Ubuntu
samba package

Merge ~michal-maloszewski99/ubuntu/+source/samba:samba-tool-usrpassword-lunar-fix into ubuntu/+source/samba:ubuntu/lunar-devel

  1. Git
  2. lp:~michal-maloszewski99/ubuntu/+source/samba
  3. samba-tool-usrpassword-lunar-fix
  4. Merge into ubuntu/lunar-devel
Proposed by Michał Małoszewski
Status: Merged
Approved by: git-ubuntu bot
Approved revision: not available
Merge reported by: Robie Basak
Merged at revision: 87a62cd16afe9d76800044026fe550a859f5a3bc
Proposed branch: ~michal-maloszewski99/ubuntu/+source/samba:samba-tool-usrpassword-lunar-fix
Merge into: ubuntu/+source/samba:ubuntu/lunar-devel
Diff against target: 57 lines (+35/-0)
3 files modified
debian/changelog (+9/-0)
debian/patches/issue-when-updating-old-passwd-containing-regex-metachars.patch (+25/-0)
debian/patches/series (+1/-0)
Reviewer Review Type Date Requested Status
git-ubuntu bot Approve
Simon Quigley (community) Approve
Canonical Server Reporter Pending
Review via email: mp+449096@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Michał Małoszewski (michal-maloszewski99) wrote :

Results: (from http://autopkgtest.ubuntu.com/results/autopkgtest-lunar-michal-maloszewski99-samba-tool-password-fix-lunar-ppa/?format=plain)
  samba @ amd64:
    http://autopkgtest.ubuntu.com/results/autopkgtest-lunar-michal-maloszewski99-samba-tool-password-fix-lunar-ppa/lunar/amd64/s/samba/20230814_125654_7dd86@/log.gz
    14.08.23 12:56:54 ✅ Triggers: samba/2:4.17.7+dfsg-1ubuntu2.1~ppa1
  samba @ arm64:
    http://autopkgtest.ubuntu.com/results/autopkgtest-lunar-michal-maloszewski99-samba-tool-password-fix-lunar-ppa/lunar/arm64/s/samba/20230814_133058_1c41c@/log.gz
    14.08.23 13:30:58 ✅ Triggers: samba/2:4.17.7+dfsg-1ubuntu2.1~ppa1
  samba @ armhf:
    http://autopkgtest.ubuntu.com/results/autopkgtest-lunar-michal-maloszewski99-samba-tool-password-fix-lunar-ppa/lunar/armhf/s/samba/20230814_125353_9ca4d@/log.gz
    14.08.23 12:53:53 ✅ Triggers: samba/2:4.17.7+dfsg-1ubuntu2.1~ppa1
  samba @ ppc64el:
    http://autopkgtest.ubuntu.com/results/autopkgtest-lunar-michal-maloszewski99-samba-tool-password-fix-lunar-ppa/lunar/ppc64el/s/samba/20230814_130412_5a642@/log.gz
    14.08.23 13:04:12 ✅ Triggers: samba/2:4.17.7+dfsg-1ubuntu2.1~ppa1
  samba @ s390x:
    http://autopkgtest.ubuntu.com/results/autopkgtest-lunar-michal-maloszewski99-samba-tool-password-fix-lunar-ppa/lunar/s390x/s/samba/20230814_130646_96784@/log.gz
    14.08.23 13:06:46 ✅ Triggers: samba/2:4.17.7+dfsg-1ubuntu2.1~ppa1
Running: (none)
Waiting: (none)

Revision history for this message
Michał Małoszewski (michal-maloszewski99) wrote :

Results: (from http://autopkgtest.ubuntu.com/results/autopkgtest-lunar-michal-maloszewski99-samba-tool-password-fix-lunar-ppa/?format=plain)
  samba @ amd64:
    http://autopkgtest.ubuntu.com/results/autopkgtest-lunar-michal-maloszewski99-samba-tool-password-fix-lunar-ppa/lunar/amd64/s/samba/20230820_174217_b843b@/log.gz
    20.08.23 17:42:17 ✅ Triggers: samba/2:4.17.7+dfsg-1ubuntu2.2~ppa1
  samba @ arm64:
    http://autopkgtest.ubuntu.com/results/autopkgtest-lunar-michal-maloszewski99-samba-tool-password-fix-lunar-ppa/lunar/arm64/s/samba/20230820_160853_15d46@/log.gz
    20.08.23 16:08:53 ✅ Triggers: samba/2:4.17.7+dfsg-1ubuntu2.2~ppa1
  samba @ armhf:
    http://autopkgtest.ubuntu.com/results/autopkgtest-lunar-michal-maloszewski99-samba-tool-password-fix-lunar-ppa/lunar/armhf/s/samba/20230820_144725_1aafc@/log.gz
    20.08.23 14:47:25 ✅ Triggers: samba/2:4.17.7+dfsg-1ubuntu2.2~ppa1
  samba @ ppc64el:
    http://autopkgtest.ubuntu.com/results/autopkgtest-lunar-michal-maloszewski99-samba-tool-password-fix-lunar-ppa/lunar/ppc64el/s/samba/20230820_151016_d669a@/log.gz
    20.08.23 15:10:16 ✅ Triggers: samba/2:4.17.7+dfsg-1ubuntu2.2~ppa1
  samba @ s390x:
    http://autopkgtest.ubuntu.com/results/autopkgtest-lunar-michal-maloszewski99-samba-tool-password-fix-lunar-ppa/lunar/s390x/s/samba/20230820_145407_9fee2@/log.gz
    20.08.23 14:54:07 ✅ Triggers: samba/2:4.17.7+dfsg-1ubuntu2.2~ppa1
Running: (none)
Waiting: (none)

