enterprise-support team mailing list archive

Thread
Date

[Bug 1700644] Re: Please merge with Debian 2:4.6.5+dfsg-8 or later

To: enterprise-support@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1700644@xxxxxxxxxxxxxxxxxx>
Date: Thu, 17 Aug 2017 14:02:20 -0000
Reply-to: Bug 1700644 <1700644@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package samba - 2:4.6.5+dfsg-8ubuntu1

---------------
samba (2:4.6.5+dfsg-8ubuntu1) artful; urgency=medium

  * Merge with Debian unstable (LP: #1700644). Remaining changes:
    - debian/VERSION.patch: Update vendor string to "Ubuntu".
    - debian/smb.conf;
      + Add "(Samba, Ubuntu)" to server string.
      + Comment out the default [homes] share, and add a comment about
        "valid users = %s" to show users how to restrict access to
        \\server\username to only username.
    - debian/samba-common.config:
      + Do not change priority to high if dhclient3 is installed.
    - Add apport hook:
      + Created debian/source_samba.py.
      + debian/rules, debian/samba-common-bin.install: install hook.
    - Add extra DEP8 tests to samba (LP #1696823):
      + d/t/control: enable the new DEP8 tests
      + d/t/smbclient-anonymous-share-list: list available shares anonymously
      + d/t/smbclient-authenticated-share-list: list available shares using
        an authenticated connection
      + d/t/smbclient-share-access: create a share and download a file from it
      + d/t/cifs-share-access: access a file in a share using cifs
    - Ask the user if we can run testparm against the config file. If yes,
      include its stderr and exit status in the bug report. Otherwise, only
      include the exit status. (LP #1694334)
    - If systemctl is available, use it to query the status of the smbd
      service before trying to reload it. Otherwise, keep the same check
      as before and reload the service based on the existence of the
      initscript. (LP #1579597)
  * Drop:
    - d/rules: Compile winbindd/winbindd statically. (LP: #1700527)
      [This hunk was missed in 2:4.5.8+dfsg-2ubuntu2 when patch
      fix-1584485.patch was dropped there.]
    - d/p/krb_zero_cursor.patch - apply proposed-upstream fix for
      pam_winbind krb5_ccache_type=FILE failure
      [Replaced by d/p/s3-gse_krb5-fix-a-possible-crash-in-fill_mem_keytab.patch
      in 2:4.6.5+dfsg-3 that closed Debian's bug #739768]
    - debian/patches/winbind_trusted_domains.patch: make sure domain
      members can talk to trusted domains DCs.
      [Upstream committed a different fix, see updated patch attached to
      https://bugzilla.samba.org/show_bug.cgi?id=11830]
    - d/control: add libcephfs-dev as b-d to build vfs_ceph
      [Adopted by Debian in 2:4.6.5+dfsg-1]
    - debian/patches/CVE-2017-11103.patch: use encrypted service
      name rather than unencrypted (and therefore spoofable) version
      in heimdal
      [Adopted by Debian as
      d/p/CVE-2017-11103-Orpheus-Lyre-KDC-REP-service-name-val.patch]
    - Cherrypick upstream patch to fix FTBFS with new ceph lib.
      [Merged upstream in 4.6.0rc1]
  * Disable glusterfs support because it's not in main.
    MIR bug is https://launchpad.net/bugs/1274247

 -- Andreas Hasenack <andreas@xxxxxxxxxxxxx>  Thu, 10 Aug 2017 22:20:22
-0300

** Changed in: samba (Ubuntu)
       Status: In Progress => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-11103

-- 
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to samba in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/1700644

Title:
  Please merge with Debian 2:4.6.5+dfsg-8 or later

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1700644/+subscriptions

References

[Bug 1700644] [NEW] Please merge with Debian 2:4.6.5+dfsg-2 or later
From: Andreas Hasenack, 2017-06-26