-
samba (2:4.12.5+dfsg-3ubuntu4.4) groovy; urgency=medium
* Fix samba-common-bin postinst errors (LP: #1905387)
- d/rules: ensure systemd-tmpfiles runs for samba-common-bin postinst
through dh_installsystemd
- d/samba-common-bin.postinst: ensure systemd-tmpfiles is called before
testparm
- d/t/reinstall-samba-common-bin: make sure /run/samba is created by the
samba-common-bin installation process (postinst script)
- d/t/control: run new reinstall-samba-common-bin test case
-- Athos Ribeiro <email address hidden> Thu, 27 May 2021 09:22:22 -0300
-
samba (2:4.12.5+dfsg-3ubuntu4.3) groovy-security; urgency=medium
* SECURITY UPDATE: wrong group entries via negative idmap cache entries
- debian/patches/CVE-2021-20254.patch: Simplify sids_to_unixids() in
source3/passdb/lookup_sid.c.
- CVE-2021-20254
-- Marc Deslauriers <email address hidden> Wed, 14 Apr 2021 07:00:46 -0400
-
samba (2:4.12.5+dfsg-3ubuntu4.1) groovy-security; urgency=medium
* SECURITY UPDATE: Missing handle permissions check in ChangeNotify
- debian/patches/CVE-2020-14318-*.patch: ensure change notifies can't
get set unless the directory handle is open for SEC_DIR_LIST in
source4/torture/smb2/notify.c, source3/smbd/notify.c.
- CVE-2020-14318
* SECURITY UPDATE: Unprivileged user can crash winbind
- debian/patches/CVE-2020-14323-*.patch: fix invalid lookupsids DoS in
source3/winbindd/winbindd_lookupsids.c,
source4/torture/winbind/struct_based.c.
- CVE-2020-14323
* SECURITY UPDATE: DNS server crash via invalid records
- debian/patches/CVE-2020-14383-*.patch: ensure variable initialization
with NULL and do not crash when additional data not found in
source4/rpc_server/dnsserver/dcerpc_dnsserver.c.
- CVE-2020-14383
-- Marc Deslauriers <email address hidden> Fri, 16 Oct 2020 06:53:44 -0400
-
samba (2:4.12.5+dfsg-3ubuntu4) groovy; urgency=medium
* SECURITY UPDATE: Unauthenticated domain controller compromise by
subverting Netlogon cryptography (ZeroLogon)
- debian/patches/zerologon-*.patch: backport upstream patches:
+ For compatibility reasons, allow specifying an insecure netlogon
configuration per machine. See the following link for examples:
https://www.samba.org/samba/security/CVE-2020-1472.html
+ Add additional server checks for the protocol attack in the
client-specified challenge to provide some protection when
'server schannel = no/auto' and avoid the false-positive results
when running the proof-of-concept exploit.
- CVE-2020-1472
-- Marc Deslauriers <email address hidden> Mon, 28 Sep 2020 09:46:49 -0400
-
samba (2:4.12.5+dfsg-3ubuntu3) groovy; urgency=medium
* d/t/{util, smbclient-share-access-uring, cifs-share-access-uring}:
guard uring tests with a kernel version check and skip if it's too old
-- Andreas Hasenack <email address hidden> Tue, 11 Aug 2020 11:00:35 -0300
-
samba (2:4.12.5+dfsg-3ubuntu2) groovy; urgency=medium
* d/t/smbclient-anonymous-share-list: add set -x and set -e
* Factor out common DEP8 test code into d/t/util and change the tests
to source from it:
- d/t/util: added
- d/t/cifs-share-access, d/t/smbclient-share-access: source from
util, use random share name and add set -x and set -u
- d/t/smbclient-authenticated-share-list: source from util and add
set -x and set -u
* d/control: enable the liburing vfs module, except on i386 where
liburing is not available
* Add new DEP8 tests for the uring vfs module:
- d/t/control: add smbclient-share-access-uring and
cifs-share-access-uring tests
- d/t/smbclient-share-access-uring: new test
- d/t/cifs-share-access-uring: new test
-- Andreas Hasenack <email address hidden> Tue, 04 Aug 2020 17:20:30 -0300
-
samba (2:4.12.5+dfsg-3ubuntu1) groovy; urgency=medium
* Merge with Debian unstable. Remaining changes:
- d/p/VERSION.patch: Update vendor string to "Ubuntu".
- debian/smb.conf;
+ Add "(Samba, Ubuntu)" to server string.
+ Comment out the default [homes] share, and add a comment about
"valid users = %s" to show users how to restrict access to
\\server\username to only username.
- debian/samba-common.config:
+ Do not change priority to high if dhclient3 is installed.
