-
samba (2:3.4.0-3ubuntu5.8) karmic-security; urgency=low
* SECURITY UPDATE: denial of service via missing range checks on file
descriptors
- debian/patches/security-CVE-2011-0719.patch: validate miscellaneous
file descriptors.
- CVE-2011-0719
-- Marc Deslauriers <email address hidden> Wed, 23 Feb 2011 16:21:11 -0500
-
samba (2:3.4.0-3ubuntu5.7) karmic-security; urgency=low
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via large number of SID sub authorities
- debian/patches/security-CVE-2010-3069.patch: limit number of SID
sub authorities in libcli/security/dom_sid.*, source3/lib/util_sid.c,
source3/libads/ldap.c, source3/libsmb/cliquota.c,
source3/smbd/nttrans.c.
- CVE-2010-3069
-- Marc Deslauriers <email address hidden> Thu, 09 Sep 2010 10:12:10 -0400
-
samba (2:3.4.0-3ubuntu5.6) karmic-security; urgency=low
* SECURITY UPDATE: arbitrary file disclosure via wide links
- debian/patches/security-CVE-2010-0926.patch: disable wide links when
UNIX extensions are enabled in source3/include/proto.h,
source3/param/loadparm.c, source3/smbd/service.c,
source3/smbd/trans2.c, source3/smbd/vfs.c,
docs/htmldocs/manpages/smb.conf.5.html and docs/manpages/smb.conf.5.
- CVE-2010-0926
* WARNING: This changes the default samba behaviour. For security
reasons, it is no longer possible to use wide links and UNIX
extensions at the same time. After applying this security update, wide
links will be disabled automatically as UNIX extensions are turned on
by default. If wide links are required, you may re-enable them by
adding "unix extensions = no" to the [global] section of
the /etc/samba/smb.conf configuration file.
-- Marc Deslauriers <email address hidden> Mon, 22 Mar 2010 16:57:53 -0400
-
samba (2:3.4.0-3ubuntu5.5) karmic-proposed; urgency=low
* debian/patches/fix-libsmb-keepalive-packets.patch: Fix winbind authentication
due to an invalid NTML2 signature. (LP: #479955)
(https://bugzilla.samba.org/show_bug.cgi?id=6646)
* debian/patches/fix-samba-point-and-print.patch: Allow automatic download
of printer drivers from a Samba PDC (LP: #500457)
(https://bugzilla.samba.org/show_bug.cgi?id=6568)
* debian/patches/fix-too-many-openfiles.patch: When connecting to a Windows
7 share users will get an error message "Too many open files are in use"
after a certain number of files are copied. (LP: #462172 )
(https://bugzilla.samba.org/show_bug.cgi?id=6837)
* debian/patches/fix-win98-failed-connect.patch: Allow win98 clients to
connect a samba server. Users will get an "Error 66" message. (LP: #502878)
(https://bugzilla.samba.org/show_bug.cgi?id=6551)
-- Chuck Short <email address hidden> Fri, 05 Feb 2010 15:03:50 -0500
-
samba (2:3.4.0-3ubuntu5.4) karmic-security; urgency=low
* SECURITY UPDATE: privilege escalation via mount.cifs race
- debian/patches/security-CVE-2009-3297.patch: validate mount point and
perform mount in "." to prevent race in source3/client/mount.cifs.c.
- CVE-2009-3297
-- Marc Deslauriers <email address hidden> Tue, 26 Jan 2010 15:02:10 -0500
-
samba (2:3.4.0-3ubuntu5.3) karmic-proposed; urgency=low
* debian/samba.if-up: allow "NetworkManager" as a recognized address
family... it's obviously /not/ an address family, but it's what gets
sent when using NM, so we'll cope for now.
samba (2:3.4.0-3ubuntu5.2) karmic-proposed; urgency=low
* debian/samba.if-up, debian/rules: add an if-up.d script for samba to
try to start nmbd, if it's not running because /etc/init.d/samba ran
before the network was up at boot time. LP: #462169.
-- Steve Langasek <email address hidden> Thu, 10 Dec 2009 11:58:34 +0000
-
samba (2:3.4.0-3ubuntu5.2) karmic-proposed; urgency=low
* debian/samba.if-up, debian/rules: add an if-up.d script for samba to
try to start nmbd, if it's not running because /etc/init.d/samba ran
before the network was up at boot time. LP: #462169.
