* Merge from Debian unstable, remaining changes:
+ debian/patches/VERSION.patch:
- set SAMBA_VERSION_SUFFIX to Ubuntu.
+ debian/smb.conf:
- add "(Samba, Ubuntu)" to server string.
- comment out the default [homes] share, and add a comment about
"valid users = %S" to show users how to restrict access to \\server\username to only username.
- Other changes now in Debian packaging.
+ debian/samba-common.config:
- Do not change priority to high if dhclient3 is installed.
- Use priority medium instead of high for the workgroup question.
+ debian/control:
- Don't build against or suggest ctdb.
- Add dependency on samba-common-bin to samba.
+ Add ufw integration:
- Created debian/samba.ufw.profile
- debian/rules, debian/samba.install: install profile.
- debian/control: have samba suggest ufw.
+ Add apport hook:
- Created debian/source_samba.py.
- debian/rules, debian/samba-common-bin.install: install hook.
+ Switch to upstart:
- Added debian/samba.{nmbd,smbd}.upstart.
- debian/samba.logrotate, debian/samba-common.dhcp, debian/samba.if-up:
Make upstart compatible.
* d/samba.install, d/samba-common-bin.install: Restore apport hook and ufw
profile (LP: #999764).
* Dropped:
+ debian/patches/CVE-2012-1182-*.patch: fixed in upstream release 3.6.4.
+ debian/patches/CVE-2012-2111.patch: fixed in upstream release 3.6.5.
+ debian/patches/fix-debuglevel-name-conflict.patch: fixed upstream -
debug_level is no longer used as a global variable name.
+ debian/patches/error-trans.fix-276472: fixed upstream.
samba (2:3.6.5-2) unstable; urgency=low
* The yearly "SambaXP bug cleaning party" release. 11 years
SambaXP, 20 years Samba and counting...
* Make samba-common "Multi-Arch: foreign"
* Adapt patch in upstream #7499 and stop nss_wins clobbering other
daemon's logfiles. Closes: #598313
* Add some mention about some use for the user information in Kerberos
environments in the smbspool manpage. Closes: #387266
* Drop link to no longer provided "Using Samba" documentation in
HTML documentation summary file. Closes: #604768
* Provide WHATSNEW.txt in samba-doc too as it is linked from the
documentation summary file. Do not compress that file.
* Fix link to WHATSNEW.txt in HTML documentation summary file. This
is the second part of the fix for #604768
* Use lp_state_dir() instead of get_dyn_STATEDIR() in
fhs-filespaths.patch as the latter does indeed hardcode the
location for passdb.tdb and secrets.tdb to /var/lib/samba
(the compile-time option for state directory and NOT the configurable
value). This is left to "state directory" instead of "private dir"
at least as of now, because if doesn't change anything to the
current behaviour, but allows the files' location to be configurable
through "state directory" (and not "private dir").
Closes: #249873
* Disable useless smbtorture4 build. Thanks to Ivo De Decker for the patch.
Closes: #670561
* Add upstream commit that adds waf source to the buildtools/
directory. As upstream will, one day or another, merge this, I
prefer this over removing the waf binary and repack upstream
tarball.
Closes: #654499
* Build-Conflict with python-ldb and python-ldb-dev to avoid build
failures when some versions of these packages are locally installed.
Closes: #657314
* Rename fix-samba.ldip-syntax.patch to fix-samba.ldif-syntax.patch
* Split NSS modules into a new libnss-winbind binary package.
Closes: #646292
* Add a NEWS.Debian entry about the libnss-winbind split and, while at
it, add an entry for libpam-winbind too (as it will affect upgrades
from squeeze).
* Drop code that was moving files around in samba.postinst and
winbind.postinst for pre-squeeze versions of the package.
* Drop code that was modifying a deprecated "passdb backend" setting
in smb.conf for pre-squeeze versions of the package (in
samba-common.config).
* Add Should-Start dependency to winbind init script to guarantee
that the samba init script is started before winbind if present.
Closes: #638066
* Provide a (basic) manpage to smbtorture(1). Closes: #528735
* Turkish debconf translation update (Atila KOÇ). Closes: #672447
* Drop the code that generates an smbpasswd file from the system's
user list. This adds very long delays on systems with many users,
including those with external user backends. It also makes much
less sense nowadays and the use of libpam-smbpass can easily
fill most of the needs. Closes: #671926
* Merged from Ubuntu:
- Set 'usershare allow guests', so that usershare admins are
allowed to create public shares in addition to authenticated
ones.
- add map to guest = Bad user, maps bad username to guest access.
This allows for anonymous user shares. Closes: #672497
samba (2:3.6.5-1) unstable; urgency=low
* New upstream release. Fixes CVE-2012-2111: Incorrect permission
checks when granting/removing privileges can compromise file
server security.
* Build-Depend on debhelper >= 9~ (which is in unstable for a few
months now)
* Use "set -e" in maintainer scripts instead of passing -e in the
shebang line
* Update Standards to 3.9.3 (checked, no change)
samba (2:3.6.4-1) unstable; urgency=low
[ Christian Perrier ]
* Two changes in the previous version should indeed read:
- samba.postinst: Avoid scary pdbedit warnings on first import.
- samba-common.postinst: Add more informative error message for the case
where smb.conf was manually deleted.
Closes: #664509
[ Jelmer Vernooij ]
* New upstream release.
+ Fixes CVE-2012-1182: PIDL based autogenerated code allows overwriting
beyond of allocated array.
-- James Page <email address hidden> Tue, 15 May 2012 17:00:56 +0100
This bug was fixed in the package samba - 2:3.6.5-2ubuntu1
---------------
samba (2:3.6.5-2ubuntu1) quantal; urgency=low
* Merge from Debian unstable, remaining changes: patches/ VERSION. patch: SUFFIX to Ubuntu.
