[Pkg-samba-maint] Bug#1001068: samba: Missing upstream commit 0a546be0 on bullseye, bookworm and sid (part of CVE-2020-25717)

Jörg Behrmann behrmann at physik.fu-berlin.de
Fri Dec 3 14:44:02 GMT 2021 

Package: samba
Version: 2:4.13.13+dfsg-1~deb11u2
Severity: important
X-Debbugs-Cc: team at security.debian.org

The upstream samba commit 0a546be0 is included in the buster security release
2:4.9.5+dfsg-5+deb10u2 via the patch file bug-14901-v4-9.patch, but is missing
in the bullseye security release 2:4.13.13+dfsg-1~deb11u2.

Pleae apply that patch in bullseye as well, so that the idmap_nss fallback via
SID mapping works.

-- Package-specific info:
* /etc/samba/smb.conf present, but not attached
* /var/lib/samba/dhcp.conf not present

-- System Information:
Debian Release: 11.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-8-amd64 (SMP w/48 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages samba depends on:
ii  adduser              3.118
ii  dpkg                 1.20.9
ii  init-system-helpers  1.60
ii  libbsd0              0.11.3-1
ii  libc6                2.31-13+deb11u2
ii  libgnutls30          3.7.1-5
ii  libldb2              2:2.2.3-2~deb11u1
ii  libpam-modules       1.4.0-9+deb11u1
ii  libpam-runtime       1.4.0-9+deb11u1
ii  libpopt0             1.18-2
ii  libpython3.9         3.9.2-1
ii  libtalloc2           2.3.1-2+b1
ii  libtasn1-6           4.16.0-2
ii  libtdb1              1.4.3-1+b1
ii  libtevent0           0.10.2-1
ii  libwbclient0         2:4.13.13+dfsg-1~deb11u2
ii  lsb-base             11.1.0
ii  procps               2:3.3.17-5
ii  python3              3.9.2-3
ii  python3-dnspython    2.0.0-1
ii  python3-samba        2:4.13.13+dfsg-1~deb11u2
ii  samba-common         2:4.13.13+dfsg-1~deb11u2
ii  samba-common-bin     2:4.13.13+dfsg-1~deb11u2
ii  samba-libs           2:4.13.13+dfsg-1~deb11u2
ii  tdb-tools            1.4.3-1+b1

Versions of packages samba recommends:
ii  attr                1:2.4.48-6
ii  logrotate           3.18.0-2
ii  python3-markdown    3.3.4-1
pn  samba-dsdb-modules  <none>
pn  samba-vfs-modules   <none>

Versions of packages samba suggests:
pn  bind9          <none>
pn  bind9utils     <none>
pn  ctdb           <none>
pn  ldb-tools      <none>
pn  ntp | chrony   <none>
pn  smbldap-tools  <none>
pn  ufw            <none>
ii  winbind        2:4.13.13+dfsg-1~deb11u2

-- no debconf information

More information about the Pkg-samba-maint mailing list