ubuntu/+source/samba:ubuntu/lucid-proposed

Last commit made on 2012-07-10
Get this branch:
git clone -b ubuntu/lucid-proposed https://git.launchpad.net/ubuntu/+source/samba
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/lucid-proposed
Repository:
lp:ubuntu/+source/samba

Recent commits

99b357b... by James Page on 2012-06-08

Import patches-unapplied version 2:3.4.7~dfsg-1ubuntu3.11 to ubuntu/lucid-proposed

Imported using git-ubuntu import.

Changelog parent: a832dd4321e27e434a6d00ae128cf31f661e1793

New changelog entries:
  * d/samba.nmbd.upstart: Ignore the return code of testparm in pre-start;
    it's used to query the configuration NOT to validate it in this context
    which generates alot of bug reports for unrelated configuration issues
    (LP: #791944).

a832dd4... by Tyler Hicks on 2012-04-24

Import patches-unapplied version 2:3.4.7~dfsg-1ubuntu3.10 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: c291df38d8a6132de68bde0356cbc6acdf08e109

New changelog entries:
  * SECURITY UPDATE: Authenticated user can take ownership of arbitrary files
    and directories
    - debian/patches/CVE-2012-2111.patch: Remove excessive permissions granted
      in account related Local Security Authority remote procedure calls.
      Based on upstream patch.
    - CVE-2012-2111

c291df3... by Tyler Hicks on 2012-04-12

Import patches-unapplied version 2:3.4.7~dfsg-1ubuntu3.9 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 6f18730c8d86ee0fcaaae4ced56d221edbf22572

New changelog entries:
  * SECURITY UPDATE: Unauthenticated remote code execution via
    RPC calls (LP: #978458)
    - debian/patches/CVE-2012-1182-1.patch: Fix PIDL compiler to generate code
      that uses the same value for array allocation and array length checks.
      Based on upstream patch.
    - debian/patches/CVE-2012-1182-2.patch: Regenerate PIDL generated files with
      the patched PIDL compiler
    - CVE-2012-1182

6f18730... by Marc Deslauriers on 2011-09-30

Import patches-unapplied version 2:3.4.7~dfsg-1ubuntu3.8 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 8a66395838c5110224ae9007bd69998af766af65

New changelog entries:
  * SECURITY UPDATE: denial of service via stale mtab lockfile
    - debian/patches/security-mask-signals.patch: mask signals while
      updating the mtab file in source3/client/mount.cifs.c.
    - CVE-2011-3585
  * SECURITY UPDATE: mtab corruption via resource limits
    - debian/patches/CVE-2011-1678.patch: truncate mtab file if updating it
      failed in source3/client/{mount.cifs.c,mount.h,mtab.c}.
    - CVE-2011-1678
  * SECURITY UPDATE: mtab corruption via incorrect new line check
    - debian/patches/CVE-2011-2724.patch: check proper return codes in
      source3/client/mount.cifs.c.
    - CVE-2011-2724

8a66395... by Marc Deslauriers on 2011-07-28

Import patches-unapplied version 2:3.4.7~dfsg-1ubuntu3.7 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 925c9c3eb63ae61d7bf807d3af19a9a134b72f68

New changelog entries:
  * SECURITY UPDATE: cross-site scripting in SWAT
    - debian/patches/CVE-2011-2694.patch: don't display username in
      source3/web/swat.c.
    - CVE-2011-2694
  * SECURITY UPDATE: cross-site request forgery in SWAT
    - debian/patches/CVE-2011-2522.patch: implement nonce in
      source3/web/{cgi.c,statuspage.c,swat.c,swat_proto.h}.
    - CVE-2011-2522

925c9c3... by Chuck Short on 2011-04-13

Import patches-unapplied version 2:3.4.7~dfsg-1ubuntu3.6 to ubuntu/lucid-proposed

Imported using git-ubuntu import.

Changelog parent: 9cb7e22c6268cff21527ee0764f03f61d76ef7d1

New changelog entries:
  * debian/patches/backport-lp558793.patch: Fixes net ads dns register
    failing with Windows 2008 R2 domain. Backported from
    v3-4-stable tree (aaf6e34115c2bece85d0dc4f11951b38e9d77637
    and 0e1aec461ed69c82987cf86e6b1beb6862cc0fb4). (LP: #558793)
  * debian/patches/backport-lp736757.patch: Fix regression introduced
    by previous SRU bug fix. Backported from the v3-4-stable tree
    (995e7e500327e662b7ef2b37c83c92e75f2360bf) (LP: #736757)

9cb7e22... by Stefano Rivera on 2011-03-02

Import patches-unapplied version 2:3.4.7~dfsg-1ubuntu3.5 to ubuntu/lucid-proposed

Imported using git-ubuntu import.

Changelog parent: a1d827760afe1e217855137faf0037cf81a4a93a

New changelog entries:
  * debian/patches/ntlm-auth-lp623342.patch: ntlm_auth returns an invalid
    response key. (LP: #623342) Patch taken from upstream
    (https://bugzilla.samba.org/show_bug.cgi?id=7568)

a1d8277... by Marc Deslauriers on 2011-02-23

Import patches-unapplied version 2:3.4.7~dfsg-1ubuntu3.4 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 4acffe3a25192bbcc7b18165af32305b18c179e3

New changelog entries:
  * SECURITY UPDATE: denial of service via missing range checks on file
    descriptors
    - debian/patches/security-CVE-2011-0719.patch: validate miscellaneous
      file descriptors.
    - CVE-2011-0719

4acffe3... by PhobosK on 2010-01-16

Import patches-unapplied version 2:3.4.7~dfsg-1ubuntu3.3 to ubuntu/lucid-proposed

Imported using git-ubuntu import.

Changelog parent: cc91d5d5dd5c76b2fd137b344f0a12ed2283275a

New changelog entries:
  * debian/patches/spnego-auth-win7.patch: SPNEGO auth fails when contacting Win7
    system using Microsoft Live Sign-in Assistant. (LP: #458637). Patch taken
    from upstream (https://bugzilla.samba.org/show_bug.cgi?id=7577)

cc91d5d... by Marc Deslauriers on 2010-09-09

Import patches-unapplied version 2:3.4.7~dfsg-1ubuntu3.2 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: a01348f079e3a87a81b53efc54749c7da5eadc06

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via large number of SID sub authorities
    - debian/patches/security-CVE-2010-3069.patch: limit number of SID
      sub authorities in libcli/security/dom_sid.*, source3/lib/util_sid.c,
      source3/libads/ldap.c, source3/libsmb/cliquota.c,
      source3/smbd/nttrans.c.
    - CVE-2010-3069