-
samba (2:3.5.4~dfsg-1ubuntu8.5) maverick-security; urgency=low
* SECURITY UPDATE: cross-site scripting in SWAT
- debian/patches/CVE-2011-2694.patch: don't display username in
source3/web/swat.c.
- CVE-2011-2694
* SECURITY UPDATE: cross-site request forgery in SWAT
- debian/patches/CVE-2011-2522.patch: implement nonce in
source3/web/{cgi.c,statuspage.c,swat.c,swat_proto.h}.
- CVE-2011-2522
-- Marc Deslauriers <email address hidden> Thu, 28 Jul 2011 08:49:08 -0400
-
samba (2:3.5.4~dfsg-1ubuntu8.4) maverick-proposed; urgency=low
* debian/patches/ntlm-auth-lp623342.patch: ntlm_auth returns an invalid
response key. (LP: #623342) Patch taken from upstream
(https://bugzilla.samba.org/show_bug.cgi?id=7568)
-- Stefano Rivera <email address hidden> Wed, 02 Mar 2011 22:38:19 +0100
-
samba (2:3.5.4~dfsg-1ubuntu8.3) maverick-security; urgency=low
* SECURITY UPDATE: denial of service via missing range checks on file
descriptors
- debian/patches/security-CVE-2011-0719.patch: validate miscellaneous
file descriptors.
- CVE-2011-0719
-- Marc Deslauriers <email address hidden> Wed, 23 Feb 2011 13:12:33 -0500
-
samba (2:3.5.4~dfsg-1ubuntu8.2) maverick-proposed; urgency=low
* debian/patches/spnego-auth-win7.patch: SPNEGO auth fails when contacting
Win7 system using Microsoft Live Sign-in Assistant. (LP: #458637).
Patch taken from upstream (https://bugzilla.samba.org/show_bug.cgi?id=7577)
-- PhobosK <email address hidden> Fri, 17 Dec 2010 10:40:10 +0300
-
samba (2:3.5.4~dfsg-1ubuntu8.1) maverick-proposed; urgency=low
* debian/patches/fix-lpbug-393012.patch: gvfsd-smb (Gnome vfs) fails to copy
files from a SMB share using SMB signing. (LP: #393012). Fix for taken
from upstream (https://bugzilla.samba.org/show_bug.cgi?id=7791)
-- Chuck Short <email address hidden> Mon, 22 Nov 2010 12:43:19 -0500
-
samba (2:3.5.4~dfsg-1ubuntu8) maverick; urgency=low
* debian/samba.if-up: We dont use init scripts in samba anymore.
(LP: #654556)
-- Chuck Short <email address hidden> Mon, 04 Oct 2010 09:50:26 -0400
-
samba (2:3.5.4~dfsg-1ubuntu7) maverick; urgency=low
* debian/control: Add cups breaks to push the package manager to also
upgrade cups (LP: #639768).
-- Mathias Gug <email address hidden> Thu, 16 Sep 2010 12:19:11 -0400
-
samba (2:3.5.4~dfsg-1ubuntu6) maverick; urgency=low
[ Philip Muskovac ]
* Fix typo in apport hook (LP: #623798)
-- Mathias Gug <email address hidden> Wed, 15 Sep 2010 20:18:59 -0400
-
samba (2:3.5.4~dfsg-1ubuntu5) maverick; urgency=low
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via large number of SID sub authorities
- debian/patches/security-CVE-2010-3069.patch: limit number of SID
sub authorities in libcli/security/dom_sid.*, source3/lib/util_sid.c,
source3/libads/ldap.c, source3/libsmb/cliquota.c,
source3/smbd/nttrans.c.
- CVE-2010-3069
-- Marc Deslauriers <email address hidden> Tue, 14 Sep 2010 09:20:45 -0400
-
samba (2:3.5.4~dfsg-1ubuntu4) maverick; urgency=low
* Fix a typo in debian/smb.conf introduced in a previous merge that causes
3-way-merge to fail gratuitously for anyone who has enabled the [homes]
share.
-- Steve Langasek <email address hidden> Fri, 10 Sep 2010 11:52:45 +0000
-
samba (2:3.5.4~dfsg-1ubuntu3) maverick; urgency=low
* Add the translation of Unix Error code -ENOTSUP to NT Error Code
NT_STATUS_NOT_SUPPORTED to prevent the Permission denied error.
(LP: #276472)
-- Surbhi Palande <email address hidden> Mon, 16 Aug 2010 15:09:30 +0300
-
samba (2:3.5.4~dfsg-1ubuntu2) maverick; urgency=low
* Resync with debian:
+ debian/control: Update standards version to 3.9.0.
+ debian/samba-common.links: Add symlink from /etc/dhcp/dhclient-enter-hooks.d to
/etc/dhcp3/dhclient-enter-hooks.d for the hook location of the new
isc-dhcp-client package.
