[ubuntu/yakkety-proposed] samba 2:4.4.5+dfsg-2ubuntu1 (Accepted)
Steve Langasek
steve.langasek at ubuntu.com
Fri Jul 15 01:19:15 UTC 2016
samba (2:4.4.5+dfsg-2ubuntu1) yakkety; urgency=low
* Merge from Debian unstable. Remaining changes:
+ debian/VERSION.patch: Update vendor string to "Ubuntu".
+ debian/smb.conf;
- Add "(Samba, Ubuntu)" to server string.
- Comment out the default [homes] share, and add a comment about "valid users = %s"
to show users how to restrict access to \\server\username to only username.
+ debian/samba-common.config:
- Do not change prioritiy to high if dhclient3 is installed.
+ Add apport hook:
- Created debian/source_samba.py.
- debian/rules, debia/samb-common-bin.install: install hook.
+ d/p/krb_zero_cursor.patch - apply proposed-upstream fix for
pam_winbind krb5_ccache_type=FILE failure (LP: #1310919)
+ debian/patches/winbind_trusted_domains.patch: make sure domain members
can talk to trusted domains DCs.
* Dropped changes:
- build-depends on libgnutls-dev instead of libgnutsl28-dev: rename was
never done in Debian, revert.
- ufw integration: included in Debian.
samba (2:4.4.5+dfsg-2) unstable; urgency=medium
* Disable running of 'make quicktest' during build, as it takes very
long to run on x32 and enables building non-production NTVFS server.
Closes: #830571
samba (2:4.4.5+dfsg-1) unstable; urgency=medium
* New upstream release.
+ Fixes CVE-2016-2119: Client side SMB2/3 required signing can be
downgraded. Closes: #830195
samba (2:4.4.4+dfsg-3) unstable; urgency=medium
* Add patch gcc_6.patch, fixing compatibility with gcc 6.
Closes: #812264
samba (2:4.4.4+dfsg-2) unstable; urgency=medium
* Mask samba-ad-dc.service unless needed (Closes: #828137)
* Fix kill path in systemd units (Closes: #828730)
samba (2:4.4.4+dfsg-1) unstable; urgency=medium
* New upstream release.
* The "Thanks lintian" release
* Fixes:
- Ensure that dpkg-buildflags are passed, and enable all hardening
- systemd
+ Enable systemd (sd_notify) on Linux, and install systemd files
+ Remove obsolete syslog.target from service files
+ Add documentation field to unit files
- Drop fix-cluster-build.diff: no more needed
- Use secure Vcs-* URLs
- Fix copyright file
- samba.postinst: command-with-path-in-maintainer-script update-inetd
- samba-common-bin: package-contains-empty-directory usr/lib/samba/
- winbind: package-contains-empty-directory usr/lib/samba/nss_info/
- Add Description to init files
* No-op fixes:
- d/control: Drop XS-Testsuite field
- Drop redundant "Priority: optional" fields
- Drop redundant "Section: net" fields
- Describe non-standard-dir-perm var/spool/samba/
- Describe no_build_system.patch
- Remove README.build-upstream, as packaging/Debian/ is now empty
- Verify upstream tarball from uscan
- Update README.source and remove build-orig.sh
samba (2:4.4.3+dfsg-4) unstable; urgency=medium
* Fix build with DEB_BUILD_OPTIONS=nocheck
* Still run "make quicktest" but ignore failures
samba (2:4.4.3+dfsg-3) unstable; urgency=medium
* Skip raw.write tests for now as they fail on 32-bit
samba (2:4.4.3+dfsg-2) unstable; urgency=medium
* Run quicktest during build
* Reproducibility:
- Drop no_build_options.patch as it breaks "make test"
- Remove unreproducible build environment instead
* Mention that patch waf_smbpasswd_location was submitted
* usershare.patch: Fix "usershare max shares" default in XML doc and in s4
samba (2:4.4.3+dfsg-1) unstable; urgency=medium
* Cleanup ctdb READMEs during 'clean' step.
