ubuntu/+source/samba:ubuntu/lucid-devel

Last commit made on 2014-06-26
Get this branch:
git clone -b ubuntu/lucid-devel https://git.launchpad.net/ubuntu/+source/samba
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/lucid-devel
Repository:
lp:ubuntu/+source/samba

Recent commits

5b7ee0b... by Marc Deslauriers on 2014-06-23

Import patches-unapplied version 2:3.4.7~dfsg-1ubuntu3.15 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 424eaa95425711d3ed5d30e65eb699123bf9e77c

New changelog entries:
  * SECURITY UPDATE: denial of service via bad unicode conversion
    - debian/patches/CVE-2014-3493.patch: refactor code in
      source3/lib/charcnv.c, change return code checks in
      source3/libsmb/clirap.c, source3/smbd/lanman.c.
    - CVE-2014-3493

424eaa9... by Marc Deslauriers on 2014-03-17

Import patches-unapplied version 2:3.4.7~dfsg-1ubuntu3.14 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: aa84bc96fd0a8f19457a98a8dfcb009fe1d3ae1c

New changelog entries:
  * SECURITY UPDATE: Password lockout not enforced for SAMR password
    changes
    - debian/patches/CVE-2013-4496.patch: refactor password lockout code in
      source3/auth/auth_sam.c,
      source3/rpc_server/srv_samr_nt.c,
      source3/smbd/chgpasswd.c,
      source3/smbd/lanman.c,
      source4/rpc_server/samr/samr_password.c,
      source4/torture/rpc/samr.c.
    - CVE-2013-4496

aa84bc9... by Marc Deslauriers on 2013-12-09

Import patches-unapplied version 2:3.4.7~dfsg-1ubuntu3.13 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 2f97cdbbb7ea9051a0ceb338bf09bcba7b2c89f4

New changelog entries:
  * SECURITY UPDATE: file restrictions bypass via alternate data streams
    - debian/patches/CVE-2013-4475.patch: properly check base file access
      in source3/smbd/open.c.
    - CVE-2013-4475
  * SECURITY UPDATE: pam_winbind access restriction bypass via invalid
    group names
    - debian/patches/CVE-2012-6150.patch: ensure valid groups in
      nsswitch/pam_winbind.c.
    - CVE-2012-6150
  * SECURITY UPDATE: arbitrary code execution via incorrect DCE-RPC
    fragment length field checking
    - debian/patches/CVE-2013-4408.patch: apply massive upstream fix to
      lib/async_req/async_sock.c, libcli/util/ntstatus.h,
      source3/lib/netapi/{group,localgroup,user}.c,
      source3/libnet/libnet_join.c, source3/libsmb/nterr.c,
      source3/rpc_client/{cli_lsarpc,cli_pipe}.c,
      source3/rpc_server/{srv_pipe,srv_pipe_hnd}.c,
      source3/rpcclient/cmd_samr.c, source3/smbd/lanman.c,
      source3/utils/{net_rpc,net_rpc_join}.c,
      source3/winbindd/winbindd_rpc.c,
      source4/libcli/util/{clilsa,nterr}.c,
      source4/libnet/{groupinfo,groupman,libnet_join,libnet_lookup,
      libnet_passwd,userinfo,userman}.c,
      source4/librpc/rpc/{dcerpc,dcerpc_smb,dcerpc_smb2,dcerpc_sock}.c,
      source4/winbind/wb_async_helpers.c.
    - CVE-2013-4408

2f97cdb... by Marc Deslauriers on 2013-09-24

Import patches-unapplied version 2:3.4.7~dfsg-1ubuntu3.12 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: a832dd4321e27e434a6d00ae128cf31f661e1793

New changelog entries:
  * SECURITY UPDATE: denial of service via integer wrap in EA list reading
    - debian/patches/CVE-2013-4124.patch: check offsets in
      source3/smbd/nttrans.c.
    - CVE-2013-4124
  * This packages does _not_ contain the changes from 2:3.4.7~dfsg-1ubuntu3.11
    in lucid-proposed.

a832dd4... by Tyler Hicks on 2012-04-24

Import patches-unapplied version 2:3.4.7~dfsg-1ubuntu3.10 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: c291df38d8a6132de68bde0356cbc6acdf08e109

