-5, and Ubuntu only did in 4.17.7+dfsg-1ubuntu1, to avoid
    file conflict in a dist-upgrade from earlier Ubuntu releases, like
    Kinetic (LP: #2024663)

 -- Andreas Hasenack <email address hidden>  Tue, 01 Aug 2023 18:30:42 -0300
Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
samba (2:4.18.6+dfsg-1ubuntu1) mantic; urgency=medium

  * Merge with Debian unstable (LP: #2031655, LP: #2031619). Remaining changes:
    - debian/control: Ubuntu i386 binary compatibility:
      + drop ceph support
      + enable the liburing vfs module, except on i386 where liburing is
        not available
    - d/t/control, d/t/util,d/t/samba-ad-dc-provisioning-internal-dns:
      samba AD DC provisioning and domain join tests with internal DNS
      (LP #1977746, LP #2011745)
  * Dropped:
    - build-depend on libglusterfs-dev only on !i386 arches
      [In 2:4.18.5+dfsg-2]
    - Add changes to fix uncaught exception when updating old password
      containing regex metacharacters by simplifying samba-tool password
      redaction (LP #2002949).
      + d/p/lib-cmdline-Return-if-the-commandline-was-redacted-i.patch
      + d/p/lib-cmdline-Also-redact-newpassword-in-samba_cmdline.patch
      + d/p/lib-cmdline-Also-burn-the-password2-parameter-if-giv.patch
      + d/p/samba-tool-Use-samba.glue.get_burnt_cmdline-rather-t.patch
      + d/p/python-Add-glue.burn_commandline-method.patch
      + d/p/python-Move-PyList_AsStringList-to-common-code-so-we.patch
      + d/p/python-Remove-const-from-PyList_AsStringList.patch
        [Fixed upstream in 4.18.6]
  * Added:
    - d/control: adjust breaks/replaces for file move that Debian did in
      4.16.6+dfsg-5, and Ubuntu only did in 4.17.7+dfsg-1ubuntu1, to avoid
      file conflict in a dist-upgrade from earlier Ubuntu releases, like
      Kinetic (LP: #2024663)
    - d/rules: ceph is not available in Ubuntu i386, disable it

 -- Andreas Hasenack <email address hidden>  Thu, 17 Aug 2023 09:52:00 -0300
Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
samba (2:4.18.5+dfsg-1ubuntu2) mantic; urgency=medium

  * Add changes to fix uncaught exception when updating old password
    containing regex metacharacters by simplifying samba-tool password
    redaction (LP: #2002949).
    - d/p/lib-cmdline-Return-if-the-commandline-was-redacted-i.patch
    - d/p/lib-cmdline-Also-redact-newpassword-in-samba_cmdline.patch
    - d/p/lib-cmdline-Also-burn-the-password2-parameter-if-giv.patch
    - d/p/samba-tool-Use-samba.glue.get_burnt_cmdline-rather-t.patch
    - d/p/python-Add-glue.burn_commandline-method.patch
    - d/p/python-Move-PyList_AsStringList-to-common-code-so-we.patch
    - d/p/python-Remove-const-from-PyList_AsStringList.patch

 -- Michal Maloszewski <email address hidden>  Fri, 28 Jul 2023 00:55:03 +0200
Superseded in focal-updates
Deleted in focal-proposed (Reason: moved to -updates) 
samba (2:4.15.13+dfsg-0ubuntu0.20.04.4) focal; urgency=medium

  * d/p/secure-channel-faulty-kb5028166.patch: fix domain membership
    after Windows KB5028166 update (LP: #2027716)
  * Cherry pick samba AD DC provisioning DEP8 test from later Ubuntu
    releases (LP: #1977746, LP: #2011745):
    - d/t/control, d/t/util,d/t/samba-ad-dc-provisioning-internal-dns:
      samba AD DC provisioning and domain join tests with internal DNS
      + d/t/control: adjust package dependencies
      + d/t/samba-ad-dc-provisioning-internal-dns: handle the case where
        libnss-winbind does not automatically add winbind to
        /etc/nsswitch.conf (that is done only in Lunar and later)
      + d/t/samba-ad-dc-provisioning-internal-dns: use case insensitive
        match when inspecting kerberos tickets, as the hostname may be
        capitalized
      + d/t/samba-ad-dc-provisioning-internal-dns: Adjust regexp for
        slightly different resolvectl output
      + d/t/util: several lxc command output parsing changes, needed for
        this older version of the lxd snap
      + d/t/samba-ad-dc-provisioning-internal-dns: more dependencies for
        the winbind and sssd domain join tests, which don't get
        installed automatically for us by this version of realmd
      + d/t/util: increase the RLIMIT_MEMLOCK limit for lxd containers,
        as the default of 64kb is too low for at least ppc64el on focal

