[Pkg-samba-maint] samba_4.2.14+dfsg-0+deb8u3_amd64.changes ACCEPTED into proposed-updates->stable-new, proposed-updates

Debian FTP Masters ftpmaster at ftp-master.debian.org
Mon Apr 24 19:32:11 UTC 2017



Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 17 Mar 2017 22:14:34 +0100
Source: samba
Binary: samba samba-libs samba-common samba-common-bin smbclient samba-testsuite registry-tools libparse-pidl-perl samba-dev samba-doc python-samba samba-dsdb-modules samba-vfs-modules libpam-smbpass libsmbclient libsmbclient-dev winbind libpam-winbind libnss-winbind samba-dbg libwbclient0 libwbclient-dev ctdb
Architecture: source amd64 all
Version: 2:4.2.14+dfsg-0+deb8u3
Distribution: jessie-security
Urgency: high
Maintainer: Debian Samba Maintainers <pkg-samba-maint at lists.alioth.debian.org>
Changed-By: Mathieu Parent <sathieu at debian.org>
Description:
 ctdb       - clustered database to store temporary data
 libnss-winbind - Samba nameservice integration plugins
 libpam-smbpass - pluggable authentication module for Samba
 libpam-winbind - Windows domain authentication integration plugin
 libparse-pidl-perl - IDL compiler written in Perl
 libsmbclient - shared library for communication with SMB/CIFS servers
 libsmbclient-dev - development files for libsmbclient
 libwbclient-dev - Samba winbind client library - development files
 libwbclient0 - Samba winbind client library
 python-samba - Python bindings for Samba
 registry-tools - tools for viewing and manipulating the Windows registry
 samba      - SMB/CIFS file, print, and login server for Unix
 samba-common - common files used by both the Samba server and client
 samba-common-bin - Samba common files used by both the server and the client
 samba-dbg  - Samba debugging symbols
 samba-dev  - tools for extending Samba
 samba-doc  - Samba documentation
 samba-dsdb-modules - Samba Directory Services Database
 samba-libs - Samba core libraries
 samba-testsuite - test suite from Samba
 samba-vfs-modules - Samba Virtual FileSystem plugins
 smbclient  - command-line SMB/CIFS clients for Unix
 winbind    - service to resolve user and group information from Windows NT ser
Changes:
 samba (2:4.2.14+dfsg-0+deb8u3) jessie-security; urgency=high
 .
   * This is a security release in order to address the following defects:
     - CVE-2017-2619: symlink race permits opening files outside share directory
   * CVE-2017-2619 requires the following changes:
     - s3: vfs: dirsort doesn't handle opendir of "." correctly.
     - s3: smbd: Correctly canonicalize any incoming shadow copy path.
     - s3: lib: Add canonicalize_absolute_path().
     - s3: smbd: Make set_conn_connectpath() call canonicalize_absolute_path().
     - s3: VFS: shadow_copy2: Correctly initialize timestamp and stripped
       variables.
     - s3: VFS: shadow_copy2: Ensure pathnames for parameters are correctly
       relative and terminated.
     - s3: VFS: shadow_copy2: Fix length comparison to ensure we don't overstep
       a length.
     - s3: VFS: shadow_copy2: Add two new variables to the config data. Not yet
       used.
     - s3: VFS: shadow_copy2: Add a wrapper function to call the original
       shadow_copy2_strip_snapshot().
     - s3: VFS: shadow_copy2: Change a parameter name.
     - s3: VFS: shadow_copy2: Add two currently unused functions to make
       pathnames absolute or relative to $cwd.
     - s3: VFS: shadow_copy2: Fix chdir to store off the needed private
       variables.
     - vfs_shadow_copy2: add shadow_copy2_do_convert()
     - vfs_shadow_copy2: fix case where snapshots are outside the share
     - s3: VFS: Allow shadow_copy2_connectpath() to return the cached path
       derived from $cwd.
     - s3: VFS: Ensure shadow:format cannot contain a / path separator.
     - s3: VFS: Add utility function check_for_converted_path().