-- Chuck Short <email address hidden> Thu, 15 Jul 2010 13:26:21 -0400
-
samba (2:3.5.4~dfsg-1ubuntu1) maverick; urgency=low
* Merge from Debian experimental, remaining changes:
+ debian/patches/VERSION.patch:
- set SAMBA_VERSION_SUFFIX to Ubuntu.
+ debian/smb.conf:
- add "(Samba, Ubuntu)" to server string.
- comment out the default [homes] share, and add a comment about
"valid users = %S" to show users how to restrict access to
\\server\username to only username.
- Set 'usershare allow guests', so that usershare admins are
allowed to create public shares in addition to authenticated
ones.
- add map to guest = Bad user, maps bad username to guest access.
+ debian/samba-common.config:
- Do not change priority to high if dhclient3 is installed.
- Use priority medium instead of high for the workgroup question.
+ debian/mksmbpasswd.awk:
- Do not add user with UID less than 1000 to smbpasswd.
+ debian/control:
- Make libwbclient0 replace/conflict with hardy's likewise-open.
- Don't build against or suggest ctdb.
- Add dependency on samba-common-bin to samba.
+ debian/rules:
- enable "native" PIE hardening.
- Add BIND_NOW to maximize benefit of RELRO hardening.
+ Add ufw integration:
- Created debian/samba.ufw.profile
- debian/rules, debian/samba.dirs, debian/samba.files: install
profile
- debian/control: have samba suggest ufw
+ Add apport hook:
- Created debian/source_samba.py.
- debian/rules, debian/samba.dirs, debian/samba-common-bin.files: install
+ Switch to upstart:
- Add debian/samba.{nmbd,smbd}.upstart.
- Don't ship the /etc/network/if-up.d file.
+ debian/samba.postinst:
- Fixed bashism.
- Avoid scary pdbedit warnings on first import.
+ debian/samba-common.postinst: Add more informative error message for
the case where smb.conf was manually deleted
+ debian/samba.logrotate: Make it upstart compatible
+ debian/samba-common.dhcp: Fix typo to get a proper parsing in
/etc/samba/dhcp.
+ Drop the per-release smb.conf templates, only needed for upgrade paths
that are no longer supported.
* Drop undocumented, unused debian/docs.
* Drop contentless debian/README.Debian.
* Readd tdbtorture, which was dropped without explanation
* Fix up BIND_NOW handling to not clobber other LDFLAGS from
dpkg-buildflags, and to pass the value to configure as intended.
samba (2:3.5.4~dfsg-1) experimental; urgency=low
* New upstream release
-- Steve Langasek <email address hidden> Tue, 13 Jul 2010 20:05:30 +0000
-
samba (2:3.5.4~dfsg-0ubuntu1) maverick; urgency=low
* New upstream release, major enhancements:
+ Fix smbd crash when sambaLMPassword and sambaNTPassword entries missing
from ldap (bug #7448).
+ Fix init_sam_from_ldap storing group in sid2uid cache (bug #7507).
* Refreshed patches.
-- Chuck Short <email address hidden> Wed, 23 Jun 2010 09:33:36 -0400
-
samba (2:3.5.3~dfsg-0ubuntu4) maverick; urgency=low
* debian/control: Add dependency of samba-common-bin to samba. (LP: #572410)
-- Chuck Short <email address hidden> Fri, 11 Jun 2010 08:44:13 -0400
-
samba (2:3.5.3~dfsg-0ubuntu3) maverick; urgency=low
* debian/source_samba.py: if /etc/samba/smb.conf is missing, pop up
a message for why this is not a bug, and end run. (LP: #591043)
-- C de-Avillez <email address hidden> Mon, 07 Jun 2010 19:06:51 -0500
-
samba (2:3.5.3~dfsg-0ubuntu2) maverick; urgency=low
* debian/control: Drop ctdb build dependency again, it's not in main.
-- Martin Pitt <email address hidden> Tue, 01 Jun 2010 08:17:20 +0200
-
samba (2:3.5.3~dfsg-0ubuntu1) maverick; urgency=low
* New upstream release, major inhancements:
+ Fix MS-DFS functionality (bug #7339).
+ Fix a Winbind crash when scanning trusts (bug #7389).
+ Fix problems with SIGCHLD handling in Winbind (bug #7317).
* Refreshed patches.
-- Chuck Short <email address hidden> Thu, 20 May 2010 11:04:36 -0400
-
samba (2:3.5.2~dfsg-2ubuntu1) maverick; urgency=low
* Merge from Debian Experimental, remaining changes:
+ debian/patches/VERSION.patch:
- set SAMBA_VERSION_SUFFIX to Ubuntu.