 -- Andreas Hasenack <email address hidden>  Sun, 23 Jul 2023 17:19:48 -0300
Superseded in jammy-updates
Deleted in jammy-proposed (Reason: moved to -updates) 
samba (2:4.15.13+dfsg-0ubuntu1.3) jammy; urgency=medium

  * d/p/secure-channel-faulty-kb5028166.patch: fix domain membership
    after Windows KB5028166 update (LP: #2027716)
  * Cherry pick samba AD DC provisioning DEP8 test from later Ubuntu
    releases (LP: #1977746, LP: #2011745):
    - d/t/control, d/t/util, d/t/samba-ad-dc-provisioning-internal-dns:
      samba AD DC provisioning and domain join tests with internal DNS
      + d/t/control: adjust package dependencies
      + d/t/samba-ad-dc-provisioning-internal-dns: handle the case where
        libnss-winbind does not automatically add winbind to
        /etc/nsswitch.conf (that is done only in Lunar and later)
      + d/t/samba-ad-dc-provisioning-internal-dns: use case insensitive
        match when inspecting kerberos tickets, as the hostname may be
        capitalized

 -- Andreas Hasenack <email address hidden>  Sun, 23 Jul 2023 17:09:59 -0300
Superseded in lunar-updates
Deleted in lunar-proposed (Reason: moved to -updates) 
samba (2:4.17.7+dfsg-1ubuntu2) lunar; urgency=medium

  * d/p/secure-channel-faulty-kb5028166.patch: fix domain membership
    after Windows KB5028166 update (LP: #2027716)

 -- Andreas Hasenack <email address hidden>  Thu, 20 Jul 2023 10:26:31 -0300
Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
samba (2:4.18.5+dfsg-1ubuntu1) mantic; urgency=medium

  * Merge with Debian unstable (LP: #2028265, LP: #2027716). Remaining
    changes:
    - debian/control: Ubuntu i386 binary compatibility:
      + drop ceph support
      + enable the liburing vfs module, except on i386 where liburing is
        not available
      + build-depend on libglusterfs-dev only on !i386 arches
    - d/t/control, d/t/util,d/t/samba-ad-dc-provisioning-internal-dns:
      samba AD DC provisioning and domain join tests with internal DNS
      (LP #1977746, LP #2011745)
    - d/t/util: reload instead of restarting samba, as it's quicker and
      has the same effect we want in this test

 -- Andreas Hasenack <email address hidden>  Thu, 20 Jul 2023 10:15:22 -0300
Superseded in jammy-updates
Superseded in jammy-security 
samba (2:4.15.13+dfsg-0ubuntu1.2) jammy-security; urgency=medium

  * SECURITY UPDATE: Out-Of-Bounds read in winbind AUTH_CRAP
    - debian/patches/CVE-2022-2127-*.patch
    - CVE-2022-2127
  * SECURITY UPDATE: Spotlight mdssvc RPC Request Infinite Loop DoS
    - debian/patches/CVE-2023-34966-*.patch
    - CVE-2023-34966
  * SECURITY UPDATE: Spotlight mdssvc RPC Request Type Confusion DoS
    - debian/patches/CVE-2023-34967-*.patch
    - CVE-2023-34967
  * SECURITY UPDATE: Spotlight server-side Share Path Disclosure
    - debian/patches/CVE-2023-34968-*.patch
    - CVE-2023-34968

 -- Marc Deslauriers <email address hidden>  Tue, 11 Jul 2023 08:44:35 -0400
Superseded in focal-updates
Superseded in focal-security 
samba (2:4.15.13+dfsg-0ubuntu0.20.04.3) focal-security; urgency=medium

