ubuntu/+source/samba:ubuntu/disco-devel

Last commit made on 2019-06-19
Get this branch:
git clone -b ubuntu/disco-devel https://git.launchpad.net/ubuntu/+source/samba
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/disco-devel
Repository:
lp:ubuntu/+source/samba

Recent commits

fe7bb34... by Marc Deslauriers on 2019-06-12

Import patches-unapplied version 2:4.10.0+dfsg-0ubuntu2.2 to ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 697e44a97b8e2004e51da138ded60ff2f1d7da1d

New changelog entries:
  * SECURITY UPDATE: zone operations can crash rpc server
    - debian/patches/CVE-2019-12435-1.patch: avoid NULL deference if zone
      not found in DnssrvOperation in
      python/samba/tests/dcerpc/dnsserver.py,
      source4/rpc_server/dnsserver/dcerpc_dnsserver.c.
    - debian/patches/CVE-2019-12435-2.patch: avoid NULL deference if zone
      not found in DnssrvOperation2 in
      python/samba/tests/dcerpc/dnsserver.py,
      source4/rpc_server/dnsserver/dcerpc_dnsserver.c.
    - CVE-2019-12435
  * SECURITY UPDATE: paged_searches crash on LDAP and homes access
    - debian/patches/CVE-2019-12436.patch: ignore successful results
      without messages in source4/dsdb/samdb/ldb_modules/paged_results.c,
      source4/dsdb/tests/python/vlv.py.
    - CVE-2019-12436

697e44a... by Marc Deslauriers on 2019-05-08

Import patches-unapplied version 2:4.10.0+dfsg-0ubuntu2.1 to ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: df5e6bff4ebb6621c3c251b40433471b40b4f451

New changelog entries:
  * SECURITY UPDATE: Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum
    - debian/patches/CVE-2018-16860-1.patch: add test for S4U2Self with
      unkeyed checksum in selftest/knownfail.d/mitm-s4u2self,
      source4/torture/krb5/kdc-canon-heimdal.c.
    - debian/patches/CVE-2018-16860-2.patch: reject PA-S4U2Self with
      unkeyed checksum in selftest/knownfail.d/mitm-s4u2self,
      source4/heimdal/kdc/krb5tgs.c.
    - CVE-2018-16860

df5e6bf... by Marc Deslauriers on 2019-04-08

Import patches-unapplied version 2:4.10.0+dfsg-0ubuntu2 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: d22a1d10b16545b0efecad4440f404eff07e079b

New changelog entries:
  * SECURITY UPDATE: world writable files in Samba AD DC private/ dir
    - debian/patches/CVE-2019-3870-1.patch: extend smbd tests to check for
      umask being overwritten in python/samba/tests/ntacls_backup.py,
      python/samba/tests/posixacl.py, python/samba/tests/smbd_base.py,
      selftest/knownfail.d/umask-leak.
    - debian/patches/CVE-2019-3870-2.patch: add test to check
      file-permissions are correct after provision in
      selftest/knownfail.d/provision_fileperms, source4/selftest/tests.py,
      source4/setup/tests/provision_fileperms.sh.
    - debian/patches/CVE-2019-3870-3.patch: include tests to show the
      outside umask has no impact in python/samba/tests/ntacls_backup.py,
      python/samba/tests/smbd_base.py, selftest/knownfail.d/pymkdir-umask.
    - debian/patches/CVE-2019-3870-4.patch: move umask manipuations as
      close as possible to users in source3/smbd/pysmbd.c,
      selftest/knownfail.d/provision_fileperms,
      selftest/knownfail.d/umask-leak.
    - debian/patches/CVE-2019-3870-5.patch: ensure a zero umask is set for
      smbd.mkdir() in selftest/knownfail.d/pymkdir-umask,
      source3/smbd/pysmbd.c.
    - CVE-2019-3870
  * SECURITY UPDATE: save registry file outside share as unprivileged user
    - debian/patches/CVE-2019-3880.patch: remove implementations of
      SaveKey/RestoreKey in source3/rpc_server/winreg/srv_winreg_nt.c.
    - CVE-2019-3880

d22a1d1... by Andreas Hasenack on 2019-03-21

Import patches-unapplied version 2:4.10.0+dfsg-0ubuntu1 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Upload parent: e4451cb3f15e85f7afc6fcf878451a046655dc82

e4451cb... by Andreas Hasenack on 2019-03-21

changelog

4c47685... by Andreas Hasenack on 2019-03-21

  * d/p/dlz_bind_zone_update.patch: make b9_has_soa check dc=@ node. Thanks to
    Michael Saxl <email address hidden>. (LP: #1820846)

92a5b21... by Andreas Hasenack on 2019-03-19

    - d/samba-libs.install: bump passdb minor to 0.27.2

d4ed7c3... by Andreas Hasenack on 2019-03-19

    - d/control: update cmocka build-depends to >= 1.1.3

b7644c0... by Andreas Hasenack on 2019-03-19

    - d/gbp.conf, d/watch, r/README.source: updated for 4.10

234b310... by Andreas Hasenack on 2019-03-19

  * New upstream version: 4.10.0