+ debian/smb.conf:
- Add "(Samba, Ubuntu)" to server string.
- Comment out the default [homes] share, and add a comment about "valid users = %s"
to show users how to restrict access to \\server\username to only username.
- Set 'usershare allow guests', so that usershare admins are allowed to create
public shares in additon to authenticated ones.
- add map to guest = Bad user, maps bad username to guest access.
+ debian/samba-common.conf:
- Do not change priority to high if dhclient3 is installed.
- Use priority medium instead of high for the workgroup question.
+ debian/mksambapasswd.awk:
- Do not add user with UID less than 1000 to smbpasswd.
+ debian/control:
- Make libswbclient0 replace/conflict with hardy's likewise-open.
- Don't build against ctdb, since its not in main yet.
+ debian/rules:
- Enable "native" PIE hardening.
- Add BIND_NOW to maximize benefit of RELRO hardening.
+ Add ufw integration:
- Created debian/samba.ufw.profile.
- debian/rules, debian/samba.dirs, debian/samba.files: install
+ Add apport hook:
- Created debian/source_samba.py.
- debian/rules, debian/samba.dirs, debian/samba-common-bin.files: install
+ Dropped:
- debian/patches/ubuntu-gecos-fix.patch: Fix gecos parsing backported from Samba 3.5.x
(LP: #182572)
[Chuck Short]
* Removed unsupported smb.conf files.
* debian/samba.postinst: Fixed bashism. (LP: #576307)
-- Chuck Short <email address hidden> Fri, 07 May 2010 14:40:42 -0400
-
samba (2:3.4.7~dfsg-2ubuntu1) maverick; urgency=low
* Merge from debian unstable. Remaining changes:
+ debian/patches/VERSION.patch:
- set SAMBA_VERSION_SUFFIX to Ubuntu.
+ debian/smb.conf:
- Add "(Samba, Ubuntu)" to server string.
- Comment out the default [homes] share, and add a comment about "valid users = %s"
to show users how to restrict access to \\server\username to only username.
- Set 'usershare allow guests', so that usershare admins are allowed to create
public shares in additon to authenticated ones.
- add map to guest = Bad user, maps bad username to guest access.
+ debian/samba-common.conf:
- Do not change priority to high if dhclient3 is installed.
- Use priority medium instead of high for the workgroup question.
+ debian/mksambapasswd.awk:
- Do not add user with UID less than 1000 to smbpasswd.
+ debian/control:
- Make libswbclient0 replace/conflict with hardy's likewise-open.
- Don't build against ctdb, since its not in main yet.
+ debian/rules:
- Enable "native" PIE hardening.
- Add BIND_NOW to maximize benefit of RELRO hardening.
+ Add ufw integration:
- Created debian/samba.ufw.profile.
- debian/rules, debian/samba.dirs, debian/samba.files: install
+ Add apport hook:
- Created debian/source_samba.py.
- debian/rules, debian/samba.dirs, debian/samba-common-bin.files: install
+ debian/patches/ubuntu-gecos-fix.patch: Fix gecos parsing backported from Samba 3.5.x (LP: #182572)\
+ debian/samba.postinst: Avoid scary pdbedit warnings on first import. (LP: #24741)
+ debian/samba.logrotate: Make it upstart compatible (LP: #529290)
+ debian/samba-common.dhcp: Fix typo to get a proper parsing in /etc/samba/dhcp. (LP: #507374)
+ Don't ship the /etc/samba/if-up files, we use upstart.
samba (2:3.4.7~dfsg-2) unstable; urgency=low
[ Christian Perrier ]
* Drop smbfs package (now provided by cifs-utils as a dummy transition
package)
[ Debconf translations ]
* Portuguese (Miguel Figueiredo). Closes: #575958
[ Steve Langasek ]
* winbind.prerm: don't forget to remove the PAM profile on package
removal :/
* Fix winbind.pam-config to not interfere with password changes for
non-winbind accounts. Closes: #573323, LP: #546874.
* debian/samba.if-up, debian/rules: add an if-up.d script for samba to
try to start nmbd, if it's not running because /etc/init.d/samba ran
before the network was up at boot time. Closes: #576415, LP: #462169.
* debian/samba.if-up: allow "NetworkManager" as a recognized address
family... it's obviously /not/ an address family, but it's what gets
sent when using NM, so we'll cope for now.
-- Chuck Short <email address hidden> Wed, 05 May 2010 03:25:03 +0100
-
samba (2:3.4.7~dfsg-1ubuntu3) lucid; urgency=low
* debian/winbind.pam-config: Fix potential breakage with stacking of
lower-priority modules in common-passwd (LP: #556996)
-- Thierry Carrez <email address hidden> Fri, 09 Apr 2010 16:50:07 +0200