     - s3: VFS: shadow_copy2: Fix module to work with variable current working
       directory.
     - s3: VFS: shadow_copy2: Fix a memory leak in the connectpath function.
     - s3: VFS: shadow_copy2: Fix usage of saved_errno to only set errno on
       error.
     - s3: VFS: Don't allow symlink, link or rename on already converted paths.
     - s3: VFS: vfs_streams_xattr.c: Make streams_xattr_open() store the same
       path as streams_xattr_recheck().
     - vfs_streams_xattr: use fsp, not base_fsp
     - s3: vfs: streams_depot. Use conn->connectpath not conn->cwd.
     - s3: smbd: Create wrapper function for OpenDir in preparation for making
       robust.
     - s3: smbd: Opendir_internal() early return if SMB_VFS_OPENDIR failed.
     - s3: smbd: Create and use open_dir_safely(). Use from OpenDir().
     - s3: smbd: OpenDir_fsp() use early returns.
     - s3: smbd: OpenDir_fsp() - Fix memory leak on error.
     - s3: smbd: Move the reference counting and destructor setup to just before
       retuning success.
     - s3: smbd: Correctly fallback to open_dir_safely if FDOPENDIR not supported
       on system.
     - s3: smbd: Remove O_NOFOLLOW guards. We insist on O_NOFOLLOW existing.
     - s3: smbd: Move special handling of symlink errno's into a utility
       function.
     - s3: smbd: Add the core functions to prevent symlink open races.
     - s3: smbd: Use the new non_widelink_open() function.
Checksums-Sha1:
 5309a4bdea8421c978c885970a8a5669e92b7404 4188 samba_4.2.14+dfsg-0+deb8u3.dsc
 c84a76444dd05317b9a55e6c0903cf99d5bce16b 249064 samba_4.2.14+dfsg-0+deb8u3.debian.tar.xz
 4d88db7b299711c526dd2fd177dbad845f96eda4 1031098 samba_4.2.14+dfsg-0+deb8u3_amd64.deb
 fea5209ff3fe87020604c8a1f4e200b4d86ac8ab 5115266 samba-libs_4.2.14+dfsg-0+deb8u3_amd64.deb
 2df56b446701d497ec526de553b2916b9228c681 270140 samba-common_4.2.14+dfsg-0+deb8u3_all.deb
 0840491fce08095ebdd74d261fe1da57c40f206f 615068 samba-common-bin_4.2.14+dfsg-0+deb8u3_amd64.deb
 a1a4e060048bce133be8ecff78d5595882b66469 343124 smbclient_4.2.14+dfsg-0+deb8u3_amd64.deb
 fca45d9c23202c40e6c9ee1225c254004bc68e6b 1570594 samba-testsuite_4.2.14+dfsg-0+deb8u3_amd64.deb
 be8a13d27e191079fb8ac2a1475ae66fd64d3663 123198 registry-tools_4.2.14+dfsg-0+deb8u3_amd64.deb
 417f4f43e9d340c1e780939059a49b55a1b3deb3 184400 libparse-pidl-perl_4.2.14+dfsg-0+deb8u3_amd64.deb
 1783bd446d00a296821a0ba806dace0a5e5b433d 335598 samba-dev_4.2.14+dfsg-0+deb8u3_amd64.deb
 d523c645e81aca57285cf5e130cef3dda80d46d0 320708 samba-doc_4.2.14+dfsg-0+deb8u3_all.deb