  * SECURITY UPDATE: Out-Of-Bounds read in winbind AUTH_CRAP
    - debian/patches/CVE-2022-2127-*.patch
    - CVE-2022-2127
  * SECURITY UPDATE: Spotlight mdssvc RPC Request Infinite Loop DoS
    - debian/patches/CVE-2023-34966-*.patch
    - CVE-2023-34966
  * SECURITY UPDATE: Spotlight mdssvc RPC Request Type Confusion DoS
    - debian/patches/CVE-2023-34967-*.patch
    - CVE-2023-34967
  * SECURITY UPDATE: Spotlight server-side Share Path Disclosure
    - debian/patches/CVE-2023-34968-*.patch
    - CVE-2023-34968

 -- Marc Deslauriers <email address hidden>  Tue, 11 Jul 2023 08:45:47 -0400
Obsolete in kinetic-updates
Obsolete in kinetic-security 
samba (2:4.16.8+dfsg-0ubuntu1.2) kinetic-security; urgency=medium

  * SECURITY UPDATE: Out-Of-Bounds read in winbind AUTH_CRAP
    - debian/patches/CVE-2022-2127-*.patch
    - CVE-2022-2127
  * SECURITY UPDATE: Spotlight mdssvc RPC Request Infinite Loop DoS
    - debian/patches/CVE-2023-34966-*.patch
    - CVE-2023-34966
  * SECURITY UPDATE: Spotlight mdssvc RPC Request Type Confusion DoS
    - debian/patches/CVE-2023-34967-*.patch
    - CVE-2023-34967
  * SECURITY UPDATE: Spotlight server-side Share Path Disclosure
    - debian/patches/CVE-2023-34968-*.patch
    - CVE-2023-34968

 -- Marc Deslauriers <email address hidden>  Tue, 11 Jul 2023 08:00:26 -0400
Superseded in lunar-updates
Superseded in lunar-security 
samba (2:4.17.7+dfsg-1ubuntu1.1) lunar-security; urgency=medium

  * SECURITY UPDATE: Out-Of-Bounds read in winbind AUTH_CRAP
    - debian/patches/CVE-2022-2127-*.patch
    - CVE-2022-2127
  * SECURITY UPDATE: SMB2 packet signing not enforced
    - debian/patches/CVE-2023-3347-*.patch
    - CVE-2023-3347
  * SECURITY UPDATE: Spotlight mdssvc RPC Request Infinite Loop DoS
    - debian/patches/CVE-2023-34966-*.patch
    - CVE-2023-34966
  * SECURITY UPDATE: Spotlight mdssvc RPC Request Type Confusion DoS
    - debian/patches/CVE-2023-34967-*.patch
    - CVE-2023-34967
  * SECURITY UPDATE: Spotlight server-side Share Path Disclosure
    - debian/patches/CVE-2023-34968-*.patch
    - CVE-2023-34968

 -- Marc Deslauriers <email address hidden>  Tue, 11 Jul 2023 07:54:30 -0400
Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
samba (2:4.18.3+dfsg-3ubuntu1) mantic; urgency=medium

  * Merge with Debian unstable (LP: #2018054). Remaining changes:
    - debian/control: Ubuntu i386 binary compatibility:
      + drop ceph support
      + enable the liburing vfs module, except on i386 where liburing is
        not available
      + build-depend on libglusterfs-dev only on !i386 arches
    - d/t/control, d/t/util,d/t/samba-ad-dc-provisioning-internal-dns:
      samba AD DC provisioning and domain join tests with internal DNS
      (LP #1977746, LP #2011745)
  * Added changes:
    - d/t/util: reload instead of restarting samba, as it's quicker and
      has the same effect we want in this test

 -- Andreas Hasenack <email address hidden>  Thu, 22 Jun 2023 11:59:19 -0300
Superseded in mantic-release
Published in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
samba (2:4.17.7+dfsg-1ubuntu1) lunar; urgency=medium

  * Merge with Debian unstable (LP: #2014052). Remaining changes:
    - debian/control: Ubuntu i386 binary compatibility:
      + drop ceph support
      + enable the liburing vfs module, except on i386 where liburing is
        not available
      + build-depend on libglusterfs-dev only on !i386 arches
    - d/t/control, d/t/util,d/t/samba-ad-dc-provisioning-internal-dns:
      samba AD DC provisioning and domain join tests with internal DNS
      (LP #1977746, LP #2011745)

 -- Andreas Hasenack <email address hidden>  Fri, 31 Mar 2023 15:26:11 -0300
Superseded in focal-updates
Superseded in focal-security 
samba (2:4.15.13+dfsg-0ubuntu0.20.04.2) focal-security; urgency=medium

