lp:ubuntu/gutsy-security/samba
- Get this branch:
- bzr branch lp:ubuntu/gutsy-security/samba
Branch merges
Related source package recipes
Related bugs
Related blueprints
Branch information
Recent revisions
- 33. By Jamie Strandboge
-
* RELIABILITY UPDATE: the patch for CVE-2008-1105 introduced a regression
with certain client and server interactions with large file sizes.
* debian/patches/ security- CVE-2008- 1105_pt2. patch: adjust cli_negprot()
to properly calculate buffer sizes
* References
LP: #241448
https://bugzilla. samba.org/ show_bug. cgi?id= 5517 - 32. By Jamie Strandboge
-
* SECURITY UPDATE: heap overflow when processing crafted SMB responses
* debian/patches/ security- CVE-2008- 1105.patch: update util_sock.c to require
specifying the buffer size and update client.c, smbctool.c, smbfilter.c,
and process.c for these changes
* SECURITY UPDATE: buffer overrun in nmbd when processing crafted GETDC
mailslot requests
* debian/patches/ security_ CVE-2007- 4572.patch: check return values and
sizeof strings in charcnv.c, ntlmssp_parse.c, nmbd_processlogon.c.
Backport regression fixes from upstream.
* References:
CVE-2008-1105
CVE-2007-4572
LP: #235912 - 31. By Kees Cook
-
* SECURITY UPDATE: remote code execution via GETDC mailslot request.
* Add security-CVE-2007- 6015.patch: thanks to Steve Langasek.
* References
CVE-2007-6015 - 30. By Jamie Strandboge
-
* removed debian/
patches/ security_ CVE-2007- 4572.patch as it
caused regressions. This is believed to be a non-exploitable
DoS, but will provide updated packages when a suitable fix
is found.
* References:
LP #163042
LP #163116
https://bugzilla. samba.org/ show_bug. cgi?id= 5087 - 29. By Jamie Strandboge
-
* SECURITY UPDATE: buffer overrun in nmbd when processing crafted GETDC
mailslot requests
* debian/patches/ security_ CVE-2007- 4572.patch: check return values and
sizeof strings in charcnv.c, ntlmssp_parse.c, nmbd_processlogon.c
* SECURITY UPDATE: arbitrary code execution in nmbd when configured as
a WINS server when processing name registration and name query requests
* debian/patches/ security_ CVE-2007- 5398.patch: properly check len in
nmbd_packets.c
* References
CVE-2007-4572
CVE-2007-5398 - 28. By Steve Langasek
-
* debian/
patches/ chgpasswd. patch:
- Also set the locale to 'C' when using PAM for password changes,
since the PAM conversation is equally affected by PAM l10n support
(LP: #139265). - 27. By Andrew Mitchell
-
* debian/
patches/ chgpasswd. patch:
- Set locale to 'C' while calling the passwd change program
* Merge from debian unstable, remaining changes:
* debian/patches/ VERSION. patch:
- set SAMBA_VERSION_VENDOR_ SUFFIX to Ubuntu
* debian/control:
- Remove typehandling (not used in Ubuntu)
* debian/samba-common. templates:
- Set default workgroup to MSHOME
* debian/rules:
- Remove type-handling.
* debian/samba.init:
- Make sure $PIDDIR exists (/var/run is a tmpfs)
- Ubuntu's log_progress_msg is a no-op, so to avoid confusion, don't
say specifically which daemons we're handling. (LP #25803)
* debian/smb.conf:
- Add "(Samba, Ubuntu)" to server string.
- Change the (commented-out) "printer admin" example to use "@lpadmin"
instead of "@ntadmin", since the lpadmin group is used for spool admin.
- Comment out the default [homes] shares and add more verbose comments to
explain what they do and how they work (LP #27608). Also, add a
comment about "valid users = %S" to show users how to restrict access
to \\server\username to only username.
* debian/panic-action:
- Bail out if there's no "mail" command.
- Alter the panic-action script to link to the samba bug reporting page
on Launchpad.
* debian/samba-common. config:
- do not change priority to HIGH if dhclient3 is installed - 26. By Mathias Gug
-
* debian/rules:
- add error-handler=true to samba dh_installinit. Fixes LP: #85194.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/lucid/samba