 dfa79c09099f7beba89ed88a71fe5b6fa579997c 1019552 python-samba_4.2.14+dfsg-0+deb8u3_amd64.deb
 0fb8613e37c10d140e208f980aa96e0990841892 307690 samba-dsdb-modules_4.2.14+dfsg-0+deb8u3_amd64.deb
 1dfdadba44bba1f24ac37faebd8c441a5ff2273d 329888 samba-vfs-modules_4.2.14+dfsg-0+deb8u3_amd64.deb
 9bf026cfe9e85f47f1851773280be9765b7c62cb 111230 libpam-smbpass_4.2.14+dfsg-0+deb8u3_amd64.deb
 1c4c0c76702b4b2b92904057fd055b61bfaa4366 146502 libsmbclient_4.2.14+dfsg-0+deb8u3_amd64.deb
 5de77fc08098c4cb4ed72e29f02bbc48b052df5c 134220 libsmbclient-dev_4.2.14+dfsg-0+deb8u3_amd64.deb
 efb5d079a7a531bcbbc0e0250336b2f5433329c7 494736 winbind_4.2.14+dfsg-0+deb8u3_amd64.deb
 c01195a7f50cbd830d421f7841129b3315937486 122330 libpam-winbind_4.2.14+dfsg-0+deb8u3_amd64.deb
 86ffa4b9a039cb80aefd93337695e499f60ebda5 106884 libnss-winbind_4.2.14+dfsg-0+deb8u3_amd64.deb
 adc9f24f7b90da8d72cee7a4ab7bb7bb75647141 29546770 samba-dbg_4.2.14+dfsg-0+deb8u3_amd64.deb
 3b10e261aada71898ec18665349d75b2663eb49e 121516 libwbclient0_4.2.14+dfsg-0+deb8u3_amd64.deb
 28b66797e5b78f26e1eb8ffaece4dafa06b7a9d2 106650 libwbclient-dev_4.2.14+dfsg-0+deb8u3_amd64.deb
 d80fd95dd991e53ed83e72a0252363fb884f7c89 511868 ctdb_4.2.14+dfsg-0+deb8u3_amd64.deb
Checksums-Sha256:
 ebc26a38af7aa86905f825dae1fc0fde0bd58db9ad6a744b452c29acb0b1fe48 4188 samba_4.2.14+dfsg-0+deb8u3.dsc
 b56a3a923dd2d71652704d4dddc406b210cec1c0476596a61b4139c6ceabdb02 249064 samba_4.2.14+dfsg-0+deb8u3.debian.tar.xz
 0c951a17972a1434301906fb13fc46ed319e85e2807c80c78fc90359add0b01d 1031098 samba_4.2.14+dfsg-0+deb8u3_amd64.deb
 fd02995f7adf925e43ff5c81c0d8fa04fa0a171a86a4e619a98326d3e0aca038 5115266 samba-libs_4.2.14+dfsg-0+deb8u3_amd64.deb
 6891170f9bd6a6f4b2dcc0ad0bcab77bb33631bc3224b6b57e926ae56dbdf783 270140 samba-common_4.2.14+dfsg-0+deb8u3_all.deb
 3e0f9244188589f4c156cef16681eb14216e1ec9920cc0901218fcafd039c8f5 615068 samba-common-bin_4.2.14+dfsg-0+deb8u3_amd64.deb
 6a46e742c631ea968ca68034db9163edae3c9bc957e834ccf24064cc6eb7a47e 343124 smbclient_4.2.14+dfsg-0+deb8u3_amd64.deb
 62103e9d6695edd9d7304e8ba49a0387c5f966e828525ceb7a18171d5bd01a85 1570594 samba-testsuite_4.2.14+dfsg-0+deb8u3_amd64.deb
 7b0370da1e82bf053931c1569d108edaa02ee13abd7ed6da3c1a13fbaaba8f60 123198 registry-tools_4.2.14+dfsg-0+deb8u3_amd64.deb
 60af6b1da4441ce21b6f3f1b69e65cf8455014bb84c78de9129c08e6f68be6c6 184400 libparse-pidl-perl_4.2.14+dfsg-0+deb8u3_amd64.deb
 5a9849bf8579c872150e0a4156f38363ba0fc7905029d86298d2c747757a5d5a 335598 samba-dev_4.2.14+dfsg-0+deb8u3_amd64.deb
