ubuntu/+source/samba:applied/ubuntu/hardy-security

Last commit made on 2012-04-12
Get this branch:
git clone -b applied/ubuntu/hardy-security https://git.launchpad.net/ubuntu/+source/samba
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/hardy-security
Repository:
lp:ubuntu/+source/samba

Recent commits

cc75d5d... by Tyler Hicks on 2012-04-12

Import patches-applied version 3.0.28a-1ubuntu4.18 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 9ff4d6454c960c7ab3fcdbccb10d9e8679c783fe
Unapplied parent: 57452de24f16d92618e8fdc064b9fa795b82b4d4

New changelog entries:
  [ Steve Beattie ]
  * SECURITY UPDATE: unauthenticated remote code execution via
    RPC calls (LP: #978458)
    - debian/patches/security-CVE-2012-1182.patch: make variable length
      check be consistent with memory allocation size computation.
    - CVE-2012-1182

57452de... by Tyler Hicks on 2012-04-12

Import patches-unapplied version 3.0.28a-1ubuntu4.18 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 337fdd5d06d02f9e91545a4949f5a72c15517f64

New changelog entries:
  [ Steve Beattie ]
  * SECURITY UPDATE: unauthenticated remote code execution via
    RPC calls (LP: #978458)
    - debian/patches/security-CVE-2012-1182.patch: make variable length
      check be consistent with memory allocation size computation.
    - CVE-2012-1182

9ff4d64... by Marc Deslauriers on 2012-02-24

Import patches-applied version 3.0.28a-1ubuntu4.17 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 331e75cb4b85cf4a5cb6e6b0f040d80db22399c0
Unapplied parent: 337fdd5d06d02f9e91545a4949f5a72c15517f64

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via AndX requests
    - debian/patches/security-CVE-2012-0870.patch: perform additional
      sanity checks in source/smbd/process.c.
    - CVE-2012-0870

337fdd5... by Marc Deslauriers on 2012-02-24

Import patches-unapplied version 3.0.28a-1ubuntu4.17 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 425016ddb03b680382170b4afc0e0c27b06e7c4f

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via AndX requests
    - debian/patches/security-CVE-2012-0870.patch: perform additional
      sanity checks in source/smbd/process.c.
    - CVE-2012-0870

331e75c... by Marc Deslauriers on 2011-09-30

Import patches-applied version 3.0.28a-1ubuntu4.16 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 59651dc6ea14f6af31f60f1bd26e4428ac4f2ddb
Unapplied parent: 425016ddb03b680382170b4afc0e0c27b06e7c4f

New changelog entries:
  * Improve mtab locking support to prevent mtab corruption
    - debian/patches/security-mtab-locking.patch: backport mtab locking
      logic from newer releases in source/client/{mount.cifs.c,mount.h,
      mtab.c,umount.cifs.c}, source/Makefile.in.
  * SECURITY UPDATE: denial of service via stale mtab lockfile
    - debian/patches/security-mask-signals.patch: mask signals while
      updating the mtab file in source/client/mount.cifs.c.
    - CVE-2011-3585
  * SECURITY UPDATE: mtab corruption via resource limits
    - debian/patches/CVE-2011-1678.patch: truncate mtab file if updating it
      failed in source/client/{mount.cifs.c,mount.h,mtab.c}.
    - CVE-2011-1678

425016d... by Marc Deslauriers on 2011-09-30

Import patches-unapplied version 3.0.28a-1ubuntu4.16 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 1ad0e9279145ae38ff7feced1c2ab00cc467f17c

New changelog entries:
  * Improve mtab locking support to prevent mtab corruption
    - debian/patches/security-mtab-locking.patch: backport mtab locking
      logic from newer releases in source/client/{mount.cifs.c,mount.h,
      mtab.c,umount.cifs.c}, source/Makefile.in.
  * SECURITY UPDATE: denial of service via stale mtab lockfile
    - debian/patches/security-mask-signals.patch: mask signals while
      updating the mtab file in source/client/mount.cifs.c.
    - CVE-2011-3585
  * SECURITY UPDATE: mtab corruption via resource limits
    - debian/patches/CVE-2011-1678.patch: truncate mtab file if updating it
      failed in source/client/{mount.cifs.c,mount.h,mtab.c}.
    - CVE-2011-1678

59651dc... by Marc Deslauriers on 2011-07-28

Import patches-applied version 3.0.28a-1ubuntu4.15 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 898ff10d16e36238c12729223b9b20f3a1e11ec7
Unapplied parent: 1ad0e9279145ae38ff7feced1c2ab00cc467f17c

New changelog entries:
  * SECURITY UPDATE: cross-site scripting in SWAT
    - debian/patches/security-CVE-2011-2694.patch: don't display username
      in source/web/swat.c.
    - CVE-2011-2694
  * SECURITY UPDATE: cross-site request forgery in SWAT
    - debian/patches/security-CVE-2011-2522.patch: implement nonce in
      source/web/{cgi.c,statuspage.c,swat.c}.
    - CVE-2011-2522

1ad0e92... by Marc Deslauriers on 2011-07-28

Import patches-unapplied version 3.0.28a-1ubuntu4.15 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 2a74d4bc48b810d0da48c117b99bfe1ff3964b7e

New changelog entries:
  * SECURITY UPDATE: cross-site scripting in SWAT
    - debian/patches/security-CVE-2011-2694.patch: don't display username
      in source/web/swat.c.
    - CVE-2011-2694
  * SECURITY UPDATE: cross-site request forgery in SWAT
    - debian/patches/security-CVE-2011-2522.patch: implement nonce in
      source/web/{cgi.c,statuspage.c,swat.c}.
    - CVE-2011-2522

898ff10... by Marc Deslauriers on 2011-02-23

Import patches-applied version 3.0.28a-1ubuntu4.14 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: f5d3049451187928e5abb017e3aa1a9152e1ac42
Unapplied parent: 2a74d4bc48b810d0da48c117b99bfe1ff3964b7e

New changelog entries:
  * SECURITY UPDATE: denial of service via missing range checks on file
    descriptors
    - debian/patches/security-CVE-2011-0719.patch: validate miscellaneous
      file descriptors.
    - CVE-2011-0719

2a74d4b... by Marc Deslauriers on 2011-02-23

Import patches-unapplied version 3.0.28a-1ubuntu4.14 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: d352750991c43761365314daf6560046f6785016

New changelog entries:
  * SECURITY UPDATE: denial of service via missing range checks on file
    descriptors
    - debian/patches/security-CVE-2011-0719.patch: validate miscellaneous
      file descriptors.
    - CVE-2011-0719