- d/control, d/rules: Disable glusterfs support because it's not in main.
MIR bug is https://launchpad.net/bugs/1274247
- d/p/fix-nfs-service-name-to-nfs-kernel-server.patch:
change nfs service name from nfs to nfs-kernel-server
(LP #722201)
- d/p/ctdb-config-enable-syslog-by-default.patch:
enable syslog and systemd journal by default
- debian/rules: Ubuntu i386 binary compatibility:
+ drop ceph support
+ disable the following binary packages:
- ctdb
- libnss-winbind
- libpam-winbind
- python3-samba
- samba
- samba-common-bin
- samba-testsuite
- winbind
- debian/control: Ubuntu i386 binary compatibility:
+ drop ceph support
- debian/rules: Ubuntu i386 binary compatibility:
+ re-enable the following binary packages:
- libnss-winbind
- samba-common-bin
- python3-samba
- winbind
- d/control: add a versioned libgnutls28-dev build-depends to reduce
the amount of in-tree crypto code that is built
* Dropped:
- d/gbp.conf, d/watch, d/README.source: update for 4.12
[In 2:4.12.3+dfsg-1]
- d/control: bump build-depends:
+ ldb: 2.1.2
+ tevent: 0.10.2
+ tdb: 1.4.3
+ talloc: 2.3.1
[In 2:4.12.3+dfsg-1]
- d/smbclient.install: add new binary mdfind and its manpage
[In 2:4.12.3+dfsg-1]
- d/samba-dev.install, d/samba-libs.install: new lib
libdcerpc-server-core
[In 2:4.12.3+dfsg-1]
- d/samba-libs.install: new library libtalloc-report-printf
[In 2:4.12.3+dfsg-1]
- d/libwbclient0.install: remove libaesni, no longer built when
gnutls provides AES CMAC
[In 2:4.12.3+dfsg-1]
- d/libsmbclient.symbols, d/libwbclient0.symbols: update symbols
[In 2:4.12.3+dfsg-1]
- d/p/build-Remove-tests-for-getdents-and-getdirentries.patch
[Dropped in 2:4.12.3+dfsg-1]
- d/p/wscript-remove-all-checks-for-_FUNC-and-__FUNC.patch
[Dropped in 2:4.12.3+dfsg-1]
- d/p/wscript-split-function-check-to-one-per-line-and-sor.patch
[Dropped in 2:4.12.3+dfsg-1]
samba (2:4.12.5+dfsg-3) unstable; urgency=high
* Add Breaks: sssd-ad-common (<< 2.3.0), due to libndr so bump
(Closes: #963971)
* Add patch traffic_packets: fix SyntaxWarning: "is" with a literal
(Closes: #964165)
* Add patch Rename mdfind to mdsearch (Closes: #963985)
samba (2:4.12.5+dfsg-2) unstable; urgency=high
* Add missing symbol (path_expand_tilde)
samba (2:4.12.5+dfsg-1) unstable; urgency=high
* New upstream security release:
- CVE-2020-10730: NULL pointer de-reference and use-after-free in Samba AD
DC LDAP Server with ASQ, VLV and paged_results
- CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume
excessive CPU
- CVE-2020-10760: LDAP Use-after-free in Samba AD DC Global Catalog with
paged_results and VLV.
- CVE-2020-14303: Empty UDP packet DoS in Samba AD DC nbtd.