 5d22c84aaaf4df783a0be24422be7e804d0ae6532c14553b48bfa69643df6b79 320708 samba-doc_4.2.14+dfsg-0+deb8u3_all.deb
 a557045febf0c0ec38fbeddf1718bf350fe1428313beb7be1b89e1411a5a6cca 1019552 python-samba_4.2.14+dfsg-0+deb8u3_amd64.deb
 b58cff3964aedfe60fd9566bf89503adeff80b4e731bb83b58bcd44bb77b002b 307690 samba-dsdb-modules_4.2.14+dfsg-0+deb8u3_amd64.deb
 497188142b5a05a74f637c51bb04beed75d2e779ba219e668a1eb2ea89930a4b 329888 samba-vfs-modules_4.2.14+dfsg-0+deb8u3_amd64.deb
 35bf35e306184a63a9e63796fcb6ba2d1d9957867728b3f763aabb387702fa7f 111230 libpam-smbpass_4.2.14+dfsg-0+deb8u3_amd64.deb
 ed74fbdeca91b303ef30d6ae055622c1ca60f2132a5c5a75d7444a3c31e23bf3 146502 libsmbclient_4.2.14+dfsg-0+deb8u3_amd64.deb
 dd7bbe29a46a5cf422fb9e536048f95a18f1049097867fcec07231c41889d3d5 134220 libsmbclient-dev_4.2.14+dfsg-0+deb8u3_amd64.deb
 7742a113deea3a98688a32b48303cb6ea900884035016dbbb4a81b967c85cca9 494736 winbind_4.2.14+dfsg-0+deb8u3_amd64.deb
 0b8b05ec4fff848b29fce1fe996b101c2a291bf393f23bd0aa0f4c24af18a3fe 122330 libpam-winbind_4.2.14+dfsg-0+deb8u3_amd64.deb
 517da80147aca4208235367e5a9193a4f552b3cc945ba8df724fc4edf835adef 106884 libnss-winbind_4.2.14+dfsg-0+deb8u3_amd64.deb
 8920c972a1d664e18c06e810162b13b3efb1eaedf6b866653b05e8ca9202d470 29546770 samba-dbg_4.2.14+dfsg-0+deb8u3_amd64.deb
 b87e85e1d11a695eb0964acb3be369fd7224928e4b0a0b43619ba0757314ddda 121516 libwbclient0_4.2.14+dfsg-0+deb8u3_amd64.deb
 3d79146ac1ad4f030869aac5fd4574cd8ca3abd3fd72509e14a3547d90634ac7 106650 libwbclient-dev_4.2.14+dfsg-0+deb8u3_amd64.deb
 20126091bb3fd3f57e48317493e99c9491213eb86c5c4209b41582437988b7b4 511868 ctdb_4.2.14+dfsg-0+deb8u3_amd64.deb
Files:
 8667e407c0e76364dc5ec869b4378a10 4188 net optional samba_4.2.14+dfsg-0+deb8u3.dsc
 eb99fc465e23297405b6b875806b807a 249064 net optional samba_4.2.14+dfsg-0+deb8u3.debian.tar.xz
 923268ab9ed2bdfbcec2086c7a58093d 1031098 net optional samba_4.2.14+dfsg-0+deb8u3_amd64.deb
 07af0a91f0dc3a3f00d779adc37f3249 5115266 libs optional samba-libs_4.2.14+dfsg-0+deb8u3_amd64.deb
 eeeaa00f35021533de84e24ccce4174f 270140 net optional samba-common_4.2.14+dfsg-0+deb8u3_all.deb
 20497528dd2c6ae5571974a4a77f89e6 615068 net optional samba-common-bin_4.2.14+dfsg-0+deb8u3_amd64.deb
 7d1b1e42b72547b30707a09bc06f50b7 343124 net optional smbclient_4.2.14+dfsg-0+deb8u3_amd64.deb
 36428cb5c7e028ffc985635300cba513 1570594 net optional samba-testsuite_4.2.14+dfsg-0+deb8u3_amd64.deb
 e09cc7431051445b52fd253a6687161e 123198 net optional registry-tools_4.2.14+dfsg-0+deb8u3_amd64.deb
