ubuntu/+source/samba:ubuntu/saucy-updates

Last commit made on 2014-06-26
Get this branch:
git clone -b ubuntu/saucy-updates https://git.launchpad.net/ubuntu/+source/samba
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/saucy-updates
Repository:
lp:ubuntu/+source/samba

Recent commits

b6178cf... by Marc Deslauriers on 2014-06-23

Import patches-unapplied version 2:3.6.18-1ubuntu3.3 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: ad629032b5d1cc7a5b90c3bb013a4511eb2b56f3

New changelog entries:
  * SECURITY UPDATE: info leak via SRV_SNAPSHOT_ARRAY response field
    - debian/patches/CVE-2014-0178.patch: don't return uninitialized data
      and extra bytes in source3/smbd/nttrans.c.
    - CVE-2014-0178
  * SECURITY UPDATE: denial of service on nmbd malformed packet
    - debian/patches/CVE-2014-0244.patch: return on EWOULDBLOCK/EAGAIN in
      source3/lib/system.c.
    - CVE-2014-0244
  * SECURITY UPDATE: denial of service via bad unicode conversion
    - debian/patches/CVE-2014-3493.patch: refactor code in
      source3/lib/charcnv.c, change return code checks in
      source3/libsmb/clirap.c, source3/smbd/lanman.c.
    - CVE-2014-3493

ad62903... by Marc Deslauriers on 2014-03-17

Import patches-unapplied version 2:3.6.18-1ubuntu3.2 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 49284b974e02c108b29784ed3a4c285685f50faa

New changelog entries:
  * SECURITY UPDATE: Password lockout not enforced for SAMR password
    changes
    - debian/patches/CVE-2013-4496.patch: refactor password lockout code in
      source3/auth/check_samsec.c,
      source3/rpc_server/samr/srv_samr_chgpasswd.c,
      source3/rpc_server/samr/srv_samr_nt.c,
      source3/smbd/lanman.c,
      source4/rpc_server/samr/samr_password.c,
      source4/torture/rpc/samr.c.
    - CVE-2013-4496

49284b9... by Marc Deslauriers on 2013-12-09

Import patches-unapplied version 2:3.6.18-1ubuntu3.1 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 0028ea8606295c9bc74787c04afab83e3e8f8dda

New changelog entries:
  * SECURITY UPDATE: file restrictions bypass via alternate data streams
    - debian/patches/CVE-2013-4475.patch: properly check base file access
      in source3/smbd/open.c.
    - CVE-2013-4475
  * SECURITY UPDATE: pam_winbind access restriction bypass via invalid
    group names
    - debian/patches/CVE-2012-6150.patch: ensure valid groups in
      nsswitch/pam_winbind.c.
    - CVE-2012-6150
  * SECURITY UPDATE: arbitrary code execution via incorrect DCE-RPC
    fragment length field checking
    - debian/patches/CVE-2013-4408.patch: apply massive upstream fix to
      lib/async_req/async_sock.c, libcli/util/tstream.c,
      librpc/idl/dcerpc.idl, librpc/rpc/dcerpc_util.c,
      librpc/rpc/rpc_common.h, nsswitch/libwbclient/wbc_sid.c,
      nsswitch/wbinfo.c, source3/lib/netapi/{group,localgroup,user}.c,
      source3/lib/util_tsock.c, source3/libnet/libnet_join.c,
      source3/librpc/rpc/dcerpc_helpers.c,
      source3/rpc_client/{cli_lsarpc,cli_pipe}.c,
      source3/rpc_server/netlogon/srv_netlog_nt.c,
      source3/rpcclient/{cmd_lsarpc,cmd_samr}.c, source3/smbd/lanman.c,
      source3/utils/net_rpc.c, source3/utils/net_rpc_join.c,
      source3/winbindd/{wb_lookupsids,winbindd_msrpc,winbindd_rpc}.c,
      source4/libcli/util/clilsa.c, source4/libnet/{groupinfo,groupman,
      libnet_join,libnet_lookup,libnet_passwd,userinfo,userman}.c,
      source4/librpc/rpc/{dcerpc,dcerpc_smb,dcerpc_smb2,dcerpc_sock}.c,
      source4/winbind/wb_async_helpers.c.
    - CVE-2013-4408

0028ea8... by Matthias Klose on 2013-10-09

Import patches-unapplied version 2:3.6.18-1ubuntu3 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 0776e841ab33f81d771b6c520a6c9fe36b08fd47

New changelog entries:
  * Update config.{guess,sub} for AArch64.

