[ubuntu/disco-proposed] samba 2:4.10.0+dfsg-0ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Mon Apr 8 22:08:32 UTC 2019 

samba (2:4.10.0+dfsg-0ubuntu2) disco; urgency=medium

  * SECURITY UPDATE: world writable files in Samba AD DC private/ dir
    - debian/patches/CVE-2019-3870-1.patch: extend smbd tests to check for
      umask being overwritten in python/samba/tests/ntacls_backup.py,
      python/samba/tests/posixacl.py, python/samba/tests/smbd_base.py,
      selftest/knownfail.d/umask-leak.
    - debian/patches/CVE-2019-3870-2.patch: add test to check
      file-permissions are correct after provision in
      selftest/knownfail.d/provision_fileperms, source4/selftest/tests.py,
      source4/setup/tests/provision_fileperms.sh.
    - debian/patches/CVE-2019-3870-3.patch: include tests to show the
      outside umask has no impact in python/samba/tests/ntacls_backup.py,
      python/samba/tests/smbd_base.py, selftest/knownfail.d/pymkdir-umask.
    - debian/patches/CVE-2019-3870-4.patch: move umask manipuations as
      close as possible to users in source3/smbd/pysmbd.c,
      selftest/knownfail.d/provision_fileperms,
      selftest/knownfail.d/umask-leak.
    - debian/patches/CVE-2019-3870-5.patch: ensure a zero umask is set for
      smbd.mkdir() in selftest/knownfail.d/pymkdir-umask,
      source3/smbd/pysmbd.c.
    - CVE-2019-3870
  * SECURITY UPDATE: save registry file outside share as unprivileged user
    - debian/patches/CVE-2019-3880.patch: remove implementations of
      SaveKey/RestoreKey in source3/rpc_server/winreg/srv_winreg_nt.c.
    - CVE-2019-3880

Date: Mon, 08 Apr 2019 10:32:30 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/samba/2:4.10.0+dfsg-0ubuntu2
-------------- next part --------------
Format: 1.8
Date: Mon, 08 Apr 2019 10:32:30 -0400
Source: samba
Architecture: source
Version: 2:4.10.0+dfsg-0ubuntu2
Distribution: disco
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 samba (2:4.10.0+dfsg-0ubuntu2) disco; urgency=medium
 .
   * SECURITY UPDATE: world writable files in Samba AD DC private/ dir
     - debian/patches/CVE-2019-3870-1.patch: extend smbd tests to check for
       umask being overwritten in python/samba/tests/ntacls_backup.py,
       python/samba/tests/posixacl.py, python/samba/tests/smbd_base.py,
       selftest/knownfail.d/umask-leak.
     - debian/patches/CVE-2019-3870-2.patch: add test to check
       file-permissions are correct after provision in
       selftest/knownfail.d/provision_fileperms, source4/selftest/tests.py,
       source4/setup/tests/provision_fileperms.sh.
     - debian/patches/CVE-2019-3870-3.patch: include tests to show the
       outside umask has no impact in python/samba/tests/ntacls_backup.py,
       python/samba/tests/smbd_base.py, selftest/knownfail.d/pymkdir-umask.
     - debian/patches/CVE-2019-3870-4.patch: move umask manipuations as
       close as possible to users in source3/smbd/pysmbd.c,
       selftest/knownfail.d/provision_fileperms,
       selftest/knownfail.d/umask-leak.
     - debian/patches/CVE-2019-3870-5.patch: ensure a zero umask is set for
       smbd.mkdir() in selftest/knownfail.d/pymkdir-umask,
       source3/smbd/pysmbd.c.
     - CVE-2019-3870
   * SECURITY UPDATE: save registry file outside share as unprivileged user
     - debian/patches/CVE-2019-3880.patch: remove implementations of
       SaveKey/RestoreKey in source3/rpc_server/winreg/srv_winreg_nt.c.
     - CVE-2019-3880
Checksums-Sha1:
 2b589cbb35ec0e2d94e94ed8f631fe190bf2467c 4207 samba_4.10.0+dfsg-0ubuntu2.dsc
 2264a6c7ba679203489db9c0d26cea7b26e24ed8 242828 samba_4.10.0+dfsg-0ubuntu2.debian.tar.xz
 7e5a565b7ed971da5af7123a1882896fe90318fd 11607 samba_4.10.0+dfsg-0ubuntu2_source.buildinfo
Checksums-Sha256:
 f82e3b159ba145a8d8854eab874f67f6aaa5c9613cb276cba109fac6afb42f9f 4207 samba_4.10.0+dfsg-0ubuntu2.dsc
 8bd4ca2400ed1e0860c8ba685c2a24e167984857b76455117c11b1919010beae 242828 samba_4.10.0+dfsg-0ubuntu2.debian.tar.xz
 54499c0375d2bb5b860547c90ab5ced746468e9218e59479f17a0cde916a96e5 11607 samba_4.10.0+dfsg-0ubuntu2_source.buildinfo
Files:
 36d5fd06b259fe9ad26d450109150e36 4207 net optional samba_4.10.0+dfsg-0ubuntu2.dsc
 ca94069c9b97ed7004bf09ec3c399ca3 242828 net optional samba_4.10.0+dfsg-0ubuntu2.debian.tar.xz
 4cb50287684b89c8b4202d5237eb81ef 11607 net optional samba_4.10.0+dfsg-0ubuntu2_source.buildinfo
Original-Maintainer: Debian Samba Maintainers <pkg-samba-maint at lists.alioth.debian.org>

More information about the Disco-changes mailing list