- Bump build-depends ldb >= 2.1.4
samba (2:4.12.3+dfsg-2) unstable; urgency=medium
* Upload to unstable
samba (2:4.12.3+dfsg-1) experimental; urgency=medium
* New upstream major version (Closes: #963106)
- Update d/gbp.conf, d/watch and d/README.source for 4.12
- Drop merged patches
- Bump build-depends talloc >= 2.3.1, tdb >= 1.4.3, tevent >= 0.10.2 and
ldb >= 2.1.3
- Upstream fixes:
+ pygpo: use correct method flags
(Closes: #963242, #961585, #960171, #956428)
+ CVE-2020-10700: A use-after-free flaw was found in the way samba AD DC
LDAP servers, handled 'Paged Results' control is combined with the 'ASQ'
control. A malicious user in a samba AD could use this flaw to cause
denial of service (Closes: #960189)
+ CVE-2020-10704: A flaw was found when using samba as an Active Directory
Domain Controller. Due to the way samba handles certain requests as an
Active Directory Domain Controller LDAP server, an unauthorized user can
cause a stack overflow leading to a denial of service. The highest
threat from this vulnerability is to system availability
(Closes: #960188)
- intel aes-ni no more needed as GnuTLS is used
- Install new files
- Update symbols
- Update samba-libs.lintian-overrides
* d/control: Remove unused libattr1-dev Build-Depends (Closes: #953915)
-- Andreas Hasenack <email address hidden> Fri, 31 Jul 2020 11:07:47 -0300
-
samba (2:4.12.2+dfsg-0ubuntu1) groovy; urgency=medium
* New upstream version: 4.12.2
* d/gbp.conf, d/watch, d/README.source: update for 4.12
* d/control: bump build-depends:
- ldb: 2.1.2
- tevent: 0.10.2
- tdb: 1.4.3
- talloc: 2.3.1
* d/smbclient.install: add new binary mdfind and its manpage
* d/samba-dev.install, d/samba-libs.install: new lib libdcerpc-server-core
* d/samba-libs.install: new library libtalloc-report-printf
* d/libwbclient0.install: remove libaesni, no longer built when
gnutls provides AES CMAC
* d/libsmbclient.symbols, d/libwbclient0.symbols: update symbols
* d/control: add a versioned libgnutls28-dev build-depends to reduce
the amount of in-tree crypto code that is built
* Dropped (applied upstream):
- d/p/build-Remove-tests-for-getdents-and-getdirentries.patch
- d/p/wscript-remove-all-checks-for-_FUNC-and-__FUNC.patch
- d/p/wscript-split-function-check-to-one-per-line-and-sor.patch
- d/p/CVE-2020-10700*.patch, d/p/CVE-2020-10704*.patch
-- Andreas Hasenack <email address hidden> Tue, 12 May 2020 10:42:17 -0300
-
samba (2:4.11.6+dfsg-0ubuntu1.1) focal-security; urgency=medium
* SECURITY UPDATE: Use-after-free in AD DC LDAP server
- debian/patches/CVE-2020-10700-1.patch: add test for ASQ and ASQ in
combination with paged_results in selftest/knownfail.d/asq,
source4/dsdb/tests/python/asq.py, source4/selftest/tests.py.
- debian/patches/CVE-2020-10700-3.patch: do not permit the ASQ control
for the GUID search in paged_results in selftest/knownfail.d/asq,
source4/dsdb/samdb/ldb_modules/paged_results.c.
- debian/control: bump libldb-dev, python3-ldb, and python3-ldb-dev
Build-Depends to 2.0.10.
- CVE-2020-10700
* SECURITY UPDATE: Stack overflow in AD DC LDAP server
- debian/patches/CVE-2020-10704-1.patch: add ASN.1 max tree depth in
auth/gensec/gensec_util.c, lib/util/asn1.c, lib/util/asn1.h,
lib/util/tests/asn1_tests.c, libcli/auth/spnego_parse.c,
libcli/cldap/cldap.c, libcli/ldap/ldap_message.c,
source3/lib/tldap.c, source3/lib/tldap_util.c,
source3/libsmb/clispnego.c, source3/torture/torture.c,
source4/auth/gensec/gensec_krb5.c, source4/ldap_server/ldap_server.c,
source4/libcli/ldap/ldap_client.c,
source4/libcli/ldap/ldap_controls.c.
- debian/patches/CVE-2020-10704-3.patch: check parse tree depth in
lib/util/asn1.c.
- debian/patches/CVE-2020-10704-5.patch: add max ldap request sizes in
docs-xml/smbdotconf/ldap/ldapmaxanonrequest.xml,
docs-xml/smbdotconf/ldap/ldapmaxauthrequest.xml,
lib/param/loadparm.c, source3/param/loadparm.c.
- debian/patches/CVE-2020-10704-6.patch: limit request sizes in
source4/ldap_server/ldap_server.c.
- debian/patches/CVE-2020-10704-7.patch: add search size limits to
ldap_decode in docs-xml/smbdotconf/ldap/ldapmaxsearchrequest.xml,
lib/param/loadparm.c, libcli/cldap/cldap.c,
libcli/ldap/ldap_message.c, libcli/ldap/ldap_message.h,
source3/param/loadparm.c, source4/ldap_server/ldap_server.c,
source4/libcli/ldap/ldap_client.c.
- debian/patches/CVE-2020-10704-8.patch: check search request lengths
in lib/util/asn1.c, lib/util/asn1.h, libcli/ldap/ldap_message.c.
- CVE-2020-10704
-- Marc Deslauriers <email address hidden> Fri, 24 Apr 2020 08:08:38 -0400
-
samba (2:4.11.6+dfsg-0ubuntu1) focal; urgency=medium
* New upstream release: 4.11.6
* d/p/samba-tool-py38-*.patch: dropped, fixed upstream
-- Andreas Hasenack <email address hidden> Wed, 26 Feb 2020 11:55:16 -0300