  * SECURITY UPDATE: Access controlled AD LDAP attributes can be discovered
    - debian/patches/CVE-2023-0614-*.patch: upstream patches to fix the
      issue (some of these aren't directly used in this package as they
      apply to the ldb library which is updated separately).
    - debian/control: bump ldb Build-Depends to security update version.
    - CVE-2023-0614
  * SECURITY UPDATE: admin tool samba-tool sends passwords in cleartext
    - debian/patches/CVE-2023-0922.patch: set default ldap client sasl
      wrapping to seal.
    - CVE-2023-0922

 -- Marc Deslauriers <email address hidden>  Thu, 30 Mar 2023 09:25:19 -0400
Superseded in jammy-updates
Superseded in jammy-security 
samba (2:4.15.13+dfsg-0ubuntu1.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Access controlled AD LDAP attributes can be discovered
    - debian/patches/CVE-2023-0614-*.patch: upstream patches to fix the
      issue (some of these aren't directly used in this package as they
      apply to the ldb library which is updated separately).
    - debian/control: bump ldb Build-Depends to security update version.
    - CVE-2023-0614
  * SECURITY UPDATE: admin tool samba-tool sends passwords in cleartext
    - debian/patches/CVE-2023-0922.patch: set default ldap client sasl
      wrapping to seal.
    - CVE-2023-0922

 -- Marc Deslauriers <email address hidden>  Thu, 30 Mar 2023 09:25:19 -0400
Superseded in kinetic-updates
Superseded in kinetic-security 
samba (2:4.16.8+dfsg-0ubuntu1.1) kinetic-security; urgency=medium

  * SECURITY UPDATE: Access controlled AD LDAP attributes can be discovered
    - debian/patches/CVE-2023-0614-*.patch: upstream patches to fix the
      issue.
    - debian/libldb2.symbols: added new symbols.
    - debian/python3-ldb.symbols.in: added new symbols.
    - CVE-2023-0614
  * SECURITY UPDATE: admin tool samba-tool sends passwords in cleartext
    - debian/patches/CVE-2023-0922.patch: set default ldap client sasl
      wrapping to seal.
    - CVE-2023-0922

 -- Marc Deslauriers <email address hidden>  Thu, 30 Mar 2023 07:55:26 -0400
Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
samba (2:4.17.5+dfsg-2ubuntu3) lunar; urgency=medium

  * Add domain join tests (LP: #2011745):
    - d/t/control: update dependencies for samba AD provisioning test,
      which now also includes a member server join test
    - d/t/util, d/t/samba-ad-dc-*: add member server join tests

 -- Andreas Hasenack <email address hidden>  Wed, 15 Mar 2023 20:49:56 -0300
Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
samba (2:4.17.5+dfsg-2ubuntu2) lunar; urgency=medium

  * d/t/samba-ad-dc-provisioning-internal-dns: test improvements
    (LP: #2009485):
    - increase kinit timeout, as it also does DNS lookups
    - add a trap on exit to show logs in the case of some failure

 -- Andreas Hasenack <email address hidden>  Mon, 06 Mar 2023 11:49:34 -0300
Superseded in focal-updates
Superseded in focal-security 
samba (2:4.15.13+dfsg-0ubuntu0.20.04.1) focal-security; urgency=medium

  * Update to 4.15.13 as a security update
    - Removed patches included in new version:
      + CVE-*.patch
      + win-22H2-fix*.patch
      + Rename-mdfind-to-mdsearch.patch
      + lp-1951490-fix-printing-KB5006743.patch
    - d/rules: remove --with-dnsupdate, it was merged with --with-ads.
    - debian/control: bump libldb-dev Build-Depends to 2.4.4, bump
      libtalloc to 2.3.3, libtdb to 1.4.4, and libtevent to 0.11.0.
    - debian/control: added python3-markdown to Build-Depends.
    - debian/{gpb.conf,watch,README.source}: updated for 4.15.
    - debian/{*.install,*.symbols,*.lintian-overrides}: updated for 4.15.
    - debian/rules: drop fixing of findsmb shebang.
    - debian/rules: drop removal of ctdb tests, they are no longer
      installed.
    - CVE-2022-3437, CVE-2022-37966, CVE-2022-37967, CVE-2022-38023,
      CVE-2022-42898, CVE-2022-45141

