lp:ubuntu/hardy-security/samba

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

53. By Tyler Hicks on 2012-04-12

[ Steve Beattie ]
* SECURITY UPDATE: unauthenticated remote code execution via
  RPC calls (LP: #978458)
  - debian/patches/security-CVE-2012-1182.patch: make variable length
    check be consistent with memory allocation size computation.
  - CVE-2012-1182

52. By Marc Deslauriers on 2012-02-23

* SECURITY UPDATE: arbitrary code execution via AndX requests
  - debian/patches/security-CVE-2012-0870.patch: perform additional
    sanity checks in source/smbd/process.c.
  - CVE-2012-0870

51. By Marc Deslauriers on 2011-09-30

* Improve mtab locking support to prevent mtab corruption
  - debian/patches/security-mtab-locking.patch: backport mtab locking
    logic from newer releases in source/client/{mount.cifs.c,mount.h,
    mtab.c,umount.cifs.c}, source/Makefile.in.
* SECURITY UPDATE: denial of service via stale mtab lockfile
  - debian/patches/security-mask-signals.patch: mask signals while
    updating the mtab file in source/client/mount.cifs.c.
  - CVE-2011-3585
* SECURITY UPDATE: mtab corruption via resource limits
  - debian/patches/CVE-2011-1678.patch: truncate mtab file if updating it
    failed in source/client/{mount.cifs.c,mount.h,mtab.c}.
  - CVE-2011-1678

50. By Marc Deslauriers on 2011-07-28

* SECURITY UPDATE: cross-site scripting in SWAT
  - debian/patches/security-CVE-2011-2694.patch: don't display username
    in source/web/swat.c.
  - CVE-2011-2694
* SECURITY UPDATE: cross-site request forgery in SWAT
  - debian/patches/security-CVE-2011-2522.patch: implement nonce in
    source/web/{cgi.c,statuspage.c,swat.c}.
  - CVE-2011-2522

49. By Marc Deslauriers on 2011-02-23

* SECURITY UPDATE: denial of service via missing range checks on file
  descriptors
  - debian/patches/security-CVE-2011-0719.patch: validate miscellaneous
    file descriptors.
  - CVE-2011-0719

48. By Marc Deslauriers on 2010-09-09

* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via large number of SID sub authorities
  - debian/patches/security-CVE-2010-3069.patch: limit number of SID
    sub authorities in source3/lib/util_sid.c, source/libads/ldap.c,
    source/libsmb/cliquota.c, source/smbd/nttrans.c.
  - CVE-2010-3069

47. By Kees Cook on 2010-06-14

* SECURITY UPDATE: arbitrary remote code execution.
  - debian/patches/security-CVE-2010-2063.patch: upstream fixes.

46. By Marc Deslauriers on 2010-03-18

* SECURITY UPDATE: arbitrary file disclosure via wide links
  - debian/patches/security-CVE-2010-0926.patch: disable wide links when
    UNIX extensions are enabled in source/param/loadparm.c,
    source/smbd/service.c, source/smbd/trans2.c, source/smbd/vfs.c,
    docs/htmldocs/manpages/smb.conf.5.html, docs/manpages/smb.conf.5.
  - CVE-2010-0926
* WARNING: This changes the default samba behaviour. For security
  reasons, it is no longer possible to use wide links and UNIX
  extensions at the same time. After applying this security update, wide
  links will be disabled automatically as UNIX extensions are turned on
  by default. If wide links are required, you may re-enable them by
  adding "unix extensions = no" to the [global] section of
  the /etc/samba/smb.conf configuration file.

45. By Marc Deslauriers on 2010-01-26

* SECURITY UPDATE: privilege escalation via mount.cifs race
  - debian/patches/security-CVE-2009-3297.patch: validate mount point and
    perform mount in "." to prevent race in source/client/mount.cifs.c.
  - CVE-2009-3297

44. By Marc Deslauriers on 2009-10-01

* SECURITY UPDATE: whole filesystem share via user with no home directory
  - debian/patches/security-CVE-2009-2813.patch: make sure home directory
    is set in source/param/loadparm.c, source/smbd/service.c.
  - CVE-2009-2813
* SECURITY UPDATE: credentials file disclosure and unauthorized usage via
  setuid mount.cifs
  - debian/patches/security-CVE-2009-2948.patch: don't open credentials
    file if user doesn't have permission, and don't print password when
    using verbose option in source/client/mount.cifs.c.
  - CVE-2009-2948
* SECURITY UPDATE: denial of service via unexpected oplock break
  notification reply
  - debian/patches/security-CVE-2009-2906.patch: track messages already
    processed in source/include/smb.h, source/smbd/process.c.
  - CVE-2009-2906