-- Steve Langasek <email address hidden> Thu, 12 Nov 2009 10:34:06 +0000
-
samba (2:3.4.0-3ubuntu5.1) karmic-proposed; urgency=low
* debian/patches/fix-smbclient-long-names.patch: Samba shares with more than 12 characters are not
displayed. (LP: #449735)
* debian/patches/fix-upstream-6680.patch: Fix Windows 7 computers joining a domain. Without
this patch users will have to apply a registry hack to have their Windows 7 computers
join a Windows Domain [http://wiki.samba.org/index.php/Windows7] (LP: #462626)
-- Chuck Short <email address hidden> Tue, 27 Oct 2009 21:04:53 -0400
-
samba (2:3.4.0-3ubuntu5) karmic; urgency=low
* SECURITY UPDATE: whole filesystem share via user with no home directory
- debian/patches/security-CVE-2009-2813.patch: make sure home directory
is set in source3/param/loadparm.c, source3/smbd/service.c.
- CVE-2009-2813
* SECURITY UPDATE: credentials file disclosure and unauthorized usage via
setuid mount.cifs
- debian/patches/security-CVE-2009-2948.patch: don't open credentials
file if user doesn't have permission, and don't print password when
using verbose option in source3/client/mount.cifs.c.
- CVE-2009-2948
* SECURITY UPDATE: denial of service via unexpected oplock break
notification reply
- debian/patches/security-CVE-2009-2906.patch: track messages already
processed in source3/include/smb.h, source3/smbd/process.c.
- CVE-2009-2906
-- Marc Deslauriers <email address hidden> Thu, 01 Oct 2009 08:20:29 -0400
-
samba (2:3.4.0-3ubuntu4) karmic; urgency=low
* Build-depend on libreadline-dev instead of libreadline5-dev.
-- Matthias Klose <email address hidden> Sat, 19 Sep 2009 22:16:40 +0200
-
samba (2:3.4.0-3ubuntu3) karmic; urgency=low
* Fix FTBFS: fix libtalloc detection. (cherry picked from Debian)
+ debian/control: Add pkg-config as a dependency, needed to fix libtalloc detection
+ debian/patches/external-talloc-support.patch: fix the Makefile so it works
when using external talloc instead of giving a missing-depend error.
+ debian/patches/autoconf.pach: Resurrect needed to fix the libtalloc errors.
+ debian/rules: build with --without-libtalloc and --enale-external-libtalloc
* debian/patches/fix-crash-when-loading-interfaces.patch: Fix segfault when loading
some wonky configuration files. (LP: #421419)
-- Chuck Short <email address hidden> Fri, 18 Sep 2009 08:29:06 -0400
-
samba (2:3.4.0-3ubuntu2) karmic; urgency=low
* Apply patch for "net usershare list" to stop it from crashing (LP: #423854)
-- Mike Pontillo <email address hidden> Thu, 03 Sep 2009 23:45:05 -0700
-
samba (2:3.4.0-3ubuntu1) karmic; urgency=low
* Merge from debian unstable, remaining changes:
+ debian/patches/VERSION.patch:
- set SAMBA_VERSION_SUFFIX to Ubuntu.
+ debian/smb.conf:
- Add "(Samaba, Ubuntu)" to server string.
- Comment out the default [homes] share, and add a comment
about "valid users = $s" to show users how to restrict access
to \\server\username to only username.
- Set 'usershare allow guests' so that usershare admins are
allowed to create public shares to authenticated ones.
- Add 'map to gues = Bad user', maps bad username to guest access.
+ debian/samba-common.conf:
- Do not change priority to hight if dhclient3 is installed.
- Use priority medium instead of high for the workgroup question.
+ debian/samba-common.postinst: Add more informative error message for the case
where smb.conf was manually deleted. (LP: #312449)
+ debian/mksambapasswd.awk: Do not add user with UID less than 1000 to smbpasswd.
+ debian/control:
- Make libwbclient0 replace/conflict with hardy's likewise-open.
- Don't build against ctdb.
- Add suggests keyutils for smbfs. (LP: #300221)
+ debian/rules:
- enable "native" PIE hardening.
- remove --with-ctdb and --with-cluster-support=yes
+ Add ufw integration:
- Created debian/samba.ufw profile.
- debian/rules, debian/samba.dirs, debian/samba.files: install profile
- debian/control: have samba suggest ufw.
samba (2:3.4.0-3) unstable; urgency=low
[ Steve Langasek ]
* debian/control: samba-common-bin has no reason to depend on
libpam-modules.
