[ubuntu/focal-proposed] samba 2:4.11.5+dfsg-1ubuntu1 (Accepted)
Andreas Hasenack
andreas at canonical.com
Wed Feb 19 20:12:16 UTC 2020
samba (2:4.11.5+dfsg-1ubuntu1) focal; urgency=medium
* Merge with Debian unstable. Remaining changes:
- debian/VERSION.patch: Update vendor string to "Ubuntu".
- debian/smb.conf;
+ Add "(Samba, Ubuntu)" to server string.
+ Comment out the default [homes] share, and add a comment about
"valid users = %s" to show users how to restrict access to
\\server\username to only username.
- debian/samba-common.config:
+ Do not change priority to high if dhclient3 is installed.
- d/control, d/rules: Disable glusterfs support because it's not in main.
MIR bug is https://launchpad.net/bugs/1274247
- d/p/fix-nfs-service-name-to-nfs-kernel-server.patch:
change nfs service name from nfs to nfs-kernel-server
(LP #722201)
- d/p/ctdb-config-enable-syslog-by-default.patch:
enable syslog and systemd journal by default
- debian/rules: Ubuntu i386 binary compatibility:
+ drop ceph support
+ disable the following binary packages:
- ctdb
- libnss-winbind
- libpam-winbind
- python3-samba
- samba
- samba-common-bin
- samba-testsuite
- winbind
- debian/control: Ubuntu i386 binary compatibility:
+ drop ceph support
- debian/rules: Ubuntu i386 binary compatibility:
+ re-enable the following binary packages:
- libnss-winbind
- samba-common-bin
- python3-samba
- winbind
* Dropped:
- d/control: drop python3-matplotlib. It's only used in
script/attr_count_read which is not installed with the
samba packages.
[In 2:4.11.3+dfsg-1]
samba (2:4.11.5+dfsg-1) unstable; urgency=medium
* New upstream security release
- CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD
Directory not automatic.
- CVE-2019-14907: Crash after failed character conversion at log level 3 or
above.
- CVE-2019-19344: Use after free during DNS zone scavenging in Samba AD DC.
- Bump build-depends ldb >= 2.0.8
samba (2:4.11.3+dfsg-1) unstable; urgency=high
* New upstream security release
- Drop merged patches for previous security fixes
- CVE-2019-14861: An authenticated user can crash the DCE/RPC DNS management
server by creating records with matching the zone name.
- CVE-2019-14870: The DelegationNotAllowed Kerberos feature restriction was
not being applied when processing protocol transition requests (S4U2Self),
in the AD DC KDC.
* d/control: drop python3-matplotlib
* d/control: Fix stronger-dependency-implies-weaker
(samba depends -> recommends python3-dnspython)
Date: Mon, 17 Feb 2020 15:29:35 -0300
Changed-By: Andreas Hasenack <andreas at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/samba/2:4.11.5+dfsg-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 17 Feb 2020 15:29:35 -0300
Source: samba
Architecture: source
Version: 2:4.11.5+dfsg-1ubuntu1
Distribution: focal
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Andreas Hasenack <andreas at canonical.com>
Changes:
samba (2:4.11.5+dfsg-1ubuntu1) focal; urgency=medium
.
* Merge with Debian unstable. Remaining changes:
- debian/VERSION.patch: Update vendor string to "Ubuntu".
- debian/smb.conf;
+ Add "(Samba, Ubuntu)" to server string.
+ Comment out the default [homes] share, and add a comment about
"valid users = %s" to show users how to restrict access to
\\server\username to only username.
- debian/samba-common.config:
+ Do not change priority to high if dhclient3 is installed.
- d/control, d/rules: Disable glusterfs support because it's not in main.
MIR bug is https://launchpad.net/bugs/1274247
- d/p/fix-nfs-service-name-to-nfs-kernel-server.patch:
change nfs service name from nfs to nfs-kernel-server
(LP #722201)
- d/p/ctdb-config-enable-syslog-by-default.patch:
enable syslog and systemd journal by default
- debian/rules: Ubuntu i386 binary compatibility:
+ drop ceph support
+ disable the following binary packages:
- ctdb
- libnss-winbind
- libpam-winbind
- python3-samba
- samba
- samba-common-bin
- samba-testsuite
- winbind
- debian/control: Ubuntu i386 binary compatibility:
+ drop ceph support
- debian/rules: Ubuntu i386 binary compatibility:
+ re-enable the following binary packages:
- libnss-winbind
- samba-common-bin
- python3-samba
- winbind
* Dropped:
- d/control: drop python3-matplotlib. It's only used in
script/attr_count_read which is not installed with the
samba packages.
[In 2:4.11.3+dfsg-1]
.
samba (2:4.11.5+dfsg-1) unstable; urgency=medium
.