Revision history for this message
Michał Małoszewski (michal-maloszewski99) wrote :

It can be reviewed :)

Revision history for this message
Simon Quigley (tsimonq2) wrote :

I strongly dislike your choice of patch name (quite long). Sponsoring anyway, thanks. :)

review: Approve
Revision history for this message
git-ubuntu bot (git-ubuntu-bot) wrote :

Approvers: tsimonq2, michal-maloszewski99
Uploaders: tsimonq2
MP auto-approved

review: Approve
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

This is part of https://launchpad.net/ubuntu/+source/samba/2:4.17.7+dfsg-1ubuntu2.3, uploaded by the security team.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 17631d3..7418f70 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,12 @@
6+samba (2:4.17.7+dfsg-1ubuntu2.2) lunar; urgency=medium
7+
8+ * d/p/issue-when-updating-old-passwd-containing-regex-metachars.patch:
9+ Add changes to fix uncaught exception when updating old password
10+ containing regex metacharacters by simplifying samba-tool password
11+ redaction (LP: #2002949).
12+
13+ -- Michal Maloszewski <michal.maloszewski@canonical.com> Sun, 20 Aug 2023 13:57:29 +0200
14+
15 samba (2:4.17.7+dfsg-1ubuntu2.1) lunar; urgency=medium
16
17 * d/control: adjust breaks/replaces for file move that Debian did in
18diff --git a/debian/patches/issue-when-updating-old-passwd-containing-regex-metachars.patch b/debian/patches/issue-when-updating-old-passwd-containing-regex-metachars.patch
19new file mode 100644
20index 0000000..3375da0
21--- /dev/null
22+++ b/debian/patches/issue-when-updating-old-passwd-containing-regex-metachars.patch
23@@ -0,0 +1,25 @@
24+Description: Fix samba to allow updating old password
25+ The patch here is one line long. It is created from the
26+ 'suggested fix' in the reported bug in Ubuntu:
27+ https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2002949
28+ The trick is to replace '(opt_str, secret_data)' with re.escape that
29+ are used to escape any special characters in 'opt_str' and
30+ 'secret_data', ensuring that they are treated as literal characters in
31+ the regex pattern.
32+Origin: other, https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2002949
33+Bug: https://bugzilla.samba.org/show_bug.cgi?id=15289
34+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2002949
35+Last-Update: 2023-08-21
36+---
37+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
38+--- a/python/samba/getopt.py
39++++ b/python/samba/getopt.py
40+@@ -198,7 +198,7 @@
41+ # [= ] -> The option and the secret data might be separated by space
42+ # or equal sign.
43+ # [ ]*.* -> After the secret data might be one, many or no space.
44+- pass_opt_re_str = "(.*[ ]+)(%s[= ]%s)([ ]*.*)" % (opt_str, secret_data)
45++ pass_opt_re_str = "(.*[ ]+)(%s[= ]%s)([ ]*.*)" % (re.escape(opt_str), re.escape(secret_data))
46+ pass_opt_re = re.compile(pass_opt_re_str)
47+ # Get current proctitle.
48+ cur_proctitle = setproctitle.getproctitle()
49diff --git a/debian/patches/series b/debian/patches/series
50index c2268c6..4829811 100644
51--- a/debian/patches/series
52+++ b/debian/patches/series
53@@ -47,3 +47,4 @@ CVE-2023-34968-09.patch
54 CVE-2023-34968-10.patch
55 CVE-2023-34968-11.patch
56 secure-channel-faulty-kb5028166.patch
57+issue-when-updating-old-passwd-containing-regex-metachars.patch

Subscribers

People subscribed via source and target branches