[Pkg-samba-maint] samba_4.17.4+dfsg-1_source.changes ACCEPTED into unstable

Debian FTP Masters ftpmaster at ftp-master.debian.org
Thu Dec 15 21:13:21 GMT 2022


Thank you for your contribution to Debian.



Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 15 Dec 2022 21:54:31 +0300
Source: samba
Architecture: source
Version: 2:4.17.4+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Samba Maintainers <pkg-samba-maint at lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt at tls.msk.ru>
Changes:
 samba (2:4.17.4+dfsg-1) unstable; urgency=medium
 .
   * new upstream stable/security release, with the following changes:
    - CVE-2022-37966: Windows Kerberos RC4-HMAC Elevation of Privilege
      Vulnerability disclosed by Microsoft on Nov 8 2022, see
      https://www.samba.org/samba/security/CVE-2022-37966.html
    - CVE-2022-37967: Windows Kerberos Elevation of Privilege Vulnerability
      disclosed by Microsoft on Nov 8 2022. See
      https://www.samba.org/samba/security/CVE-2022-37967.html
    - CVE-2022-38023: Weak "RC4" (rc4-hmac) protection of the NetLogon Secure
      channel uses, see https://www.samba.org/samba/security/CVE-2022-38023.html
     There are several important behavior changes included in this release,
     which may cause compatibility problems interacting with system still
     expecting the former behavior.  Please read the documents referenced above!
     See also the WHATSNEW.txt document, as there are several new, changed
     and deprecated smb.conf parameters.
   * Other bugfixes in this release (from WHATSNEW.txt):
     https://bugzilla.samba.org/show_bug.cgi?id=14929 CVE-2022-44640
      Upstream Heimdal free of user-controlled pointer in FAST.
     https://bugzilla.samba.org/show_bug.cgi?id=15219
      Heimdal session key selection in AS-REQ examines wrong entry.
     https://bugzilla.samba.org/show_bug.cgi?id=13135 The KDC logic around
      msDs-supportedEncryptionTypes differs from Windows.
     https://bugzilla.samba.org/show_bug.cgi?id=14611 CVE-2021-20251
      Bad password count not incremented atomically.
     https://bugzilla.samba.org/show_bug.cgi?id=15206 libnet: change_password()
      doesn't work with dcerpc_samr_ChangePasswordUser4()
     https://bugzilla.samba.org/show_bug.cgi?id=15230
      Memory leak in snprintf replacement functions.
     https://bugzilla.samba.org/show_bug.cgi?id=15253 RODC doesn't reset
      badPwdCount reliable via an RWDC (CVE-2021-20251 regression).
     https://bugzilla.samba.org/show_bug.cgi?id=15198
      Prevent EBADF errors with vfs_glusterfs.
     https://bugzilla.samba.org/show_bug.cgi?id=15243
      %U for include directive doesn't work for share listing (netshareenum).
     https://bugzilla.samba.org/show_bug.cgi?id=15257
      Stack smashing in net offlinejoin requestodj.
   * removed patches which are now included upstream:
    - nsswitch-pam-data-time_t.patch
    - CVE-2022-42898-lib-krb5-fix-_krb5_get_int64-on-32bit.patch
Checksums-Sha1:
 45bd04052997dc4da900e4feab4548be44b0cbd4 4386 samba_4.17.4+dfsg-1.dsc
 d1d85aea5dd654015901100071da86b7064a0605 18416236 samba_4.17.4+dfsg.orig.tar.xz
 d6a0954d6ae301d61e2299bdd32eeef11320550e 267156 samba_4.17.4+dfsg-1.debian.tar.xz
 198e1a518c651ed1bd9c88ec2bdd3fcba81e47d9 5983 samba_4.17.4+dfsg-1_source.buildinfo
Checksums-Sha256:
 6c34443b9cb0548ed507706ae449d517242a24f409cc4ae017c3f2413ba4a424 4386 samba_4.17.4+dfsg-1.dsc
 a7905360a0a0492efcdd2add64948a0aa1dddd7adebf480b1ede6075d8a7cb7f 18416236 samba_4.17.4+dfsg.orig.tar.xz
 db7d4ce308e490d96d264381a45dd12f2623900f3357d8dfc211330c5993b835 267156 samba_4.17.4+dfsg-1.debian.tar.xz
 19f0ca8d6aaea437c69797067c7a8cae544a2cc0cbb08052310da9999848f74e 5983 samba_4.17.4+dfsg-1_source.buildinfo
Files:
 b7331b6bb50d152c685fbfa99966b8a5 4386 net optional samba_4.17.4+dfsg-1.dsc
 4973f1d706181472379313f4337c73ce 18416236 net optional samba_4.17.4+dfsg.orig.tar.xz
 2cbabce68314f92eb3b874d548232e0b 267156 net optional samba_4.17.4+dfsg-1.debian.tar.xz
 c75b774860fa7508819db89eb0aeda4c 5983 net optional samba_4.17.4+dfsg-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAmObcP8PHG1qdEB0bHMu
bXNrLnJ1AAoJEHAbT2saaT5ZqtkIAK29TcfovUJcjnz3KhhdLZnvUiI9YXN/wU1N
zAtgYnKKbI3HF4CEKCRMsl5QGggsjnbYhD8sBaOyAn8gOFlhGOjakoAeAZm2gIJh
FIGtIu0n/s06Scfme7Tw3Xttoxz7CcFGFkhUFwgHVAn9VsenXVlEO27C/6NnuOiD
V3GEbhoQyDPhs1TGrsWbHIYs3c5/JJDB8u2+CD4l6Fw/iaqliJqFLWx5Pb6riFAV
rrtToZsPm+K5hQiJdwLbYpEC2bCwuGtoUZKv94DFm89FqVfSoGPKueF4nv0CKrhU
Fwf4Ub5Vu1mq8uhP296qrlXboH6SPoj4RC4IflrRwxlV3IIKwYE=
=MYLx
-----END PGP SIGNATURE-----




More information about the Pkg-samba-maint mailing list