ubuntu/+source/samba:ubuntu/utopic-security

Last commit made on 2015-02-23
Get this branch:
git clone -b ubuntu/utopic-security https://git.launchpad.net/ubuntu/+source/samba
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/utopic-security
Repository:
lp:ubuntu/+source/samba

Recent commits

2511a3c... by Marc Deslauriers on 2015-02-23

Import patches-unapplied version 2:4.1.11+dfsg-1ubuntu2.2 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: a557ca93956f9fb17c148768ac55456d6312d60c

New changelog entries:
  * SECURITY UPDATE: code execution vulnerability in smbd daemon
    - debian/patches/CVE-2015-0240.patch: don't call talloc_free on an
      uninitialized pointer and don't dereference a NULL pointer in
      source3/rpc_server/netlogon/srv_netlog_nt.c.
    - CVE-2015-0240

a557ca9... by Marc Deslauriers on 2015-01-21

Import patches-unapplied version 2:4.1.11+dfsg-1ubuntu2.1 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 27d6ef3debc9d12c262d346552379d6f934ec9c0

New changelog entries:
  * SECURITY UPDATE: elevation of privilege to AD Domain Controller
    - debian/patches/CVE-2014-8143.patch: check for extended access rights
      before allowing changes to userAccountControl in
      librpc/idl/security.idl, source4/auth/session.c,
      source4/dsdb/common/util.c, source4/dsdb/pydsdb.c,
      source4/dsdb/samdb/ldb_modules/samldb.c, source4/dsdb/samdb/samdb.h,
      source4/rpc_server/lsa/dcesrv_lsa.c,
      source4/setup/schema_samba4.ldif.
    - CVE-2014-8143

27d6ef3... by Serge Hallyn on 2014-09-11

Import patches-unapplied version 2:4.1.11+dfsg-1ubuntu2 to ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: 59c3e6413888ee57fce93a89d85b846fc70cd553

New changelog entries:
  * d/p/krb_zero_cursor.patch - apply proposed-upstream fix for
    pam_winbind krb5_ccache_type=FILE failure (LP: #1310919)

59c3e64... by Dimitri John Ledkov on 2014-08-09

Import patches-unapplied version 2:4.1.11+dfsg-1ubuntu1 to ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: 908009ad30a14cecdaaf7d5f66f1494273686174

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    + debian/VERSION.patch: Update vendor string to "Ubuntu".
    + debian/smb.conf;
       - Add "(Samba, Ubuntu)" to server string.
       - Comment out the default [homes] share, and add a comment about "valid users = %s"
         to show users how to restrict access to \\server\username to only username.
    + debian/samba-common.config:
      - Do not change prioritiy to high if dhclient3 is installed.
    + debian/control:
      - Don't build against or suggest ctdb and tdb.
    + debian/rules:
      - Drop explicit configuration options for ctdb and tdb.
    + Add ufw integration:
      - Created debian/samba.ufw.profile:
      - debian/rules, debian/samba.install: install profile
    + Add apport hook:
      - Created debian/source_samba.py.
      - debian/rules, debia/samb-common-bin.install: install hook.
    + debian/samba.logrotate: call upstart interfaces unconditionally instead
      of hacking arround with pid files.
    + Set sbmclients conflicts with samba4-clients less than 4.0.3+dfsg1-0.1ubuntu4,
      first dummy transitional package version.
    + debian/samba-common.dirs: Move /var/lib/samba/private from samba.dirs.
  * In logrotate, use service command to reload (send SIGHUP) the main
    processes such that it works under both upstart and systemd.
  * Drop CVE patches, applied upstream.
  * Drop patches absent from series: readline-ftbfs.patch,
    krb5_kt_start_seq.diff, config-bind99.patch
  * Drop debian/source/include-binaries, pyc files are correctly cleaned up

908009a... by Jelmer Vernooij on 2014-08-03

Import patches-unapplied version 2:4.1.11+dfsg-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b6bc6dce0acd461bb748ab7969f65ebcdf6d1490

New changelog entries:
  * New upstream release. Fixes:
   + CVE-2014-3560: Remote code execution in nmbd. Closes: #756759

b6bc6dc... by Jelmer Vernooij on 2014-06-29

Import patches-unapplied version 2:4.1.9+dfsg-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 951b2c4b6b3e7cbc09788c9cf50299d74056e04b

New changelog entries:
  [ Jelmer Vernooij ]
  * Depend on libgnutls28-dev rather than libgnutls-dev. Closes: #753146
  * Remove outdated-autotools-helper-file overrides for config.guess and
    config.sub; files are no longer present upstream.
  * Add branch to Vcs-Git header.
  * samba.smbd.upstart: Remove leftover code for RUN_MODE=inetd, which
    was already removed elsewhere.
  * Move dsdb-module library from samba-dsdb-modules to samba-libs, to
    prevent circular dependencies between samba-dsdb-modules and samba-
    libs. This is necessary since dsdb-module is now used by the dcerpc-
    server library.
  [ Debconf translations ]
  * New Brazilian Portugese translation from Adriano Rafael Gomes.
    Closes: #752719

951b2c4... by Ivo De Decker <email address hidden> on 2014-06-23

Import patches-unapplied version 2:4.1.9+dfsg-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 1c542f5498211037ac7f29e092b0565642abb307

New changelog entries:
  * New upstream security release. Fixes:
    - CVE-2014-0244: nmbd denial of service
    - CVE-2014-3493: smbd denial of service: server crash/memory corruption

1c542f5... by Ivo De Decker <email address hidden> on 2014-06-08

Import patches-unapplied version 2:4.1.8+dfsg-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 38393e8762ec7dece50ea9d62dffbfb4cf838cae

New changelog entries:
  [ Jelmer Vernooij ]
  * Remove smbd and nmbd from required-start and required-stop in
    samba.init. Closes: #739887
  [ Ivo De Decker ]
  * Remove workaround for #745233.
  * New upstream release. Fixes:
    - CVE-2014-0239: dns: Don't reply to replies. Closes: #749845
    - CVE-2014-0178: Malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response.
  * Use the upstream version of the smb.conf.5 manpage, instead of building
    it. This is an ugly temporary workaround because xsltproc crashes on some
    architectures when building this manpage (due to #750593).
    This fixes the FTBFS, and should make samba installable with the new ldb
    version. Closes: #750541, 750796

38393e8... by Ivo De Decker <email address hidden> on 2014-04-20

Import patches-unapplied version 2:4.1.7+dfsg-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4084c4fa073d06b86c3e2b522e776add226fc833

New changelog entries:
  * Build-depend on heimdal-dev instead of libkrb5-dev.
  * Add versioned build-dep on libgmp10 for now, which should be pulled in by
    libhogweed2, to be able to build in outdated build environments (like on
    most buildds). This is a workaround for #745233.

4084c4f... by Ivo De Decker <email address hidden> on 2014-04-19

Import patches-unapplied version 2:4.1.7+dfsg-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 724c13254189e88d9cf11bba12174e80369058f9

New changelog entries:
  * New upstream release.
  * Remove readline63.patch, integrated upstream.
  * Add build-dep on libkrb5-dev, no longer pulled in by libcups2-dev.
  * Don't try to delete Parse/Yapp/Driver.pm, which is no longer installed.