ubuntu/+source/samba:ubuntu/karmic-security

Last commit made on 2011-02-28
Get this branch:
git clone -b ubuntu/karmic-security https://git.launchpad.net/ubuntu/+source/samba
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/karmic-security
Repository:
lp:ubuntu/+source/samba

Recent commits

3a961f4... by Marc Deslauriers on 2011-02-23

Import patches-unapplied version 2:3.4.0-3ubuntu5.8 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 7c336b3605d9cdc423cb9412624bff00450f1dd3

New changelog entries:
  * SECURITY UPDATE: denial of service via missing range checks on file
    descriptors
    - debian/patches/security-CVE-2011-0719.patch: validate miscellaneous
      file descriptors.
    - CVE-2011-0719

7c336b3... by Marc Deslauriers on 2010-09-09

Import patches-unapplied version 2:3.4.0-3ubuntu5.7 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: b9f0d7c2a1dc728fcd55270331ddf32f69eede11

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via large number of SID sub authorities
    - debian/patches/security-CVE-2010-3069.patch: limit number of SID
      sub authorities in libcli/security/dom_sid.*, source3/lib/util_sid.c,
      source3/libads/ldap.c, source3/libsmb/cliquota.c,
      source3/smbd/nttrans.c.
    - CVE-2010-3069

b9f0d7c... by Marc Deslauriers on 2010-03-22

Import patches-unapplied version 2:3.4.0-3ubuntu5.6 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 1c703875537b13e67e926b3c1a23325f33cd6232

New changelog entries:
  * SECURITY UPDATE: arbitrary file disclosure via wide links
    - debian/patches/security-CVE-2010-0926.patch: disable wide links when
      UNIX extensions are enabled in source3/include/proto.h,
      source3/param/loadparm.c, source3/smbd/service.c,
      source3/smbd/trans2.c, source3/smbd/vfs.c,
      docs/htmldocs/manpages/smb.conf.5.html and docs/manpages/smb.conf.5.
    - CVE-2010-0926
  * WARNING: This changes the default samba behaviour. For security
    reasons, it is no longer possible to use wide links and UNIX
    extensions at the same time. After applying this security update, wide
    links will be disabled automatically as UNIX extensions are turned on
    by default. If wide links are required, you may re-enable them by
    adding "unix extensions = no" to the [global] section of
    the /etc/samba/smb.conf configuration file.

1c70387... by Chuck Short on 2010-02-05

Import patches-unapplied version 2:3.4.0-3ubuntu5.5 to ubuntu/karmic-proposed

Imported using git-ubuntu import.

Changelog parent: d13d6a5001e976419ad13226206b1f7e46dfaf3d

New changelog entries:
  * debian/patches/fix-libsmb-keepalive-packets.patch: Fix winbind authentication
    due to an invalid NTML2 signature. (LP: #479955)
    (https://bugzilla.samba.org/show_bug.cgi?id=6646)
  * debian/patches/fix-samba-point-and-print.patch: Allow automatic download
    of printer drivers from a Samba PDC (LP: #500457)
    (https://bugzilla.samba.org/show_bug.cgi?id=6568)
  * debian/patches/fix-too-many-openfiles.patch: When connecting to a Windows
    7 share users will get an error message "Too many open files are in use"
    after a certain number of files are copied. (LP: #462172 )
    (https://bugzilla.samba.org/show_bug.cgi?id=6837)
  * debian/patches/fix-win98-failed-connect.patch: Allow win98 clients to
    connect a samba server. Users will get an "Error 66" message. (LP: #502878)
    (https://bugzilla.samba.org/show_bug.cgi?id=6551)

d13d6a5... by Marc Deslauriers on 2010-01-26

Import patches-unapplied version 2:3.4.0-3ubuntu5.4 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 5f4a02b47ed57d13221de35ff5e3c2ab4a6759dd

New changelog entries:
  * SECURITY UPDATE: privilege escalation via mount.cifs race
    - debian/patches/security-CVE-2009-3297.patch: validate mount point and
      perform mount in "." to prevent race in source3/client/mount.cifs.c.
    - CVE-2009-3297

5f4a02b... by Steve Langasek on 2009-12-10

Import patches-unapplied version 2:3.4.0-3ubuntu5.3 to ubuntu/karmic-proposed

Imported using git-ubuntu import.

Changelog parent: 75d1d152d631587713aab846f5d835d3e0648f6d

New changelog entries:
  * debian/samba.if-up: allow "NetworkManager" as a recognized address
    family... it's obviously /not/ an address family, but it's what gets
    sent when using NM, so we'll cope for now.

75d1d15... by Steve Langasek on 2009-11-12

Import patches-unapplied version 2:3.4.0-3ubuntu5.2 to ubuntu/karmic-proposed

Imported using git-ubuntu import.

Changelog parent: c07565b92efbe96f02fc03470fda08f97e4f75f1

New changelog entries:
  * debian/samba.if-up, debian/rules: add an if-up.d script for samba to
    try to start nmbd, if it's not running because /etc/init.d/samba ran
    before the network was up at boot time. LP: #462169.

c07565b... by Chuck Short on 2009-10-28

Import patches-unapplied version 2:3.4.0-3ubuntu5.1 to ubuntu/karmic-proposed

Imported using git-ubuntu import.

Changelog parent: d99fff6c67eaf56b6fa6b07f8f518074451afb86

New changelog entries:
  * debian/patches/fix-smbclient-long-names.patch: Samba shares with more than 12 characters are not
    displayed. (LP: #449735)
  * debian/patches/fix-upstream-6680.patch: Fix Windows 7 computers joining a domain. Without
    this patch users will have to apply a registry hack to have their Windows 7 computers
    join a Windows Domain [http://wiki.samba.org/index.php/Windows7] (LP: #462626)

d99fff6... by Marc Deslauriers on 2009-10-01

Import patches-unapplied version 2:3.4.0-3ubuntu5 to ubuntu/karmic

Imported using git-ubuntu import.

Changelog parent: 42d0fec83949b4e4b9f628e0a055759779fd92de

New changelog entries:
  * SECURITY UPDATE: whole filesystem share via user with no home directory
    - debian/patches/security-CVE-2009-2813.patch: make sure home directory
      is set in source3/param/loadparm.c, source3/smbd/service.c.
    - CVE-2009-2813
  * SECURITY UPDATE: credentials file disclosure and unauthorized usage via
    setuid mount.cifs
    - debian/patches/security-CVE-2009-2948.patch: don't open credentials
      file if user doesn't have permission, and don't print password when
      using verbose option in source3/client/mount.cifs.c.
    - CVE-2009-2948
  * SECURITY UPDATE: denial of service via unexpected oplock break
    notification reply
    - debian/patches/security-CVE-2009-2906.patch: track messages already
      processed in source3/include/smb.h, source3/smbd/process.c.
    - CVE-2009-2906

42d0fec... by Matthias Klose on 2009-09-19

Import patches-unapplied version 2:3.4.0-3ubuntu4 to ubuntu/karmic

Imported using git-ubuntu import.

Changelog parent: 4a1fa48739ae1ef7c6bcf8d95fb8f2100247a98b

New changelog entries:
  * Build-depend on libreadline-dev instead of libreadline5-dev.