* New upstream release.
samba (2:4.4.2+dfsg-2) unstable; urgency=medium
* Merge in 4.3 package changes.
samba (2:4.4.2+dfsg-1) unstable; urgency=medium
* New upstream release.
* Bump standards version to 3.9.8 (no changes).
* Drop build dependency on perl-modules; depend on perl instead.
* Upload to unstable.
samba (2:4.4.1+dfsg-1) experimental; urgency=medium
* New upstream release
+ Fixes (Patches by Stefan Metzmacher of SerNet and others on the Samba Team):
- CVE-2015-5370 (Multiple errors in DCE-RPC code)
- CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
- CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
- CVE-2016-2112 (LDAP client and server don't enforce integrity)
- CVE-2016-2113 (Missing TLS certificate validation)
- CVE-2016-2114 ("server signing = mandatory" not enforced)
- CVE-2016-2115 (SMB IPC traffic is not integrity protected)
- CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)
* Additional regression fix for 'net ads join' to a Windows 2003 domain by metze
samba (2:4.4.0+dfsg-1) experimental; urgency=medium
[ Andrew Bartlett ]
* New upstream release.
Date: Thu, 14 Jul 2016 17:45:46 -0700
Changed-By: Steve Langasek <steve.langasek at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/samba/2:4.4.5+dfsg-2ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 14 Jul 2016 17:45:46 -0700
Source: samba
Binary: samba samba-libs samba-common samba-common-bin smbclient samba-testsuite registry-tools libparse-pidl-perl samba-dev python-samba samba-dsdb-modules samba-vfs-modules libsmbclient libsmbclient-dev winbind libpam-winbind libnss-winbind samba-dbg libwbclient0 libwbclient-dev ctdb
Architecture: source
Version: 2:4.4.5+dfsg-2ubuntu1
Distribution: yakkety
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Langasek <steve.langasek at ubuntu.com>
Description:
ctdb - clustered database to store temporary data
libnss-winbind - Samba nameservice integration plugins
libpam-winbind - Windows domain authentication integration plugin
libparse-pidl-perl - IDL compiler written in Perl
libsmbclient - shared library for communication with SMB/CIFS servers
libsmbclient-dev - development files for libsmbclient
libwbclient-dev - Samba winbind client library - development files
libwbclient0 - Samba winbind client library
python-samba - Python bindings for Samba
registry-tools - tools for viewing and manipulating the Windows registry
samba - SMB/CIFS file, print, and login server for Unix
samba-common - common files used by both the Samba server and client
samba-common-bin - Samba common files used by both the server and the client
samba-dbg - Samba debugging symbols
samba-dev - tools for extending Samba
samba-dsdb-modules - Samba Directory Services Database
samba-libs - Samba core libraries
samba-testsuite - test suite from Samba
samba-vfs-modules - Samba Virtual FileSystem plugins
smbclient - command-line SMB/CIFS clients for Unix
winbind - service to resolve user and group information from Windows NT ser
Closes: 812264 828137 828730 830195 830571
Launchpad-Bugs-Fixed: 1310919
Changes:
samba (2:4.4.5+dfsg-2ubuntu1) yakkety; urgency=low
.
* Merge from Debian unstable. Remaining changes:
+ debian/VERSION.patch: Update vendor string to "Ubuntu".
+ debian/smb.conf;
- Add "(Samba, Ubuntu)" to server string.
- Comment out the default [homes] share, and add a comment about "valid users = %s"
to show users how to restrict access to \\server\username to only username.
+ debian/samba-common.config:
- Do not change prioritiy to high if dhclient3 is installed.
+ Add apport hook:
- Created debian/source_samba.py.
- debian/rules, debia/samb-common-bin.install: install hook.
