ubuntu/+source/samba:ubuntu/dapper-devel

Last commit made on 2011-02-28
Get this branch:
git clone -b ubuntu/dapper-devel https://git.launchpad.net/ubuntu/+source/samba
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/dapper-devel
Repository:
lp:ubuntu/+source/samba

Recent commits

683aba1... by Marc Deslauriers on 2011-02-24

Import patches-unapplied version 3.0.22-1ubuntu3.14 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 4914c5bfbdb00285dbd849597ec387beafc660f4

New changelog entries:
  * SECURITY UPDATE: denial of service via missing range checks on file
    descriptors
    - debian/patches/security-CVE-2011-0719.patch: validate miscellaneous
      file descriptors.
    - CVE-2011-0719

4914c5b... by Marc Deslauriers on 2010-09-09

Import patches-unapplied version 3.0.22-1ubuntu3.13 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: b7f5693e970cdf1ec40d4d350da370e2e8cba23b

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via large number of SID sub authorities
    - debian/patches/security-CVE-2010-3069.patch: limit number of SID
      sub authorities in source3/lib/util_sid.c, source/libads/ldap.c,
      source/libsmb/cliquota.c, source/smbd/nttrans.c.
    - CVE-2010-3069

b7f5693... by Kees Cook on 2010-06-15

Import patches-unapplied version 3.0.22-1ubuntu3.12 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 3da2e5600cffefe0e3ce305830469df0bda3b785

New changelog entries:
  * SECURITY UPDATE: arbitrary remote code execution.
    - debian/patches/security-CVE-2010-2063.patch: upstream fixes.

3da2e56... by Marc Deslauriers on 2010-03-18

Import patches-unapplied version 3.0.22-1ubuntu3.11 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: ad115aee9f4a0eab4c79a2bc4ba316746a5e6017

New changelog entries:
  * SECURITY UPDATE: arbitrary file disclosure via wide links
    - debian/patches/security-CVE-2010-0926.patch: disable wide links when
      UNIX extensions are enabled in source/param/loadparm.c,
      source/smbd/service.c, source/smbd/trans2.c, source/smbd/vfs.c,
      docs/htmldocs/manpages/smb.conf.5.html, docs/manpages/smb.conf.5.
    - CVE-2010-0926
  * WARNING: This changes the default samba behaviour. For security
    reasons, it is no longer possible to use wide links and UNIX
    extensions at the same time. After applying this security update, wide
    links will be disabled automatically as UNIX extensions are turned on
    by default. If wide links are required, you may re-enable them by
    adding "unix extensions = no" to the [global] section of
    the /etc/samba/smb.conf configuration file.

ad115ae... by Marc Deslauriers on 2010-01-26

Import patches-unapplied version 3.0.22-1ubuntu3.10 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 5299366592a843c9fdc05f7040011cbf945f21de

New changelog entries:
  * SECURITY UPDATE: privilege escalation via mount.cifs race
    - debian/patches/security-CVE-2009-3297.patch: validate mount point and
      perform mount in "." to prevent race in source/client/mount.cifs.c.
    - CVE-2009-3297

5299366... by Marc Deslauriers on 2009-10-01

Import patches-unapplied version 3.0.22-1ubuntu3.9 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: cdf39248e34ed63b8202434d56cd8b5f0c98fa2a

New changelog entries:
  * SECURITY UPDATE: whole filesystem share via user with no home directory
    - debian/patches/security-CVE-2009-2813.patch: make sure home directory
      is set in source/param/loadparm.c, source/smbd/service.c.
    - CVE-2009-2813
  * SECURITY UPDATE: credentials file disclosure and unauthorized usage via
    setuid mount.cifs
    - debian/patches/security-CVE-2009-2948.patch: don't open credentials
      file if user doesn't have permission, and don't print password when
      using verbose option in source/client/mount.cifs.c.
    - CVE-2009-2948
  * SECURITY UPDATE: denial of service via unexpected oplock break
    notification reply
    - debian/patches/security-CVE-2009-2906.patch: track messages already
      processed in source/include/smb.h, source/smbd/process.c.
    - CVE-2009-2906

cdf3924... by Jamie Strandboge on 2008-06-28

Import patches-unapplied version 3.0.22-1ubuntu3.8 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 6ea91c3b9f461defa0ec49b04490b3602a6d2ced

New changelog entries:
  * RELIABILITY UPDATE: the patch for CVE-2008-1105 introduced a regression
    with certain client and server interactions with large file sizes.
  * debian/patches/security-CVE-2008-1105_pt2.patch: adjust cli_negprot()
    to properly calculate buffer sizes
  * References
    LP: #241448
    https://bugzilla.samba.org/show_bug.cgi?id=5517

6ea91c3... by Jamie Strandboge on 2008-06-16

Import patches-unapplied version 3.0.22-1ubuntu3.7 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 45723d03a46ed3625934bf535c1c1a7e6ce1638d

New changelog entries:
  * SECURITY UPDATE: heap overflow when processing crafted SMB responses
  * debian/patches/security-CVE-2008-1105.patch: update util_sock.c to require
    specifying the buffer size and update client.c, smbctool.c, smbfilter.c,
    and process.c for these changes
  * SECURITY UPDATE: buffer overrun in nmbd when processing crafted GETDC
    mailslot requests
  * debian/patches/security_CVE-2007-4572.patch: check return values and
    sizeof strings in charcnv.c, ntlmssp_parse.c, nmbd_processlogon.c.
    Backport regression fixes from upstream.
  * References:
    CVE-2008-1105
    CVE-2007-4572
    LP: #235912

45723d0... by Kees Cook on 2007-12-15

Import patches-unapplied version 3.0.22-1ubuntu3.6 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: b838551afad6ee91d82d4c11e8bce346cb8074bb

New changelog entries:
  * SECURITY UPDATE: remote code execution via GETDC mailslot request.
  * Add security-CVE-2007-6015.patch: thanks to Steve Langasek.
  * References
    CVE-2007-6015

b838551... by Jamie Strandboge on 2007-11-16

Import patches-unapplied version 3.0.22-1ubuntu3.5 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: c28652852964757b756d552d28705acf63448700

New changelog entries:
  * removed debian/patches/security_CVE-2007-4572.patch as it
    caused regressions. This is believed to be a non-exploitable
    DoS, but will provide updated packages when a suitable fix
    is found.
  * References:
    LP #163042
    LP #163116
    https://bugzilla.samba.org/show_bug.cgi?id=5087