 -- Marc Deslauriers <email address hidden>  Fri, 24 Feb 2023 07:31:43 -0500
Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
samba (2:4.17.5+dfsg-2ubuntu1) lunar; urgency=medium

  * Merge with Debian unstable (LP: #2002181). Remaining changes:
    - debian/control: Ubuntu i386 binary compatibility:
      + drop ceph support
      + enable the liburing vfs module, except on i386 where liburing is
        not available
      + build-depend on libglusterfs-dev only on !i386 arches
  * Added:
    - d/t/control, d/t/samba-ad-dc-provisioning-internal-dns: samba AD
      DC provisioning test with internal DNS (LP: #1977746)

 -- Andreas Hasenack <email address hidden>  Sun, 05 Feb 2023 13:47:57 -0300
Superseded in lunar-proposed 
samba (2:4.17.3+dfsg-3ubuntu3) lunar; urgency=medium

  * Rebuild against latest icu

 -- Jeremy Bicha <email address hidden>  Mon, 06 Feb 2023 07:57:36 -0500
Superseded in focal-updates
Superseded in focal-security 
samba (2:4.13.17~dfsg-0ubuntu1.20.04.5) focal-security; urgency=medium

  * SECURITY UPDATE: Multiple regressions (LP: #2003867) (LP: #2003891)
    - debian/patches/series: disable all security fixes from the previous
      update pending further investigation. This reverts the following
      CVEs: CVE-2022-3437, CVE-2022-42898, CVE-2022-45141, CVE-2022-38023,
      CVE-2022-37966, CVE-2022-37967.

 -- Marc Deslauriers <email address hidden>  Thu, 26 Jan 2023 09:03:40 -0500
Superseded in focal-updates
Superseded in focal-security 
samba (2:4.13.17~dfsg-0ubuntu1.20.04.4) focal-security; urgency=medium

  * SECURITY UPDATE: Buffer overflow in Heimdal unwrap_des3()
    - debian/patches/CVE-2022-3437-*.patch
    - CVE-2022-3437
  * SECURITY UPDATE: Buffer overflow vulnerabilities on 32-bit systems
    - debian/patches/CVE-2022-42898-*.patch
    - CVE-2022-42898
  * SECURITY UPDATE: Samba AD DC can be forced to issue rc4-hmac encrypted
    Kerberos tickets
    - debian/patches/CVE-2022-45141-*.patch
    - CVE-2022-45141
  * SECURITY UPDATE: RC4/HMAC-MD5 NetLogon Secure Channel is weak and
    should be avoided
    - debian/patches/CVE-2022-38023-*.patch
    - CVE-2022-38023
  * SECURITY UPDATE: rc4-hmac Kerberos session keys issued to modern servers
    - debian/patches/CVE-2022-3796x-*.patch
    - CVE-2022-37966
  * SECURITY UPDATE: Kerberos constrained delegation ticket forgery
    possible against Samba AD DC
    - debian/patches/CVE-2022-3796x-*.patch
    - CVE-2022-37967
  * debian/patches/win-22H2-fix.patch: split git-style patch into three
    individual patches so that it can be manipulated properly with quilt.
  * debian/patches/CVE-2022-44640-*.patch: Heimdal issue that did not
    affect Samba, but patches included for completeness.

 -- Marc Deslauriers <email address hidden>  Wed, 11 Jan 2023 11:12:16 -0500
Superseded in jammy-updates
Superseded in jammy-security 
samba (2:4.15.13+dfsg-0ubuntu1) jammy-security; urgency=medium

  * Updated to upstream 4.15.13 to fix multiple security issues.
    - debian/patches/win-22H2-fix.patch: removed, included in new version.
    - CVE-2022-3437
    - CVE-2022-37966
    - CVE-2022-37967
    - CVE-2022-38023
    - CVE-2022-42898
    - CVE-2022-45141

 -- Marc Deslauriers <email address hidden>  Tue, 10 Jan 2023 10:04:53 -0500
Superseded in kinetic-updates
Superseded in kinetic-security 
samba (2:4.16.8+dfsg-0ubuntu1) kinetic-security; urgency=medium

  * Updated to upstream 4.16.8 to fix multiple security issues.
    - debian/patches/fix-samba-tool-domain-join-segfault.patch: removed,
      included in new version.
    - CVE-2021-20251
    - CVE-2022-3437
    - CVE-2022-37966
    - CVE-2022-37967
    - CVE-2022-38023
    - CVE-2022-42898

