[Pkg-samba-maint] HEADS UP: CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation
math.parent at gmail.com
Fri Jul 14 11:41:30 UTC 2017
I've uploaded to sécurité à un embargo es including thé source. What's
Le vendredi 14 juillet 2017, Andrew Bartlett <abartlet at samba.org> a écrit :
> On Fri, 2017-07-14 at 10:00 +0200, Yves-Alexis Perez wrote:
>> On Fri, 2017-07-14 at 08:10 +1200, Andrew Bartlett wrote:
>> > > Hi, thanks for your work on this. The debdiff looks simple and sane
>> > > unfortunately I don't think we have a Samba-AD test instance to
check it does
>> > > work indeed.
>> > >
>> > > Besides the upstream build test was there some confirmation it did
>> > Yes, I built a reproducer for the core issue and checked it against
>> > upstream. I'll release that in a few days as part of our regression
>> > suite.
>> Ok, thank you. Can you upload the packages to security-master? The
>> needs to be built with -sa to include the orig tarball since it's the
>> security upload there.
>> I'll review the packages there and release the DSA when possible.
> I think Mathieu tried to do that yesterday:
> I tried to rebuild as requested, but my gbp foo isn't good enough to
> get the flags in the right spot, sorry.
> I tried:
> gbp buildpackage --git-pbuilder --git-dist=stretch --git-builder='debuild
-i -I -sa'
> But it still didn't include the original source. In any case it is all
> lined up in git:
> https://anonscm.debian.org/git/pkg-samba/samba.git stretch
> This is the end of my day here in NZ, but I hope you and Mathieu can
> sort the rest out.
> Andrew Bartlett
> (still a bit green on Debian maintenance, but helps out when things get
> tight to ensure Debian isn't caught on the hop by security issues).
> Andrew Bartlett http://samba.org/~abartlet/
> Authentication Developer, Samba Team http://samba.org
> Samba Developer, Catalyst IT
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Pkg-samba-maint