[ Christian Perrier ]
* Fix "invalid argument" when trying to copy a file from smb share
Use an upstream patch that will be included in 3.4.1
Closes: #536757
samba (2:3.4.0-2) unstable; urgency=low
[ Debconf translations ]
* German. Closes: #536433
[ Steve Langasek ]
* Enable the ldap idmap module; thanks to Aaron J. Zirbes. Closes: #536786.
[ Jelmer Vernooij ]
* Properly rename smbstatus.1 for alternatives. Closes: #534772
-- Chuck Short <email address hidden> Fri, 21 Aug 2009 21:13:10 +0100
-
samba (2:3.4.0-1ubuntu2) karmic; urgency=low
* debian/control: Suggest ufw, (LP: #399468)
-- Chuck Short <email address hidden> Wed, 15 Jul 2009 10:01:41 -0400
-
samba (2:3.4.0-1ubuntu1) karmic; urgency=low
* Merge from debian unstable, remaining changes:
+ debian/patches/VERSION.patch:
- set SAMBA_VERSION_SUFFIX to Ubuntu.
+ debian/smb.conf:
- Add "(Samaba, Ubuntu)" to server string.
- Comment out the default [homes] share, and add a comment
about "valid users = $s" to show users how to restrict access
to \\server\username to only username.
- Set 'usershare allow guests' so that usershare admins are
allowed to create public shares to authenticated ones.
- Add 'map to gues = Bad user', maps bad username to guest access.
+ debian/samba-common.conf:
- Do not change priority to hight if dhclient3 is installed.
- Use priority medium instead of high for the workgroup question.
+ debian/samba-common.postinst: Add more informative error message for the case
where smb.conf was manually deleted. (LP: #312449)
+ debian/mksambapasswd.awk: Do not add user with UID less than 1000 to smbpasswd.
+ debian/control:
- Make libwbclient0 replace/conflict with hardy's likewise-open.
- Don't build against ctdb.
- Add suggests keyutils for smbfs. (LP: #300221)
+ debian/rules:
- enable "native" PIE hardening.
- remove --with-ctdb and --with-cluster-support=yes
+ Add ufw integration:
- Created debian/samba.ufw profile.
- debian/rules, debian/samba.dirs, debian/samba.files: install profile
- debian/control: have samba suffest ufw
+ Dropped:
- debian/patches/fix-password-expiry-calculation.patch: Already upstream.
samba (2:3.4.0-1) unstable; urgency=low
[ Christian Perrier ]
* New upstream release: first upload to unstable for 3.4
* Correct dependencies for samba-common-bin. Closes: #534595
[ Debconf translations ]
* Czech. Closes: #534793
* Russian. Closes: #534796
samba (2:3.4.0~rc1-1) experimental; urgency=low
* New upstream version. That fixes the following bugs:
- Remove pidfile on clean shutdown. Closes: #299433, #454112
* Drop swat-de.patch that was applied upstream
* Bump debhelper compatibility level to 6 and declare a versioned
dependency on debhelper >= 6.0.0
samba (2:3.4.0~pre2-1) experimental; urgency=low
[ Jelmer Vernooij ]
* Split binaries out of samba-common into samba-common-bin.
Closes: #524661
[ Christian Perrier ]
* New upstream version. That fixes the following bugs:
- Do not limit the number of network interfaces. Closes: #428618
- Fix Connect4 in samr.idl. Closes: #526229
* "Using samba" is back.
* Drop non-linux-ports.patch that was integrated upstream
* Drop smbpasswd-syslog.patch that was integrated upstream
* Drop smbclient-link.patch that was integrated upstream
[ Debconf translations ]
* Italian. Closes: #529350
samba (2:3.4.0~pre1-1) experimental; urgency=low
* New upstream pre-release
* "Using samba" is dropped from upstream source. Therefore, drop
debian/samba-doc.doc-base.samba-using
samba (2:3.3.6-1) unstable; urgency=high
* New upstream release. Security release.
* CVE 2009-1886: Fix Formatstring vulnerability in smbclient
* CVE 2009-1888: Fix uninitialized read of a data value
-- Chuck Short <email address hidden> Wed, 08 Jul 2009 07:02:37 +0100
-
samba (2:3.3.5-1ubuntu4) karmic; urgency=low
* No really rix it.
-- Chuck Short <email address hidden> Mon, 29 Jun 2009 11:09:56 -0400
-
samba (2:3.3.5-1ubuntu3) karmic; urgency=low
* Really add patch.