New changelog entries:
  * SECURITY UPDATE: Authenticated user can take ownership of arbitrary files
    and directories
    - debian/patches/CVE-2012-2111.patch: Remove excessive permissions granted
      in account related Local Security Authority remote procedure calls.
      Based on upstream patch.
    - CVE-2012-2111

c291df3... by Tyler Hicks on 2012-04-12

Import patches-unapplied version 2:3.4.7~dfsg-1ubuntu3.9 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 6f18730c8d86ee0fcaaae4ced56d221edbf22572

New changelog entries:
  * SECURITY UPDATE: Unauthenticated remote code execution via
    RPC calls (LP: #978458)
    - debian/patches/CVE-2012-1182-1.patch: Fix PIDL compiler to generate code
      that uses the same value for array allocation and array length checks.
      Based on upstream patch.
    - debian/patches/CVE-2012-1182-2.patch: Regenerate PIDL generated files with
      the patched PIDL compiler
    - CVE-2012-1182

6f18730... by Marc Deslauriers on 2011-09-30

Import patches-unapplied version 2:3.4.7~dfsg-1ubuntu3.8 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 8a66395838c5110224ae9007bd69998af766af65

New changelog entries:
  * SECURITY UPDATE: denial of service via stale mtab lockfile
    - debian/patches/security-mask-signals.patch: mask signals while
      updating the mtab file in source3/client/mount.cifs.c.
    - CVE-2011-3585
  * SECURITY UPDATE: mtab corruption via resource limits
    - debian/patches/CVE-2011-1678.patch: truncate mtab file if updating it
      failed in source3/client/{mount.cifs.c,mount.h,mtab.c}.
    - CVE-2011-1678
  * SECURITY UPDATE: mtab corruption via incorrect new line check
    - debian/patches/CVE-2011-2724.patch: check proper return codes in
      source3/client/mount.cifs.c.
    - CVE-2011-2724

8a66395... by Marc Deslauriers on 2011-07-28

Import patches-unapplied version 2:3.4.7~dfsg-1ubuntu3.7 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 925c9c3eb63ae61d7bf807d3af19a9a134b72f68

New changelog entries:
  * SECURITY UPDATE: cross-site scripting in SWAT
    - debian/patches/CVE-2011-2694.patch: don't display username in
      source3/web/swat.c.
    - CVE-2011-2694
  * SECURITY UPDATE: cross-site request forgery in SWAT
    - debian/patches/CVE-2011-2522.patch: implement nonce in
      source3/web/{cgi.c,statuspage.c,swat.c,swat_proto.h}.
    - CVE-2011-2522

925c9c3... by Chuck Short on 2011-04-13

Import patches-unapplied version 2:3.4.7~dfsg-1ubuntu3.6 to ubuntu/lucid-proposed

Imported using git-ubuntu import.

Changelog parent: 9cb7e22c6268cff21527ee0764f03f61d76ef7d1

New changelog entries:
  * debian/patches/backport-lp558793.patch: Fixes net ads dns register
    failing with Windows 2008 R2 domain. Backported from
    v3-4-stable tree (aaf6e34115c2bece85d0dc4f11951b38e9d77637
    and 0e1aec461ed69c82987cf86e6b1beb6862cc0fb4). (LP: #558793)
  * debian/patches/backport-lp736757.patch: Fix regression introduced
    by previous SRU bug fix. Backported from the v3-4-stable tree
    (995e7e500327e662b7ef2b37c83c92e75f2360bf) (LP: #736757)

9cb7e22... by Stefano Rivera on 2011-03-02

Import patches-unapplied version 2:3.4.7~dfsg-1ubuntu3.5 to ubuntu/lucid-proposed

Imported using git-ubuntu import.

Changelog parent: a1d827760afe1e217855137faf0037cf81a4a93a

New changelog entries:
  * debian/patches/ntlm-auth-lp623342.patch: ntlm_auth returns an invalid
    response key. (LP: #623342) Patch taken from upstream
    (https://bugzilla.samba.org/show_bug.cgi?id=7568)