+ d/p/krb_zero_cursor.patch - apply proposed-upstream fix for
pam_winbind krb5_ccache_type=FILE failure (LP: #1310919)
+ debian/patches/winbind_trusted_domains.patch: make sure domain members
can talk to trusted domains DCs.
* Dropped changes:
- build-depends on libgnutls-dev instead of libgnutsl28-dev: rename was
never done in Debian, revert.
- ufw integration: included in Debian.
.
samba (2:4.4.5+dfsg-2) unstable; urgency=medium
.
* Disable running of 'make quicktest' during build, as it takes very
long to run on x32 and enables building non-production NTVFS server.
Closes: #830571
.
samba (2:4.4.5+dfsg-1) unstable; urgency=medium
.
* New upstream release.
+ Fixes CVE-2016-2119: Client side SMB2/3 required signing can be
downgraded. Closes: #830195
.
samba (2:4.4.4+dfsg-3) unstable; urgency=medium
.
* Add patch gcc_6.patch, fixing compatibility with gcc 6.
Closes: #812264
.
samba (2:4.4.4+dfsg-2) unstable; urgency=medium
.
* Mask samba-ad-dc.service unless needed (Closes: #828137)
* Fix kill path in systemd units (Closes: #828730)
.
samba (2:4.4.4+dfsg-1) unstable; urgency=medium
.
* New upstream release.
* The "Thanks lintian" release
* Fixes:
- Ensure that dpkg-buildflags are passed, and enable all hardening
- systemd
+ Enable systemd (sd_notify) on Linux, and install systemd files
+ Remove obsolete syslog.target from service files
+ Add documentation field to unit files
- Drop fix-cluster-build.diff: no more needed
- Use secure Vcs-* URLs
- Fix copyright file
- samba.postinst: command-with-path-in-maintainer-script update-inetd
- samba-common-bin: package-contains-empty-directory usr/lib/samba/
- winbind: package-contains-empty-directory usr/lib/samba/nss_info/
- Add Description to init files
* No-op fixes:
- d/control: Drop XS-Testsuite field
- Drop redundant "Priority: optional" fields
- Drop redundant "Section: net" fields
- Describe non-standard-dir-perm var/spool/samba/
- Describe no_build_system.patch
- Remove README.build-upstream, as packaging/Debian/ is now empty
- Verify upstream tarball from uscan
- Update README.source and remove build-orig.sh
.
samba (2:4.4.3+dfsg-4) unstable; urgency=medium
.
* Fix build with DEB_BUILD_OPTIONS=nocheck
* Still run "make quicktest" but ignore failures
.
samba (2:4.4.3+dfsg-3) unstable; urgency=medium
.
* Skip raw.write tests for now as they fail on 32-bit
.
samba (2:4.4.3+dfsg-2) unstable; urgency=medium
.
* Run quicktest during build
* Reproducibility:
- Drop no_build_options.patch as it breaks "make test"
- Remove unreproducible build environment instead
* Mention that patch waf_smbpasswd_location was submitted
* usershare.patch: Fix "usershare max shares" default in XML doc and in s4
.
samba (2:4.4.3+dfsg-1) unstable; urgency=medium
.
* Cleanup ctdb READMEs during 'clean' step.
* New upstream release.
.
samba (2:4.4.2+dfsg-2) unstable; urgency=medium
.
* Merge in 4.3 package changes.
.
samba (2:4.4.2+dfsg-1) unstable; urgency=medium
.
* New upstream release.
* Bump standards version to 3.9.8 (no changes).
* Drop build dependency on perl-modules; depend on perl instead.
* Upload to unstable.
.
samba (2:4.4.1+dfsg-1) experimental; urgency=medium
.
