Bug #1700527 “removal of patch fix-1584485-trusty missed a d/rul...” : Bugs : samba package : Ubuntu

Andreas Hasenack (ahasenack) on 2017-06-26

description:

updated

Andreas Hasenack (ahasenack) on 2017-08-03

Changed in samba (Ubuntu):
status:	In Progress → Confirmed
assignee:	Andreas Hasenack (ahasenack) → nobody

Andreas Hasenack (ahasenack) on 2017-08-10

Changed in samba (Ubuntu):
assignee:	nobody → Andreas Hasenack (ahasenack)
status:	Confirmed → In Progress

Revision history for this message

Launchpad Janitor (janitor) wrote on 2017-08-17:

#1

This bug was fixed in the package samba - 2:4.6.5+dfsg-8ubuntu1

---------------
samba (2:4.6.5+dfsg-8ubuntu1) artful; urgency=medium

  * Merge with Debian unstable (LP: #1700644). Remaining changes:
    - debian/VERSION.patch: Update vendor string to "Ubuntu".
    - debian/smb.conf;
      + Add "(Samba, Ubuntu)" to server string.
      + Comment out the default [homes] share, and add a comment about
        "valid users = %s" to show users how to restrict access to
        \\server\username to only username.
    - debian/samba-common.config:
      + Do not change priority to high if dhclient3 is installed.
    - Add apport hook:
      + Created debian/source_samba.py.
      + debian/rules, debian/samba-common-bin.install: install hook.
    - Add extra DEP8 tests to samba (LP #1696823):
      + d/t/control: enable the new DEP8 tests
      + d/t/smbclient-anonymous-share-list: list available shares anonymously
      + d/t/smbclient-authenticated-share-list: list available shares using
        an authenticated connection
      + d/t/smbclient-share-access: create a share and download a file from it
      + d/t/cifs-share-access: access a file in a share using cifs
    - Ask the user if we can run testparm against the config file. If yes,
      include its stderr and exit status in the bug report. Otherwise, only
      include the exit status. (LP #1694334)
    - If systemctl is available, use it to query the status of the smbd
      service before trying to reload it. Otherwise, keep the same check
      as before and reload the service based on the existence of the
      initscript. (LP #1579597)
  * Drop:
    - d/rules: Compile winbindd/winbindd statically. (LP: #1700527)
      [This hunk was missed in 2:4.5.8+dfsg-2ubuntu2 when patch
      fix-1584485.patch was dropped there.]
    - d/p/krb_zero_cursor.patch - apply proposed-upstream fix for
      pam_winbind krb5_ccache_type=FILE failure
      [Replaced by d/p/s3-gse_krb5-fix-a-possible-crash-in-fill_mem_keytab.patch
      in 2:4.6.5+dfsg-3 that closed Debian's bug #739768]
    - debian/patches/winbind_trusted_domains.patch: make sure domain
      members can talk to trusted domains DCs.
      [Upstream committed a different fix, see updated patch attached to
      https://bugzilla.samba.org/show_bug.cgi?id=11830]
    - d/control: add libcephfs-dev as b-d to build vfs_ceph
      [Adopted by Debian in 2:4.6.5+dfsg-1]
    - debian/patches/CVE-2017-11103.patch: use encrypted service
      name rather than unencrypted (and therefore spoofable) version
      in heimdal
      [Adopted by Debian as
      d/p/CVE-2017-11103-Orpheus-Lyre-KDC-REP-service-name-val.patch]
    - Cherrypick upstream patch to fix FTBFS with new ceph lib.
      [Merged upstream in 4.6.0rc1]
  * Disable glusterfs support because it's not in main.
    MIR bug is https://launchpad.net/bugs/1274247

-- Andreas Hasenack <email address hidden> Thu, 10 Aug 2017 22:20:22 -0300

This bug was fixed in the package samba - 2:4.6.5+dfsg-8ubuntu1

---------------
samba (2:4.6.5+dfsg-8ubuntu1) artful; urgency=medium

* Merge with Debian unstable (LP: #1700644). Remaining changes:
    - debian/VERSION.patch: Update vendor string to "Ubuntu".
    - debian/smb.conf;
      + Add "(Samba, Ubuntu)" to server string.
      + Comment out the default [homes] share, and add a comment about
        "valid users = %s" to show users how to restrict access to
        \\server\username to only username.
    - debian/samba-common.config:
      + Do not change priority to high if dhclient3 is installed.
    - Add apport hook:
      + Created debian/source_samba.py.
      + debian/rules, debian/samba-common-bin.install: install hook.
    - Add extra DEP8 tests to samba (LP #1696823):
      + d/t/control: enable the new DEP8 tests
      + d/t/smbclient-anonymous-share-list: list available shares anonymously
      + d/t/smbclient-authenticated-share-list: list available shares using
        an authenticated connection
      + d/t/smbclient-share-access: create a share and download a file from it
      + d/t/cifs-share-access: access a file in a share using cifs
    - Ask the user if we can run testparm against the config file. If yes,
      include its stderr and exit status in the bug report. Otherwise, only
      include the exit status. (LP #1694334)
    - If systemctl is available, use it to query the status of the smbd
      service before trying to reload it. Otherwise, keep the same check
      as before and reload the service based on the existence of the
      initscript. (LP #1579597)
  * Drop:
    - d/rules: Compile winbindd/winbindd statically. (LP: #1700527)
      [This hunk was missed in 2:4.5.8+dfsg-2ubuntu2 when patch
      fix-1584485.patch was dropped there.]
    - d/p/krb_zero_cursor.patch - apply proposed-upstream fix for
      pam_winbind krb5_ccache_type=FILE failure
      [Replaced by d/p/s3-gse_krb5-fix-a-possible-crash-in-fill_mem_keytab.patch
      in 2:4.6.5+dfsg-3 that closed Debian's bug #739768]
    - debian/patches/winbind_trusted_domains.patch: make sure domain
      members can talk to trusted domains DCs.
      [Upstream committed a different fix, see updated patch attached to
      https://bugzilla.samba.org/show_bug.cgi?id=11830]
    - d/control: add libcephfs-dev as b-d to build vfs_ceph
      [Adopted by Debian in 2:4.6.5+dfsg-1]
    - debian/patches/CVE-2017-11103.patch: use encrypted service
      name rather than unencrypted (and therefore spoofable) version
      in heimdal
      [Adopted by Debian as
      d/p/CVE-2017-11103-Orpheus-Lyre-KDC-REP-service-name-val.patch]
    - Cherrypick upstream patch to fix FTBFS with new ceph lib.
      [Merged upstream in 4.6.0rc1]
  * Disable glusterfs support because it's not in main.
    MIR bug is https://launchpad.net/bugs/1274247

-- Andreas Hasenack <andreas@canonical.com>  Thu, 10 Aug 2017 22:20:22 -0300

Changed in samba (Ubuntu):
status:	In Progress → Fix Released

Ubuntu
samba package

removal of patch fix-1584485-trusty missed a d/rules change

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntusamba package