[ubuntu/lucid] samba 2:3.4.2-1ubuntu1 (Accepted)
Chuck Short
zulcss at ubuntu.com
Tue Nov 3 15:50:22 GMT 2009
samba (2:3.4.2-1ubuntu1) lucid; urgency=low
* Merge from debian unstable, remaining changes:
+ debian/patches/VERSION.patch:
- set SAMBA_VERSION_SUFFIX to Ubuntu
+ debian/smb.conf:
- Add "(Samaba, Ubuntu)" to server string.
- Comment out the default [homes] share, and add a comment about "valid users = %s" to show users
how to restrict access to \\server\username to only username.
- Set 'usershare allow guests', so that usershare admins are
allowed to create public shares in addition to authenticated ones.
- add map to guest = Bad user, maps bad username to guest access.
+ debian/samba-common.config:
- Do not change priority to high if dhclient3 is installed.
- Use priority medium instead of high for the workgroup question.
+ debian/mksambapasswd.awk:
- Do not add user with UID less than 1000 to smbpasswd.
+ debian/control:
- Make libwbclient0 replace/conflict with hardy's likewise-open.
- Don't build against ctdb.
- Build-depend on libreadline-dev instead of libreadline5-dev.
+ debian/rules:
- enable "native" PIE hardening.
+ Add ufw integration:
- Created debian/samba.ufw.profile
- debian/rules, debian/samba.dirs, debian/samba.files: install
+ debian/patches/fix-smbclient-long-names.patch: Samba shares with more than 12 characters are not
displayed. (LP: #449735)
+ Dropped:
- debian/patches/536757.patch: Already upstream
- debian/patches/net-usershare-list-3.4.0.patch: Already upstream
- debian/patches/fix-crash-when-loading-interfaces.patch: Already upstream
- debian/patches/fix-upstream-6680.patch: Already upstream
- debian/patches/security-CVE-2009-2813.patch: Already upstream
- debian/patches/security-CVE-2009-2948.patch: Already upstream
- debian/patches/security-CVE-2009-2906.patch: Already upstream
samba (2:3.4.2-1) unstable; urgency=high
* New upstream release. Security update.
* CVE-2009-2813:
Connecting to the home share of a user will use the root of the
filesystem as the home directory if this user is misconfigured to
have an empty home directory in /etc/passwd.
* CVE-2009-2948:
If mount.cifs is installed as a setuid program, a user can pass it
a credential or password path to which he or she does not have
access and then use the --verbose option to view the first line of
that file.
* CVE-2009-2906:
Specially crafted SMB requests on authenticated SMB connections
can send smbd into a 100% CPU loop, causing a DoS on the Samba
server.
samba (2:3.4.1-2) unstable; urgency=low
* ./configure --disable-avahi, to avoid accidentally picking up an avahi
dependency when libavahi-common-dev is installed.
samba (2:3.4.1-1) unstable; urgency=low
[ Christian Perrier ]
* New upstream release. This fixes the following bugs:
- smbd SIGSEGV when breaking oplocks. Thanks to Petr Vandrovec
for the clever analysis and collaboration with upstream.
Closes: #541171
- Fix password change propagation with ldapsam. Closes: #505215
- Source package contains non-free IETF RFC/I-D. Closes: #538034
* Turn the build dependency on libreadline5-dev to libreadline-dev
to make further binNMUs easier when libreadline soname changes
Thanks to Matthias Klose for the suggestion
[ Steve Langasek ]
* Don't build talloctort when using --enable-external-talloc; and don't
try to include talloctort in the samba-tools package, since we're
building with --enable-external-talloc. :) Closes: #546828.
samba (2:3.4.0-5) unstable; urgency=low
* Move /etc/pam.d/samba back to samba-common, because it's shared with
samba4. Closes: #545764.
samba (2:3.4.0-4) unstable; urgency=low
[ Steve Langasek ]
* debian/samba.pamd: include common-session-noninteractive instead of
common-session, to avoid pulling in modules specific to interactive
logins such as pam_ck_connector.
* debian/control: samba depends on libpam-runtime (>= 1.0.1-11) for the
above.
* rename debian/samba.pamd to debian/samba.pam and call dh_installpam
from debian/rules install, bringing us a smidge closer to a stock
debhelper build
* don't call pyversions from debian/rules, this throws a useless error
message during build.
* fix up the list of files that need to be removed by hand in the clean
target; the majority of these are now correctly handled upstream.
* debian/rules: fix the update-arch target for the case of unversioned
build-deps.
* Pull avr32 into the list of supported Linux archs. Closes: #543543.
* Fix LSB header in winbind.init; thanks to Petter Reinholdtsen for the
patch. Closes: #541367.
[ Christian Perrier ]
* Use DEP-3 for patches meta-information
[ Steve Langasek ]
* Change swat update-inetd call to use --remove only on purge,
and --disable on removal.
* Add missing build-dependency on pkg-config, needed to fix libtalloc
detection
* debian/patches/external-talloc-support.patch: fix the Makefile so it
works when using external talloc instead of giving a missing-depend
error.
* debian/patches/autoconf.patch: resurrect this patch, needed for the
above.
* debian/rules: build with --without-libtalloc
--enable-external-libtalloc, also needed to fix the build failure.
Date: Wed, 21 Oct 2009 22:14:57 +0100
Changed-By: Chuck Short <zulcss at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Chuck Short <chuck.short at canonical.com>
https://launchpad.net/ubuntu/lucid/+source/samba/2:3.4.2-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 21 Oct 2009 22:14:57 +0100
Source: samba
Binary: samba samba-common-bin samba-common samba-tools smbclient swat samba-doc samba-doc-pdf smbfs libpam-smbpass libsmbclient libsmbclient-dev winbind samba-dbg libwbclient0
Architecture: source
Version: 2:3.4.2-1ubuntu1
Distribution: lucid
Urgency: high
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Chuck Short <zulcss at ubuntu.com>
Description:
libpam-smbpass - pluggable authentication module for Samba
libsmbclient - shared library for communication with SMB/CIFS servers
libsmbclient-dev - development files for libsmbclient
libwbclient0 - Samba winbind client library
samba - SMB/CIFS file, print, and login server for Unix
samba-common - common files used by both the Samba server and client
samba-common-bin - common files used by both the Samba server and client
samba-dbg - Samba debugging symbols
samba-doc - Samba documentation
samba-doc-pdf - Samba documentation in PDF format
samba-tools - Samba testing utilities
smbclient - command-line SMB/CIFS clients for Unix
smbfs - Samba file system utilities
swat - Samba Web Administration Tool
winbind - Samba nameservice integration server
Closes: 505215 538034 541171 541367 543543 545764 546828
Changes:
samba (2:3.4.2-1ubuntu1) lucid; urgency=low
.
* Merge from debian unstable, remaining changes:
+ debian/patches/VERSION.patch:
- set SAMBA_VERSION_SUFFIX to Ubuntu
+ debian/smb.conf:
- Add "(Samaba, Ubuntu)" to server string.
- Comment out the default [homes] share, and add a comment about "valid users = %s" to show users
how to restrict access to \\server\username to only username.
- Set 'usershare allow guests', so that usershare admins are
allowed to create public shares in addition to authenticated ones.
- add map to guest = Bad user, maps bad username to guest access.
+ debian/samba-common.config:
- Do not change priority to high if dhclient3 is installed.
- Use priority medium instead of high for the workgroup question.
+ debian/mksambapasswd.awk:
- Do not add user with UID less than 1000 to smbpasswd.
+ debian/control:
- Make libwbclient0 replace/conflict with hardy's likewise-open.
- Don't build against ctdb.
- Build-depend on libreadline-dev instead of libreadline5-dev.
+ debian/rules:
- enable "native" PIE hardening.
+ Add ufw integration:
- Created debian/samba.ufw.profile
- debian/rules, debian/samba.dirs, debian/samba.files: install
+ debian/patches/fix-smbclient-long-names.patch: Samba shares with more than 12 characters are not
displayed. (LP: #449735)
+ Dropped:
- debian/patches/536757.patch: Already upstream
- debian/patches/net-usershare-list-3.4.0.patch: Already upstream
- debian/patches/fix-crash-when-loading-interfaces.patch: Already upstream
- debian/patches/fix-upstream-6680.patch: Already upstream
- debian/patches/security-CVE-2009-2813.patch: Already upstream
- debian/patches/security-CVE-2009-2948.patch: Already upstream
- debian/patches/security-CVE-2009-2906.patch: Already upstream
.
samba (2:3.4.2-1) unstable; urgency=high
.
* New upstream release. Security update.
* CVE-2009-2813:
Connecting to the home share of a user will use the root of the
filesystem as the home directory if this user is misconfigured to
have an empty home directory in /etc/passwd.
* CVE-2009-2948:
If mount.cifs is installed as a setuid program, a user can pass it
a credential or password path to which he or she does not have
access and then use the --verbose option to view the first line of
that file.
* CVE-2009-2906:
Specially crafted SMB requests on authenticated SMB connections
can send smbd into a 100% CPU loop, causing a DoS on the Samba
server.
.
samba (2:3.4.1-2) unstable; urgency=low
.
* ./configure --disable-avahi, to avoid accidentally picking up an avahi
dependency when libavahi-common-dev is installed.
.
samba (2:3.4.1-1) unstable; urgency=low
.
[ Christian Perrier ]
* New upstream release. This fixes the following bugs:
- smbd SIGSEGV when breaking oplocks. Thanks to Petr Vandrovec
for the clever analysis and collaboration with upstream.
Closes: #541171
- Fix password change propagation with ldapsam. Closes: #505215
- Source package contains non-free IETF RFC/I-D. Closes: #538034
* Turn the build dependency on libreadline5-dev to libreadline-dev
to make further binNMUs easier when libreadline soname changes
Thanks to Matthias Klose for the suggestion
.
[ Steve Langasek ]
* Don't build talloctort when using --enable-external-talloc; and don't
try to include talloctort in the samba-tools package, since we're
building with --enable-external-talloc. :) Closes: #546828.
.
samba (2:3.4.0-5) unstable; urgency=low
.
* Move /etc/pam.d/samba back to samba-common, because it's shared with
samba4. Closes: #545764.
.
samba (2:3.4.0-4) unstable; urgency=low
.
[ Steve Langasek ]
* debian/samba.pamd: include common-session-noninteractive instead of
common-session, to avoid pulling in modules specific to interactive
logins such as pam_ck_connector.
* debian/control: samba depends on libpam-runtime (>= 1.0.1-11) for the
above.
* rename debian/samba.pamd to debian/samba.pam and call dh_installpam
from debian/rules install, bringing us a smidge closer to a stock
debhelper build
* don't call pyversions from debian/rules, this throws a useless error
message during build.
* fix up the list of files that need to be removed by hand in the clean
target; the majority of these are now correctly handled upstream.
* debian/rules: fix the update-arch target for the case of unversioned
build-deps.
* Pull avr32 into the list of supported Linux archs. Closes: #543543.
* Fix LSB header in winbind.init; thanks to Petter Reinholdtsen for the
patch. Closes: #541367.
.
[ Christian Perrier ]
* Use DEP-3 for patches meta-information
.
[ Steve Langasek ]
* Change swat update-inetd call to use --remove only on purge,
and --disable on removal.
* Add missing build-dependency on pkg-config, needed to fix libtalloc
detection
* debian/patches/external-talloc-support.patch: fix the Makefile so it
works when using external talloc instead of giving a missing-depend
error.
* debian/patches/autoconf.patch: resurrect this patch, needed for the
above.
* debian/rules: build with --without-libtalloc
--enable-external-libtalloc, also needed to fix the build failure.
Checksums-Sha1:
dfd457baf4ffc1c8cd0b2ca3eb5a3e3d41ec9893 2208 samba_3.4.2-1ubuntu1.dsc
4077302ed27b6d9f50bbcfba58ca6a58fe9d0f59 34979734 samba_3.4.2.orig.tar.gz
90b5a10253a4f8143fd0800cd09541b54553b0e5 494822 samba_3.4.2-1ubuntu1.diff.gz
Checksums-Sha256:
0822a7f3d468a127840770ac8206c3376b83a9ccd4377209fad17a53669d2b1b 2208 samba_3.4.2-1ubuntu1.dsc
8b880e78d175a82df627d61a070461812bba209b21346aa0383cd5c96d364fc4 34979734 samba_3.4.2.orig.tar.gz
f9c0ac0790741de9b6c49b28da5e65f70fe2616f647b884bf32fce3fa26f4b43 494822 samba_3.4.2-1ubuntu1.diff.gz
Files:
6c61095ad2a2661b2dc9050d05d4ac22 2208 net optional samba_3.4.2-1ubuntu1.dsc
85fefafbeb94181c9df4b752e5ed7049 34979734 net optional samba_3.4.2.orig.tar.gz
fce7db487e8102a00f71a1fc49186410 494822 net optional samba_3.4.2-1ubuntu1.diff.gz
Launchpad-Bugs-Fixed: 449735
Original-Maintainer: Debian Samba Maintainers <pkg-samba-maint at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkrwSa8ACgkQIHZ33voUATvT2QCgskoyoMkfknzYh79amTGMCMur
L0kAoKZdoHmPW4xtH1X7k9Y0O25NrYqF
=zP1G
-----END PGP SIGNATURE-----
More information about the Lucid-changes
mailing list