* New upstream release
+ Fixes (Patches by Stefan Metzmacher of SerNet and others on the Samba Team):
- CVE-2015-5370 (Multiple errors in DCE-RPC code)
- CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
- CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
- CVE-2016-2112 (LDAP client and server don't enforce integrity)
- CVE-2016-2113 (Missing TLS certificate validation)
- CVE-2016-2114 ("server signing = mandatory" not enforced)
- CVE-2016-2115 (SMB IPC traffic is not integrity protected)
- CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)
* Additional regression fix for 'net ads join' to a Windows 2003 domain by metze
.
samba (2:4.4.0+dfsg-1) experimental; urgency=medium
.
[ Andrew Bartlett ]
* New upstream release.
Checksums-Sha1:
35f21f105a5fa70a41019d64175b49495a26ce49 4095 samba_4.4.5+dfsg-2ubuntu1.dsc
bfa6dd8c57e55d583aa5f10fa7a67c34ef0aa278 20707081 samba_4.4.5+dfsg.orig.tar.gz
3f8acd596f8b8978645c056b2a35b6b27e75dde2 233944 samba_4.4.5+dfsg-2ubuntu1.debian.tar.xz
Checksums-Sha256:
a48318702b6856e8b1b104ea36c717809ef78cc3098b324236f4bd2d3d8f0d64 4095 samba_4.4.5+dfsg-2ubuntu1.dsc
4fc09a56ad154e81c6492b7b660c84a4c8eb67f2c9983d5ba2cb6c1f76dbfbd2 20707081 samba_4.4.5+dfsg.orig.tar.gz
3174bc5e1b4634a193682795a6429582d8926bf2cc56b8bd6bcc0604081fe55e 233944 samba_4.4.5+dfsg-2ubuntu1.debian.tar.xz
Files:
26de6cdc7777976234584944999a9eaf 4095 net optional samba_4.4.5+dfsg-2ubuntu1.dsc
27307e3c7e6f39778cb2241e21f3544d 20707081 net optional samba_4.4.5+dfsg.orig.tar.gz
1acd4030c8290461e695c71145b9119e 233944 net optional samba_4.4.5+dfsg-2ubuntu1.debian.tar.xz
Original-Maintainer: Debian Samba Maintainers <pkg-samba-maint at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCgAGBQJXiDl7AAoJEFaNMPMhshM9fAoP/1TLHwQMJh8CVRJwzUxESi50
i3DcpP5QFQxrsE24Rab44ndAwyiihzBFYHrrLaEQrRaY457+PcVm0vB4142/U5uk
RJoStFZuc9HrcwdmO8tGD1sNHFJ/PPaa68TrFCW2H84Htre7ogOVHVKTOPnVIg1f
ASJuzo/9m5u1FEhV6POoYS8/F1DR4i9bzeGeJg4kTUzj0XQLvgI7r1UOJF5ZGSMi
1sXn2dYAWpjFu90otw+B65MFvEz/p4u4m+LGkyMDqO8nLtg9rsoxWwwXN0p5c9sK
7Y20MKnJeFRK8cCZZmftsy9YPbiPT/kZ331fX1rxqMzp4IqqZAg40zXv3jsnirad
j/54gEQQlxBwlg33Bv6sArhGk1lToULK8zpged1fzT/PB3/DrnEQ/hhm6K9LG2FR
G5LtbJ+KGJaYw18XTFlEqcuoyRl0gwYsnKn37ZBuLgEiYFbfx4rTHt9+dKMTHFmZ
mjIDw5lOC8u29nrrwfyVhjxnmybbBiIKjAb6TaJHcNAlN449S5gOdo3qputzrnzr
N3NIn+aojto0CDhmsUK0D4EHb130eOEkIA3J6PnQS9H/ZFZ6xCppGEUbn5XAhCV1
+i/BgJhPybJTIig1KqxDEr6W2Pef7vsvRNao7sbFe5Fbcx1Zze1pbAbV4OeWhIN0
KI73Jn5+M/1FLi4tj0/D
=BaBf
-----END PGP SIGNATURE-----
More information about the Yakkety-changes
mailing list