-
samba (3.0.22-1ubuntu4.5) edgy-security; urgency=low
* SECURITY UPDATE: remote code execution via GETDC mailslot request.
* Add security-CVE-2007-6015.patch: thanks to Steve Langasek.
* References
CVE-2007-6015
-- Kees Cook <email address hidden> Fri, 14 Dec 2007 17:30:50 -0800
-
samba (3.0.22-1ubuntu4.4) edgy-security; urgency=low
* removed debian/patches/security_CVE-2007-4572.patch as it
caused regressions. This is believed to be a non-exploitable
DoS, but will provide updated packages when a suitable fix
is found.
* References:
LP #163042
LP #163116
https://bugzilla.samba.org/show_bug.cgi?id=5087
-- Jamie Strandboge <email address hidden> Fri, 16 Nov 2007 13:46:07 -0500
-
samba (3.0.22-1ubuntu4.3) edgy-security; urgency=low
* SECURITY UPDATE: buffer overrun in nmbd when processing crafted GETDC
mailslot requests
* debian/patches/security_CVE-2007-4572.patch: check return values and
sizeof strings in charcnv.c, ntlmssp_parse.c, nmbd_processlogon.c
* SECURITY UPDATE: arbitrary code execution in nmbd when configured as
a WINS server when processing name registration and name query requests
* debian/patches/security_CVE-2007-5398.patch: properly check len in
nmbd_packets.c
* References
CVE-2007-4572
CVE-2007-5398
-- Jamie Strandboge <email address hidden> Wed, 14 Nov 2007 17:18:03 -0500
-
samba (3.0.22-1ubuntu4.2) edgy-security; urgency=low
* SECURITY UPDATE: remote heap overflows, remote command execution.
* security_ndr-heap-overflows.patch: upstream fixes (CVE-2007-2446)
* security_remote-command-execution.patch: upstream fixed (CVE-2007-2447)
-- Kees Cook <email address hidden> Tue, 15 May 2007 15:28:41 -0700
-
samba (3.0.22-1ubuntu4.1) edgy-security; urgency=low
* SECURITY UPDATE: priv escalation via crafted AFS share filenames,
denial of service when renaming a file in deferred open queue.
* Add 'debian/patches/ubuntu-fix-open-loop.patch': fix infinite loop,
taken from upstream patch.
- CVE-2007-0452
* Add 'debian/patches/ubuntu-fix-afsacl.patch': fix format string
overflow, taken from upstrem patch.
- CVE-2007-0454
-- Kees Cook <email address hidden> Mon, 5 Feb 2007 15:43:09 -0800
-
samba (3.0.22-1ubuntu4) edgy; urgency=low
* SECURITY UPDATE: Remote DoS.
* Add debian/patches/track_connection_dos.patch:
- Limit active connections to 2048 to avoid DoS due to unbound array
growing when tracking active connections.
- CVE-2006-3403
-- Martin Pitt <email address hidden> Tue, 11 Jul 2006 13:14:27 +0200
-
samba (3.0.22-1ubuntu3) dapper; urgency=low
* Config file changes only in this upload; no destabilising code changes.
* Comment out the default [homes] shares and add more verbose comments to
explain what they do and how they work (closes: launchpad.net/27608)
* Add a "valid users = %S" stanza to the commented-out [homes] section, to
show users how to restrict access to \\server\username to only username.
* Change the (commented-out) "printer admin" example to use "@lpadmin"
instead of "@ntadmin", since the lpadmin group is used for spool admin.
-- Adam Conrad <email address hidden> Wed, 17 May 2006 18:29:00 +1000
