[Pkg-samba-maint] samba_4.13.14+dfsg-1_source.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Tue Nov 9 20:41:08 GMT 2021
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 09 Nov 2021 20:53:03 +0100
Source: samba
Architecture: source
Version: 2:4.13.14+dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Debian Samba Maintainers <pkg-samba-maint at lists.alioth.debian.org>
Changed-By: Mathieu Parent <sathieu at debian.org>
Changes:
samba (2:4.13.14+dfsg-1) unstable; urgency=high
.
* New upstream security release in order to address the following defects:
- CVE-2016-2124: don't fallback to non spnego authentication if we require
kerberos
- MS CVE-2020-17049 in Samba: 'Bronze bit' S4U2Proxy Constrained Delegation
bypass
- CVE-2020-25717: A user on the domain can become root on domain members
- CVE-2020-25718: An RODC can issue (forge) administrator tickets to other
servers
+ Bump build-depends ldb >= 2.2.3
- CVE-2020-25719: AD DC Username based races when no PAC is given
- CVE-2020-25721: Kerberos acceptors need easy access to stable AD
identifiers (eg objectSid)
- CVE-2020-25722: AD DC UPN vs samAccountName not checked (top-level bug
for AD DC validation issues)
- CVE-2021-3738: crash in dsdb stack
- CVE-2021-23192: dcerpc requests don't check all fragments against the
first auth_state
+ Update d/samba-libs.install for libdcerpc-pkt-auth.so.0
* Add patch to fix "allow trusted domains"
* Bump ldb build-depends to 2.2.3
* Update d/samba-libs.install
Checksums-Sha1:
5d6a10e23486d2dee3bb32fe89fe0a272b964a82 4356 samba_4.13.14+dfsg-1.dsc
22d8ec06267828f1c6915ac85a3596a7f8039922 11829668 samba_4.13.14+dfsg.orig.tar.xz
64d8bf24391665ae30f525704044e6ad16d4d1bf 248344 samba_4.13.14+dfsg-1.debian.tar.xz
4a4564259504334be3381ec0bb88a05adc2244ca 7430 samba_4.13.14+dfsg-1_source.buildinfo
Checksums-Sha256:
1e54362c3cf484b8eb22846149646d8710345e3188dc550510a47c468360569b 4356 samba_4.13.14+dfsg-1.dsc
5584cfe957fdb5217c220dbeeafc9013451a4c65c407a58cb76bebc7eed74d13 11829668 samba_4.13.14+dfsg.orig.tar.xz
ebcd6df5246a541a0132fae67c77af0cc587183a64dcd85b51ca151aa708736e 248344 samba_4.13.14+dfsg-1.debian.tar.xz
d4358cd1e834d4a4c0afb39ee828b493e2bee715ef482ba12509f8bc820bffbe 7430 samba_4.13.14+dfsg-1_source.buildinfo
Files:
1c5b84207833ea18ee0cb98f94434452 4356 net optional samba_4.13.14+dfsg-1.dsc
2f4f8677e4f409c6eecf84f393b2a82f 11829668 net optional samba_4.13.14+dfsg.orig.tar.xz
2b2bc3702a5f1a2b14bd21557e9b11bf 248344 net optional samba_4.13.14+dfsg-1.debian.tar.xz
3e16018555c59cc711263b7becb2943c 7430 net optional samba_4.13.14+dfsg-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJHBAEBCgAxFiEEqqWLhC6ILPQU4Lqxp8cqHHgrjD8FAmGK2AYTHHNhdGhpZXVA
ZGViaWFuLm9yZwAKCRCnxyoceCuMP+39EACDiZZ6lXKJrGUbJh8c/yVJirHdCx1k
xxAHaKkAp+ucFpUGwN/4PXshddXKuigU2G68EQDIPcsSaZFGh0leNZcv/9AxT/qp
pNXXx14T2wFdFPO0v8MCNOFNur8HgdoJZqetgL4iEosURLPeAyM2oTG0eT2ejYXN
tnQpu/cBT3W6Uo3tgIyfZsA/H8+5NLTVza4xDGi2WAMNuqlWCCBpsT5Nm0sL4Dld
2DSWBtAObB6aMG42cbP2EoNLSLC+4EEe70PmEecvKGZ7A0WN5RJ3fxJEQUOZifYB
vIk4vpkUD2HIKaf0RujbLoxQdrcRrIUQ14PZSL9/j85LpUIjhOIHYGUxNVfZofY0
Z3NoQrH84sejN2KUa/miPL/DZHUwnNISe3w8+Iqyr6Zyb0umb1inlmcgGamNxzNy
rOlvpfuFSLJ3WSWgagThgTjdTiKP6Wrx7JMnyoVwB2w38rI5zecaU1paijtz90NG
a/j87S63524ZI0dQ62O6PZ1HFEwffUZ2r/ckyrgYawhBwwQNk6UoPbV++FpBIqs8
TiS43QPPoVyyITRR0HA0n+trzKS50afNrZ3Njv4xjrJrBd3pTHtKt64PqSMqBYWo
UQ4iogJv7yHyq0hbF+WYWWQdlXLCfkET85Zhr1WZ78gD84NOJ9CdG5aeDLYc3vzs
EeDuBNuRDZyCYQ==
=8jSM
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the Pkg-samba-maint
mailing list