* New upstream security release
- CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD
Directory not automatic.
- CVE-2019-14907: Crash after failed character conversion at log level 3 or
above.
- CVE-2019-19344: Use after free during DNS zone scavenging in Samba AD DC.
- Bump build-depends ldb >= 2.0.8
.
samba (2:4.11.3+dfsg-1) unstable; urgency=high
.
* New upstream security release
- Drop merged patches for previous security fixes
- CVE-2019-14861: An authenticated user can crash the DCE/RPC DNS management
server by creating records with matching the zone name.
- CVE-2019-14870: The DelegationNotAllowed Kerberos feature restriction was
not being applied when processing protocol transition requests (S4U2Self),
in the AD DC KDC.
* d/control: drop python3-matplotlib
* d/control: Fix stronger-dependency-implies-weaker
(samba depends -> recommends python3-dnspython)
Checksums-Sha1:
322676f8869315f4f772a1d223af0bdae5979450 4363 samba_4.11.5+dfsg-1ubuntu1.dsc
1e577a2595a185dfd1d80513dedeb79823f405d8 11763084 samba_4.11.5+dfsg.orig.tar.xz
07194247b158ce4bfab57eb608785580178ec658 252996 samba_4.11.5+dfsg-1ubuntu1.debian.tar.xz
a37b93e97de0db3e411b0103443edb59074aa534 11339 samba_4.11.5+dfsg-1ubuntu1_source.buildinfo
Checksums-Sha256:
54057b38f6649e5fef31cce4d6ba25c86a13f03200ab98236338a437ae27f3bb 4363 samba_4.11.5+dfsg-1ubuntu1.dsc
877f43bf855dc5590847c6098a6725197011613004698615d164446dcb67d468 11763084 samba_4.11.5+dfsg.orig.tar.xz
a15e8b38af3c16639f68385399ff8995c58d11d439422b1ac92aaa43e3476d12 252996 samba_4.11.5+dfsg-1ubuntu1.debian.tar.xz
6e48284c28ef529bc83a92effc3805e47b4755d7e3494fee9d1dfd26e471d8c3 11339 samba_4.11.5+dfsg-1ubuntu1_source.buildinfo
Files:
89886ecc2140e897ccde86619dd9a2e9 4363 net optional samba_4.11.5+dfsg-1ubuntu1.dsc
ddac43d8b7dee10f43ab08490c5dcc02 11763084 net optional samba_4.11.5+dfsg.orig.tar.xz
f83e70f851f9b27982859dc6ce22fe0e 252996 net optional samba_4.11.5+dfsg-1ubuntu1.debian.tar.xz
b8e93faba656d05cb2639e370d65da67 11339 net optional samba_4.11.5+dfsg-1ubuntu1_source.buildinfo
Original-Maintainer: Debian Samba Maintainers <pkg-samba-maint at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEiGZB1jWM2kalbBxyrJg+tb9ry6kFAl5NlSoACgkQrJg+tb9r
y6nvthAAs2rqVcwb5qIZ5izgZigxyCR0F1ceq+Gtaq4BE+qFsEcrJaKdNCdmKWXT
FvYkA7ggOaR/0KyzaVXwhc0XTP2FK86J5Ao4z6++px+Ygbc+39mUjjQcXsRXooVV
cReXSxl8xvBAyOEbK7rP/fIX3mjSHRbRy9L0ZGas9E9OKglPZioT3U30bZmLstkC
/J/GauN1koAOkXJNnxj1WCb6LI+nLRw+Ej8IjS6Es/OBXeU4m52t/ePj8XPB4z+G
BT/G2Xqcz4OKFJoCMCOMQKRktFBSRDQCpI//Lg+AyYn9ZKHAUsUEEeO+yFDwK4UF
5ot7lnRrhYQW8XBZRDCkmJ3IxMnL1gwnhEiAjIYDr6Vgqjwzu+GW5RHaXBxqQLIy
pUMO5APalM3jEleUIgVxScCXKuBkqpfggF6/4+H4c3MuUxgvto49RLXeb83jq/6+
XOZyZMaPQbK348qil4CcTU45Pfc/ApZ9DHf+6wUy+xLARcDEfo8DrRX3MDKe6E2u
skYTFArgojMKjk4WzrVtBeox6INIuytoNKyr27i0XXQl6Z8mvueoz0Yk/7R0mFcm
X8d+u+kRMTr2LZC8f83iO1gIQ0oLgkUl+l2qTJbZfZYeNfWdiB5SC88lpJez2YX6
kur3OsmX9x4wDDyz1z138DkENFvUKDbVhqMx/Rjbi7wlEfywXYI=
=11qS
-----END PGP SIGNATURE-----
More information about the Focal-changes
mailing list