 -- Marc Deslauriers <email address hidden>  Tue, 10 Jan 2023 09:07:59 -0500
Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
samba (2:4.17.3+dfsg-3ubuntu2) lunar; urgency=medium

  * No-change rebuild with Python 3.11 as default

 -- Graham Inggs <email address hidden>  Mon, 26 Dec 2022 18:01:11 +0000
Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
samba (2:4.17.3+dfsg-3ubuntu1) lunar; urgency=medium

  * Merge with Debian unstable (LP: #1993380). Remaining changes:
    - debian/control: Ubuntu i386 binary compatibility:
      + drop ceph support
    - d/control: enable the liburing vfs module, except on i386 where
      liburing is not available
    - d/control: build-depend on libglusterfs-dev only on !i386 arches
  * Dropped:
    - debian/smb.conf;
      + Add "(Samba, Ubuntu)" to server string.
        [In 2:4.16.6+dfsg-1]
      + Comment out the default [homes] share, and add a comment about
        "valid users = %s" to show users how to restrict access to
        \\server\username to only username.
        [In 2:4.16.6+dfsg-1]
    - d/t/{cifs-share-access-uring,smbclient-share-access-uring}:
      Skip running the tests if on i386 platform, because the uring
      package is not available there.
      [In 2:4.16.6+dfsg-1, improved]
    - d/t/util: fix setting the password of the smb test user
      (LP #1955851)
      [In 2:4.16.5+dfsg-2]
    - d/p/VERSION.patch: Update vendor string to "Ubuntu".
      [Implemented dynamically in d/rules in 2:4.16.6+dfsg-6]
    - d/rules: in Ubuntu, glusterfs is not built for i386, so don't
      enable the samba glusterfs vfs mofule in that case
      [In 2:4.16.6+dfsg-1]

 -- Andreas Hasenack <email address hidden>  Tue, 13 Dec 2022 18:36:23 -0300
Superseded in lunar-proposed 
samba (2:4.16.4+dfsg-2ubuntu2) lunar; urgency=medium

  * No-change rebuild against libldap-2

 -- Steve Langasek <email address hidden>  Thu, 15 Dec 2022 19:55:02 +0000
Published in bionic-updates
Deleted in bionic-proposed (Reason: moved to -updates) 
samba (2:4.7.6+dfsg~ubuntu-0ubuntu2.29) bionic; urgency=medium

  * d/p/win-22H2-fix.patch: fix interoperability with Windows 22H2
    clients (LP: #1993934)

 -- Andreas Hasenack <email address hidden>  Wed, 09 Nov 2022 11:42:14 -0300
Superseded in focal-updates
Deleted in focal-proposed (Reason: moved to -updates) 
samba (2:4.13.17~dfsg-0ubuntu1.20.04.2) focal; urgency=medium

  * d/p/win-22H2-fix.patch: fix interoperability with Windows 22H2
    clients (LP: #1993934)

 -- Andreas Hasenack <email address hidden>  Tue, 08 Nov 2022 11:35:28 -0300
Superseded in jammy-updates
Deleted in jammy-proposed (Reason: moved to -updates) 
samba (2:4.15.9+dfsg-0ubuntu0.3) jammy; urgency=medium

  * d/p/win-22H2-fix.patch: fix interoperability with Windows 22H2
    clients (LP: #1993934)

 -- Andreas Hasenack <email address hidden>  Tue, 08 Nov 2022 10:59:27 -0300
Superseded in lunar-release
Obsolete in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
samba (2:4.16.4+dfsg-2ubuntu1) kinetic; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - d/p/VERSION.patch: Update vendor string to "Ubuntu".
    - debian/smb.conf;
      + Add "(Samba, Ubuntu)" to server string.
      + Comment out the default [homes] share, and add a comment about
        "valid users = %s" to show users how to restrict access to
        \\server\username to only username.
    - debian/control: Ubuntu i386 binary compatibility:
      + drop ceph support
    - d/control: enable the liburing vfs module, except on i386 where
      liburing is not available
    - d/t/{cifs-share-access-uring,smbclient-share-access-uring}:
      Skip running the tests if on i386 platform, because the uring
      package is not available there.
    - d/t/util: fix setting the password of the smb test user
      (LP #1955851)
    - d/rules: in Ubuntu, glusterfs is not built for i386, so don't
      enable the samba glusterfs vfs mofule in that case
    - d/control: build-depend on libglusterfs-dev only on !i386 arches

