ubuntu/+source/samba:applied/ubuntu/feisty-security

Last commit made on 2008-06-30
Get this branch:
git clone -b applied/ubuntu/feisty-security https://git.launchpad.net/ubuntu/+source/samba
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/feisty-security
Repository:
lp:ubuntu/+source/samba

Recent commits

5f35564... by Jamie Strandboge on 2008-06-28

Import patches-applied version 3.0.24-2ubuntu1.7 to applied/ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: 21a27727987d9728bf224c2adb377edde8619ace
Unapplied parent: d864ce69c9ac8f1741eee3817b472b1090a53df4

New changelog entries:
  * RELIABILITY UPDATE: the patch for CVE-2008-1105 introduced a regression
    with certain client and server interactions with large file sizes.
  * debian/patches/security-CVE-2008-1105_pt2.patch: adjust cli_negprot()
    to properly calculate buffer sizes
  * References
    LP: #241448
    https://bugzilla.samba.org/show_bug.cgi?id=5517

d864ce6... by Jamie Strandboge on 2008-06-28

Import patches-unapplied version 3.0.24-2ubuntu1.7 to ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: 97f19d56d685eb13a5dfa4efce964e75399839ed

New changelog entries:
  * RELIABILITY UPDATE: the patch for CVE-2008-1105 introduced a regression
    with certain client and server interactions with large file sizes.
  * debian/patches/security-CVE-2008-1105_pt2.patch: adjust cli_negprot()
    to properly calculate buffer sizes
  * References
    LP: #241448
    https://bugzilla.samba.org/show_bug.cgi?id=5517

21a2772... by Jamie Strandboge on 2008-06-16

Import patches-applied version 3.0.24-2ubuntu1.6 to applied/ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: fa88b9abba871d8275b1823539fdf6f6c45b32e1
Unapplied parent: 97f19d56d685eb13a5dfa4efce964e75399839ed

New changelog entries:
  * SECURITY UPDATE: heap overflow when processing crafted SMB responses
  * debian/patches/security-CVE-2008-1105.patch: update util_sock.c to require
    specifying the buffer size and update client.c, smbctool.c, smbfilter.c,
    and process.c for these changes
  * SECURITY UPDATE: buffer overrun in nmbd when processing crafted GETDC
    mailslot requests
  * debian/patches/security_CVE-2007-4572.patch: check return values and
    sizeof strings in charcnv.c, ntlmssp_parse.c, nmbd_processlogon.c.
    Backport regression fixes from upstream.
  * References:
    CVE-2008-1105
    CVE-2007-4572
    LP: #235912

97f19d5... by Jamie Strandboge on 2008-06-16

Import patches-unapplied version 3.0.24-2ubuntu1.6 to ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: 3abbb304fa1f9e186e6e8fda7068da8edb755408

New changelog entries:
  * SECURITY UPDATE: heap overflow when processing crafted SMB responses
  * debian/patches/security-CVE-2008-1105.patch: update util_sock.c to require
    specifying the buffer size and update client.c, smbctool.c, smbfilter.c,
    and process.c for these changes
  * SECURITY UPDATE: buffer overrun in nmbd when processing crafted GETDC
    mailslot requests
  * debian/patches/security_CVE-2007-4572.patch: check return values and
    sizeof strings in charcnv.c, ntlmssp_parse.c, nmbd_processlogon.c.
    Backport regression fixes from upstream.
  * References:
    CVE-2008-1105
    CVE-2007-4572
    LP: #235912

fa88b9a... by Kees Cook on 2007-12-15

Import patches-applied version 3.0.24-2ubuntu1.5 to applied/ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: a1d96b0cbbabe9f8d8ebe687bf8ace77a19b5780
Unapplied parent: 3abbb304fa1f9e186e6e8fda7068da8edb755408

New changelog entries:
  * SECURITY UPDATE: remote code execution via GETDC mailslot request.
  * Add security-CVE-2007-6015.patch: thanks to Steve Langasek.
  * References
    CVE-2007-6015

3abbb30... by Kees Cook on 2007-12-15

Import patches-unapplied version 3.0.24-2ubuntu1.5 to ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: fd89b5115f5e429fe7b0f75f98f9274fe4b5e08f

New changelog entries:
  * SECURITY UPDATE: remote code execution via GETDC mailslot request.
  * Add security-CVE-2007-6015.patch: thanks to Steve Langasek.
  * References
    CVE-2007-6015

a1d96b0... by Jamie Strandboge on 2007-11-16

Import patches-applied version 3.0.24-2ubuntu1.4 to applied/ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: 0323874040ba6c9db5848c9e711d3ca860ffd48b
Unapplied parent: fd89b5115f5e429fe7b0f75f98f9274fe4b5e08f

New changelog entries:
  * removed debian/patches/security_CVE-2007-4572.patch as it
    caused regressions. This is believed to be a non-exploitable
    DoS, but will provide updated packages when a suitable fix
    is found.
  * References:
    LP #163042
    LP #163116
    https://bugzilla.samba.org/show_bug.cgi?id=5087

fd89b51... by Jamie Strandboge on 2007-11-16

Import patches-unapplied version 3.0.24-2ubuntu1.4 to ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: e5834638e6f75391caf8148d0b35415b3c8008ef

New changelog entries:
  * removed debian/patches/security_CVE-2007-4572.patch as it
    caused regressions. This is believed to be a non-exploitable
    DoS, but will provide updated packages when a suitable fix
    is found.
  * References:
    LP #163042
    LP #163116
    https://bugzilla.samba.org/show_bug.cgi?id=5087

0323874... by Jamie Strandboge on 2007-11-14

Import patches-applied version 3.0.24-2ubuntu1.3 to applied/ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: e420289eadd6cc41a6e9b094fd0cbd1827d2e481
Unapplied parent: e5834638e6f75391caf8148d0b35415b3c8008ef

New changelog entries:
  * SECURITY UPDATE: buffer overrun in nmbd when processing crafted GETDC
    mailslot requests
  * debian/patches/security_CVE-2007-4572.patch: check return values and
    sizeof strings in charcnv.c, ntlmssp_parse.c, nmbd_processlogon.c
  * SECURITY UPDATE: arbitrary code execution in nmbd when configured as
    a WINS server when processing name registration and name query requests
  * debian/patches/security_CVE-2007-5398.patch: properly check len in
    nmbd_packets.c
  * References
    CVE-2007-4572
    CVE-2007-5398

e583463... by Jamie Strandboge on 2007-11-14

Import patches-unapplied version 3.0.24-2ubuntu1.3 to ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: 50a3e33b34902cbca0521b2aafb987aff20875a8

New changelog entries:
  * SECURITY UPDATE: buffer overrun in nmbd when processing crafted GETDC
    mailslot requests
  * debian/patches/security_CVE-2007-4572.patch: check return values and
    sizeof strings in charcnv.c, ntlmssp_parse.c, nmbd_processlogon.c
  * SECURITY UPDATE: arbitrary code execution in nmbd when configured as
    a WINS server when processing name registration and name query requests
  * debian/patches/security_CVE-2007-5398.patch: properly check len in
    nmbd_packets.c
  * References
    CVE-2007-4572
    CVE-2007-5398