0776e84... by Steve Langasek on 2013-08-25

Import patches-unapplied version 2:3.6.18-1ubuntu2 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: f166d3a3e9db54cf3f7ba7900d1923c6320742d1

New changelog entries:
  * /etc/init.d/samba exists again as an init script, so drop ill-fated
    code which tries to remove it in the postinst. LP: #1216438.

f166d3a... by James Page on 2013-08-21

Import patches-unapplied version 2:3.6.18-1ubuntu1 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 31a24535df06316f8a0b3f2d669775cf6a33745d

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    + debian/patches/VERSION.patch:
      - set SAMBA_VERSION_SUFFIX to Ubuntu.
    + debian/smb.conf:
      - add "(Samba, Ubuntu)" to server string.
      - comment out the default [homes] share, and add a comment about
        "valid users = %S" to show users how to restrict access to
        \\server\username to only username.
    + debian/samba-common.config:
      - Do not change priority to high if dhclient3 is installed.
      - Use priority medium instead of high for the workgroup question.
    + debian/control:
      - Don't build against or suggest ctdb.
      - Add dependency on samba-common-bin to samba.
    + Add ufw integration:
      - Created debian/samba.ufw.profile
      - debian/rules, debian/samba.install: install profile.
      - debian/control: have samba suggest ufw.
    + Add apport hook:
      - Created debian/source_samba.py.
      - debian/rules, debian/samba-common-bin.install: install hook.
    + d/rules: Drop explicit configuration options for ctdb.
    + debian/samba.logrotate: call upstart interfaces unconditionally instead
      of hacking around with pid files.

31a2453... by Ivo De Decker <email address hidden> on 2013-08-20

Import patches-unapplied version 2:3.6.18-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 8d7f242d57ab85c40c841844580863608aa42c64

New changelog entries:
  * Team upload.
  [ Steve Langasek ]
  * Split the samba init script into nmbd and smbd init scripts, for better
    alignment with how init systems other than sysvinit work. This also
    drops the override of the arguments to update-rc.d in debian/rules,
    no longer needed in the post-insserv world.
  * Add upstart jobs from Ubuntu for smbd, nmbd, and winbind.
  [ Ivo De Decker ]
  * New upstream release

8d7f242... by Ivo De Decker <email address hidden> on 2013-08-05

Import patches-unapplied version 2:3.6.17-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 934c5a54425d5b863be21a3cc3762c68224b4c63

New changelog entries:
  * Team upload.
  * New upstream security release. Closes: #718781
    Fixes CVE-2013-4124: Denial of service - CPU loop and memory allocation

934c5a5... by Ivo De Decker <email address hidden> on 2013-07-16

Import patches-unapplied version 2:3.6.16-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b62d16967e41ec3f488b4bf2f271f79067db91e0

New changelog entries:
  * Team upload.
  * Make build-dep on libtevent-dev explicit.
  * Fix waf-as-source.patch to make sure unpacking works in recent build
    environment. Closes: #716932

b62d169... by Ivo De Decker <email address hidden> on 2013-06-19

Import patches-unapplied version 2:3.6.16-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 7c93871d1c6c36b74ff8d5f76c0ff3e97c07e2e4

New changelog entries:
  * Team upload.
  [ Steve Langasek ]
  * Drop support for running smbd from inetd; this is not well-supported
    upstream, and can't correctly handle all of the long-running services
    that are needed as part of modern samba. Closes: #707622.
  [ Ivo De Decker ]
  * New upstream release