\\server\ username to only username. samba-common. config: samba.ufw. profile samba.install: install profile. source_ samba.py. samba-common- bin.install: install hook. samba.{ nmbd,smbd} .upstart. samba.logrotate , debian/ samba-common. dhcp, debian/samba.if-up: common- bin.install: Restore apport hook and ufw patches/ CVE-2012- 1182-*. patch: fixed in upstream release 3.6.4. patches/ CVE-2012- 2111.patch: fixed in upstream release 3.6.5. patches/ fix-debuglevel- name-conflict. patch: fixed upstream - patches/ error-trans. fix-276472: fixed upstream.
+ debian/
- set SAMBA_VERSION_
+ debian/smb.conf:
- add "(Samba, Ubuntu)" to server string.
- comment out the default [homes] share, and add a comment about
"valid users = %S" to show users how to restrict access to
- Other changes now in Debian packaging.
+ debian/
- Do not change priority to high if dhclient3 is installed.
- Use priority medium instead of high for the workgroup question.
+ debian/control:
- Don't build against or suggest ctdb.
- Add dependency on samba-common-bin to samba.
+ Add ufw integration:
- Created debian/
- debian/rules, debian/
- debian/control: have samba suggest ufw.
+ Add apport hook:
- Created debian/
- debian/rules, debian/
+ Switch to upstart:
- Added debian/
- debian/
Make upstart compatible.
* d/samba.install, d/samba-
profile (LP: #999764).
* Dropped:
+ debian/
+ debian/
+ debian/
debug_level is no longer used as a global variable name.
+ debian/
samba (2:3.6.5-2) unstable; urgency=low
* The yearly "SambaXP bug cleaning party" release. 11 years filespaths. patch as the latter does indeed hardcode the ldip-syntax. patch to fix-samba. ldif-syntax. patch postinst for pre-squeeze versions of the package. common. config) .
SambaXP, 20 years Samba and counting...
* Make samba-common "Multi-Arch: foreign"
* Adapt patch in upstream #7499 and stop nss_wins clobbering other
daemon's logfiles. Closes: #598313
* Add some mention about some use for the user information in Kerberos
environments in the smbspool manpage. Closes: #387266
* Drop link to no longer provided "Using Samba" documentation in
HTML documentation summary file. Closes: #604768
* Provide WHATSNEW.txt in samba-doc too as it is linked from the
documentation summary file. Do not compress that file.
* Fix link to WHATSNEW.txt in HTML documentation summary file. This
is the second part of the fix for #604768
* Use lp_state_dir() instead of get_dyn_STATEDIR() in
fhs-
location for passdb.tdb and secrets.tdb to /var/lib/samba
(the compile-time option for state directory and NOT the configurable
value). This is left to "state directory" instead of "private dir"
at least as of now, because if doesn't change anything to the
current behaviour, but allows the files' location to be configurable
through "state directory" (and not "private dir").
Closes: #249873
* Disable useless smbtorture4 build. Thanks to Ivo De Decker for the patch.
Closes: #670561
* Add upstream commit that adds waf source to the buildtools/
directory. As upstream will, one day or another, merge this, I
prefer this over removing the waf binary and repack upstream
tarball.
Closes: #654499
* Build-Conflict with python-ldb and python-ldb-dev to avoid build
failures when some versions of these packages are locally installed.
Closes: #657314
* Rename fix-samba.
* Split NSS modules into a new libnss-winbind binary package.
Closes: #646292
* Add a NEWS.Debian entry about the libnss-winbind split and, while at
it, add an entry for libpam-winbind too (as it will affect upgrades
from squeeze).
* Drop code that was moving files around in samba.postinst and
winbind.
* Drop code that was modifying a deprecated "passdb backend" setting
in smb.conf for pre-squeeze versions of the package (in
samba-
* Add Should-Start dependency to winbind init script to guarantee
that the samba init script is started before winbind if present.
Closes: #638066
* Provide a (basic) manpage to smbtorture(1). Closes: #528735
* Turkish debconf translation update (Atila KOÇ). Closes: #672447
* Drop the code that generates an smbpasswd file from the system's
user list. This adds very long delays on systems with many users,
including those with external user backends. It also makes much
less sense nowadays and the use of libpam-smbpass can easily
fill most of the needs. Closes: #671926
* Merged from Ubuntu:
- Set 'usershare allow guests', so that usershare admins are
allowed to create public shares in addition to authenticated
ones.
- add map to guest = Bad user, maps bad username to guest access.
This allows for anonymous user shares. Closes: #672497
samba (2:3.6.5-1) unstable; urgency=low
* New upstream release. Fixes CVE-2012-2111: Incorrect permission
checks when granting/removing privileges can compromise file
server security.
* Build-Depend on debhelper >= 9~ (which is in unstable for a few
months now)
* Use "set -e" in maintainer scripts instead of passing -e in the
shebang line
* Update Standards to 3.9.3 (checked, no change)
samba (2:3.6.4-1) unstable; urgency=low
[ Christian Perrier ] postinst: Add more informative error message for the case
* Two changes in the previous version should indeed read:
- samba.postinst: Avoid scary pdbedit warnings on first import.
- samba-common.
where smb.conf was manually deleted.
Closes: #664509
[ Jelmer Vernooij ]
* New upstream release.
+ Fixes CVE-2012-1182: PIDL based autogenerated code allows overwriting
beyond of allocated array.
-- James Page <email address hidden> Tue, 15 May 2012 17:00:56 +0100