[Pkg-samba-maint] [samba] 06/08: Changelog for new Samba security release

[Andrew Bartlett]

This is an automated email from the git hooks/post-receive script.

abartlet-guest pushed a commit to branch wheezy
in repository samba.

commit e5b4353df0c2d626b835b6e8ff54cb3c7705e190
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Mon Apr 11 10:26:02 2016 +1200

    Changelog for new Samba security release
---
 debian/changelog | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index df2b1d0..f0666da 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,20 @@
+samba (2:3.6.6-6+deb7u8) UNRELEASED; urgency=high
+  * Security update
+    + Fixes:
+     - CVE-2015-5370 (Multiple errors in DCE-RPC code)
+     - CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
+     - CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
+     - CVE-2016-2112 (LDAP client and server don't enforce integrity)
+     - CVE-2016-2115 (SMB IPC traffic is not integrity protected)
+     - CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)
+    + The Samba 3.6 patches have been backported by Andreas Schneider
+      (Red Hat) and Ralph Böhme (SerNet). Thanks goes to Stefan Metzmacher
+      for finding and fixing the CVEs in the first place. Thanks for the
+      help with backporting to Günther Deschner (Red Hat) and Aurélien Aptel
+      (SUSE).
+
+ -- Andrew Bartlett <abartlet+debian at catalyst.net.nz>  Fri, 08 Apr 2016 16:23:09 +1200
+
 samba (2:3.6.6-6+deb7u7) wheezy-security; urgency=high
 
   * Non-maintainer upload by the Security Team.

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-samba/samba.git