-- Chuck Short <email address hidden> Mon, 29 Jun 2009 09:38:14 -0400
-
samba (2:3.3.5-1ubuntu2) karmic; urgency=low
* debian/patches/fix-password-expiry-calculation.patch: Use correct
value for password expiry calculation (LP: #393450)
-- Chuck Short <email address hidden> Mon, 29 Jun 2009 09:15:13 -0400
-
samba (2:3.3.5-1ubuntu1) karmic; urgency=low
* Merge from debian unstable, remaining changes:
+ debian/patches/VERSION.patch:
- setup SAMBA_VERSION_SUFFIX to Ubuntu.
+ debian/smb.conf:
- add "(Samba, Ubuntu)" to server string.
- comment out the default [homes] share, and add a comment about
"valid users = %S" to show users how to restrict access to
\\server\username to only username.
- Set 'usershare allow guests' so that usershare admins are
allowed to create public shares in addition to authenticated ones.
- add map to guest = Bad user, maps bad username to gues access.
+ debian/samba-common.config:
- Do not change priority to high if dhclient3 is installed.
- Use prioity medium instead of hight for the workgroup question.
+ debian/samba-common.postinst: Add more informative error message for the
case where smb.conf was manually deleted (LP: #312449)
+ debian/mksambapasswd.awk: Do not add user with UID less than 1000 to smbpasswd.
+ debian/control:
- Make libwbclient0 replace/conflict with hardy's likewise-open.
- Don't build against ctdb.
- Add suggests keyutils for smbfs. (LP: #300221)
+ debian/rules:
- enable "native" PIE hardening.
- remove --with-ctdb and --with-cluster-support=yes
+ Add ufw integration:
- Created debian/samba.ufw profile.
- debian/rules, debian/samba.dirs, debian/samba.files: install
profile
- debian/control: have samba sugguest ufw
samba (2:3.3.5-1) unstable; urgency=low
[ Steve Langasek ]
* debian/patches/undefined-symbols.patch: fix up patch so that it's
suitable for submission upstream.
* debian/patches/proper-static-lib-linking.patch: apply the rules to
vfstest, ldbrename, nss_wins, pam_winbind, pam_smbpass, and
rpc_open_tcp.
[ Debconf translations ]
* Italian. Closes: #529350
[ Christian Perrier ]
* New upstream version
* Lintian fixes:
- Declare versioned dependency on debhelper to fit what we have in
debian/compat
- samba.postinst: do not call mksmbpasswd with an absolute path
* Upgrade Standard to 3.8.2 (checked, no change)
* Upgrade debhelper compatibility level to 6
-- Chuck Short <email address hidden> Sun, 21 Jun 2009 02:53:22 +0100
-
samba (2:3.3.4-2ubuntu1) karmic; urgency=low
* Merge from debian unstable, remaining changes:
+ debian/patches/VERSION.patch:
- setup SAMBA_VERSION_SUFFIX to Ubuntu.
+ debian/smb.conf:
- add "(Samba, Ubuntu)" to server string.
- comment out the default [homes] share, and add a comment about
"valid users = %S" to show users how to restrict access to
\\server\username to only username.
- Set 'usershare allow guests', so that usershare admins are
allowed to create public shares in addition to authenticated
ones.
- add map to guest = Bad user, maps bad username to guest access.
+ debian/samba-common.config:
- Do not change priority to high if dhclient3 is installed.
- Use priority medium instead of high for the workgroup question.
+ debian/samba-common.postinst: Add more informative error message for
the case where smb.conf was manually deleted (LP: #312449)
+ debian/mksambapasswd.awk:
- Do not add user with UID less than 1000 to smbpasswd.
+ debian/control:
- Make libwbclient0 replace/conflict with hardy's likewise-open.
- Don't build against ctdb.
- Add suggests keyutils for smbfs. (LP: #300221)
+ debian/rules:
- enable "native" PIE hardening.
- remove --with-ctdb and --with-cluster-support=yes
+ Add ufw integration:
- Created debian/samba.ufw profile.
- debian/rules, debian/samba.dirs, debian/samba.files: install
profile
- debian/control: have samba sugguest ufw.
* Dropped patches:
+ debian/patches/fix-upstream-bug-6186.patch: Merged upstream
-- Andrew Mitchell <email address hidden> Mon, 18 May 2009 13:26:04 +1200
-
samba (2:3.3.2-1ubuntu3) jaunty; urgency=low
[Thierry Carrez]
* debian/samba-common.postinst: Add more informative error message for
the case where smb.conf was manually deleted (LP: #312449)
[Chuck Short]
* debian/control: Add suggests keyutils for smbfs. (LP: #300221)
-- Chuck Short <email address hidden> Fri, 27 Mar 2009 10:46:15 -0400