 -- Andreas Hasenack <email address hidden>  Tue, 02 Aug 2022 09:30:05 -0300
Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
samba (2:4.16.3+dfsg-1ubuntu1) kinetic; urgency=medium

  * Merge with Debian unstable (LP: #1982116). Remaining changes:
    - d/p/VERSION.patch: Update vendor string to "Ubuntu".
    - debian/smb.conf;
      + Add "(Samba, Ubuntu)" to server string.
      + Comment out the default [homes] share, and add a comment about
        "valid users = %s" to show users how to restrict access to
        \\server\username to only username.
    - debian/control: Ubuntu i386 binary compatibility:
      + drop ceph support
    - d/control: enable the liburing vfs module, except on i386 where
      liburing is not available
    - d/t/{cifs-share-access-uring,smbclient-share-access-uring}:
      Skip running the tests if on i386 platform, because the uring
      package is not available there.
    - d/t/util: fix setting the password of the smb test user
      (LP #1955851)
    - d/rules: in Ubuntu, glusterfs is not built for i386, so don't
      enable the samba glusterfs vfs mofule in that case
    - d/control: build-depend on libglusterfs-dev only on !i386 arches
  * Dropped:
    - Update nfs scripts for new nfs.conf config (LP: #1961840):
      + d/p/fix-nfs-service-name-to-nfs-kernel-server.patch: updated to use
        nfsconf(8) if it's available, instead of parsing the old config
        files in /etc/default/nfs-*
        [In 2:4.16.3+dfsg-1]
      + d/ctdb.example/nfs-kernel-server/nfs.conf: /etc/nfs.conf to be
        used by the example enable-nfs.sh example script
        [In 2:4.16.3+dfsg-1]
      + d/ctdb.example/nfs-kernel-server/quota: quota config file to be
        used by the example enable-nfs.sh script
        [In 2:4.16.3+dfsg-1]
      + d/ctdb.example/nfs-kernel-server/nfs-{common,kernel-server}:
        obsolete, replaced by nfs.conf
        [In 2:4.16.3+dfsg-1]
      + d/ctdb.example/nfs-kernel-server/enable-nfs.sh: handle new
        nfs.conf and other changes in the new nfs server packages
        [In 2:4.16.3+dfsg-1]
    - Fix abort when deleting a file and "fruit:resource = stream" is
      used.  (LP #1977491)
      + d/p/lp1977491-dont-crash-on-vfs_fruit-resource-stream-01.patch:
        Add test that shows smbd crashing when deleting a file while using
        vfs_fruit with "fruit:resource = stream".
      + d/p/lp1977491-dont-crash-on-vfs_fruit-resource-stream-02.patch:
        Handle file deleting when "fruit:resource = stream" is used.
        [Fixed upstream]
    - Build dlz module for bind 9.18.x (LP #1964032)
      + d/p/add-support-for-bind-918.patch: build a dlz module for
        bind 9.18.x
      + d/p/add-support-for-bind-918-2.patch: also update the
        provisioning tool and template config file
        [Fixed upstream]

 -- Andreas Hasenack <email address hidden>  Fri, 29 Jul 2022 17:09:27 -0300
Superseded in jammy-updates
Superseded in jammy-security 
samba (2:4.15.9+dfsg-0ubuntu0.2) jammy-security; urgency=medium

  * Updated to 2.15.9 to fix multiple security issues.
    - debian/control: require ldb 2.4.4.
    - debian/*install: install libsmbconf.so*.
    - debian/libwbclient0.symbols: updated symbols for new version.
    - CVE-2022-2031, CVE-2022-32742, CVE-2022-32744, CVE-2022-32745,
      CVE-2022-32746
  * Removed patches included in new version:
    - lp-1951490-fix-printing-KB5006743.patch
    - add-support-for-bind-918.patch
    - add-support-for-bind-918-2.patch
    - lp1977491-dont-crash-on-vfs_fruit-resource-stream-01.patch
    - lp1977491-dont-crash-on-vfs_fruit-resource-stream-02.patch

 -- Marc Deslauriers <email address hidden>  Thu, 28 Jul 2022 08:07:32 -0400
175 of 653 results FirstPreviousLast