 0e99bf142ba94e5eb7caf9172156d14c 184400 perl optional libparse-pidl-perl_4.2.14+dfsg-0+deb8u3_amd64.deb
 52e3f13c27264f8ce7133df866c4b76f 335598 devel optional samba-dev_4.2.14+dfsg-0+deb8u3_amd64.deb
 c470b1451b5b146cac17b7e21064b7e4 320708 doc optional samba-doc_4.2.14+dfsg-0+deb8u3_all.deb
 c334209224b87a857b7932090af2aa7e 1019552 python optional python-samba_4.2.14+dfsg-0+deb8u3_amd64.deb
 071453804a088842739402a3338db5e5 307690 libs optional samba-dsdb-modules_4.2.14+dfsg-0+deb8u3_amd64.deb
 ca5ebda52eec09725ecdcb813d7b72c9 329888 net optional samba-vfs-modules_4.2.14+dfsg-0+deb8u3_amd64.deb
 6ff22c5c4c35267d3030722bfa746963 111230 admin extra libpam-smbpass_4.2.14+dfsg-0+deb8u3_amd64.deb
 eff1d4b55610811f5e1219783d5db37e 146502 libs optional libsmbclient_4.2.14+dfsg-0+deb8u3_amd64.deb
 35a95fb6f1d4f970f1159b6b6dd43921 134220 libdevel extra libsmbclient-dev_4.2.14+dfsg-0+deb8u3_amd64.deb
 ece67a248b7fa2151b781b45c575d217 494736 net optional winbind_4.2.14+dfsg-0+deb8u3_amd64.deb
 2e246259d671e2dc6eac2cc58396d065 122330 net optional libpam-winbind_4.2.14+dfsg-0+deb8u3_amd64.deb
 95da366c0f41838374f70c91908c3ac9 106884 net optional libnss-winbind_4.2.14+dfsg-0+deb8u3_amd64.deb
 e21a1581952ec3d063f5d085467071c8 29546770 debug extra samba-dbg_4.2.14+dfsg-0+deb8u3_amd64.deb
 0768051959b051e7a7737ce65aef0af5 121516 libs optional libwbclient0_4.2.14+dfsg-0+deb8u3_amd64.deb
 5edfbe05660c581795a34b17a717c323 106650 libdevel optional libwbclient-dev_4.2.14+dfsg-0+deb8u3_amd64.deb
 68ff96ecb277a95e7f65ebe36f3e0cfb 511868 net optional ctdb_4.2.14+dfsg-0+deb8u3_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEqIGbPTP9weQZ135HrgOYBGZoH6UFAljNJKsACgkQrgOYBGZo
H6U/6g//XifImJxA8syzWceDMmC/cgV8YbZvpRzjeiO5YLnK5k+8cOtxQIoAGp5r
9W/sQ15eakVqoqU5ZMt4//8juKfd2GZ+ZHCvVhIvdS3KJvoNHvrFvn0QtilqR2LR
cse2DVPna2ChHUD6/mr5KBKCTn8/9fIIf99Hx7FBMadrcn0q0J0BHFC6+XK3sOM5
e++Eo88lbyirY/K4ucI9rcE3VQrTkyj6WJLzra2WjY3zbPjIKLbYfFirstcq8tMg
utvsX+b32QL7tie43KuuhK7Qi2M+KlKzzakg4vgCoMPHhB9KeqUYdVTDi/f+rQvl
7FW7yQm1lpT7/RSU4dssD6R8nsmAiuOUCIW77zTQooIKYb06MY1h9YO8MHJEaA8q
sk8qLR02waPjZibdjrZGke8AaoVg/SDns7aLfXWoKx4EtUyUY0Ew4Ab2ua/pd4xr
VJdHP/upSPsgttGJ4FmlED7Wv72o1i+PaYPm0Ux7MctaeeobtBZtPzzRJHcp+rLd
TlbS2cqk65zN46qDoVCGO2ZztAQdrqeWZ/JkT/XsSim++NJo4QgPS19NphW5I4R4
WbE5zFNROz1N15XljYMmBNCsfhwlATjyQVdSHHXpwi9x0RU3SPcJ8pbojCAluvPo
jD94Ew8HTA6QdyxWQIcEUqWU/RCnPQDzEy/MSX2cBxdfC30JQGk=
=737C
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.



More information about the Pkg-samba-maint mailing list