Package: samba | Debian Sources

Package: samba / 2:4.5.16+dfsg-1+deb9u2

Metadata

Package	Version	Patches format
samba	2:4.5.16+dfsg-1+deb9u2	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
05_share_ldb_module \| (download)	source4/param/wscript_build \| 5 3 + 2 - 0 ! 1 file changed, 3 insertions(+), 2 deletions(-)	---
07_private_lib \| (download)	buildtools/wafsamba/samba_utils.py \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	always specify rpath for private libraries
bug_221618_precise 64bit prototype.patch \| (download)	source3/include/libsmbclient.h \| 10 10 + 0 - 0 ! 1 file changed, 10 insertions(+)	64 bit fix for libsmbclient
README_nosmbldap tools.patch \| (download)	examples/LDAP/README \| 3 3 + 0 - 0 ! 1 file changed, 3 insertions(+)	mention smbldap-tools package in examples/ldap/readme
smbclient pager.patch \| (download)	source3/include/local.h \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	use the pager alternative as pager is pager is undefined
usershare.patch \| (download)	docs-xml/smbdotconf/misc/usersharemaxshares.xml \| 2 1 + 1 - 0 ! docs/manpages/net.8 \| 4 2 + 2 - 0 ! lib/param/loadparm.c \| 2 2 + 0 - 0 ! source3/param/loadparm.c \| 2 1 + 1 - 0 ! 4 files changed, 6 insertions(+), 4 deletions(-)	enable net usershares by default at build time Enable net usershares by default at build time, with a limit of 100, and update the corresponding documentation.
VERSION.patch \| (download)	VERSION \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	add "debian" as vendor suffix
add so version to private libraries \| (download)	buildtools/wafsamba/wafsamba.py \| 3 3 + 0 - 0 ! 1 file changed, 3 insertions(+)	add so version number to private libraries for dpkg-shlibdeps
xsltproc_dont_build_smb.conf.5.patch \| (download)	docs-xml/wscript_build \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	don't build smb.conf.5 manpage This is a temporary workaround for a bug in xsltproc, which crashes on some architectures when building the smb.conf.5 manpage
heimdal rfc3454.txt \| (download)	source4/heimdal/lib/wind/rfc3454.txt-table \| 7074 7074 + 0 - 0 ! source4/heimdal_build/wscript_build \| 6 3 + 3 - 0 ! 2 files changed, 7077 insertions(+), 3 deletions(-)	patch in symbol table from rfc3454, for heimdal scripts.
no_build_env.patch \| (download)	source3/script/build_env.sh \| 11 0 + 11 - 0 ! 1 file changed, 11 deletions(-)	[patch] remove unreproducible build environment
no_build_system.patch \| (download)	buildtools/wafsamba/wscript \| 1 0 + 1 - 0 ! 1 file changed, 1 deletion(-)	drop host-specific define that prevents reproducible builds
Skip raw.write tests.patch \| (download)	selftest/quick \| 3 2 + 1 - 0 ! 1 file changed, 2 insertions(+), 1 deletion(-)	skip raw.write tests for now as they fail on 32-bit
systemd syslog.target is obsolete.patch \| (download)	packaging/systemd/nmb.service \| 2 1 + 1 - 0 ! packaging/systemd/samba.service \| 2 1 + 1 - 0 ! packaging/systemd/smb.service \| 2 1 + 1 - 0 ! packaging/systemd/winbind.service \| 2 1 + 1 - 0 ! 4 files changed, 4 insertions(+), 4 deletions(-)	systemd: syslog.target is obsolete After=syslog.target is unnecessary by now because syslog is socket-activated and will therefore be started when needed. Ref: https://lintian.debian.org/tags/systemd-service-file-refers-to-obsolete-target.html
Add documentation to systemd Unit files.patch \| (download)	ctdb/config/ctdb.service \| 1 1 + 0 - 0 ! packaging/systemd/nmb.service \| 1 1 + 0 - 0 ! packaging/systemd/samba.service \| 1 1 + 0 - 0 ! packaging/systemd/smb.service \| 1 1 + 0 - 0 ! packaging/systemd/winbind.service \| 1 1 + 0 - 0 ! 5 files changed, 5 insertions(+)	add documentation to systemd unit files
fix_kill_path_in_units.patch \| (download)	packaging/systemd/nmb.service \| 2 1 + 1 - 0 ! packaging/systemd/samba.service \| 2 1 + 1 - 0 ! packaging/systemd/smb.service \| 2 1 + 1 - 0 ! packaging/systemd/winbind.service \| 2 1 + 1 - 0 ! 4 files changed, 4 insertions(+), 4 deletions(-)	fix kill path Debian-bug: https://bugs.debian.org/828730
nmbd requires a working network.patch \| (download)	packaging/systemd/nmb.service \| 3 2 + 1 - 0 ! 1 file changed, 2 insertions(+), 1 deletion(-)	nmbd requires a working network Bug-Debian: https://bugs.debian.org/698056 Bug-Debian: https://bugs.debian.org/842056 Bug-Debian: https://bugs.debian.org/840608 Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1635491
provision Update root DNS servers list.patch \| (download)	python/samba/provision/sambadns.py \| 14 11 + 3 - 0 ! 1 file changed, 11 insertions(+), 3 deletions(-)	[patch] provision: update root dns servers list Signed-off-by: Amitay Isaacs <amitay@gmail.com>
CVE 2018 10919.patch \| (download)	libcli/security/access_check.c \| 126 91 + 35 - 0 ! selftest/knownfail.d/acl \| 2 1 + 1 - 0 ! selftest/knownfail.d/confidential_attr \| 30 15 + 15 - 0 ! source4/dsdb/samdb/ldb_modules/acl_read.c \| 351 307 + 44 - 0 ! source4/dsdb/tests/python/acl.py \| 68 68 + 0 - 0 ! source4/dsdb/tests/python/confidential_attr.py \| 1077 1051 + 26 - 0 ! source4/dsdb/tests/python/ldap.py \| 9 9 + 0 - 0 ! source4/selftest/tests.py \| 3 3 + 0 - 0 ! 8 files changed, 1545 insertions(+), 121 deletions(-)	[patch 01/11] cve-2018-10919 security: move object-specific access checks into separate function Object-specific access checks refer to a specific section of the MS-ADTS, and the code closely matches the spec. We need to extend this logic to properly handle the Control-Access Right (CR), so it makes sense to split the logic out into its own function. This patch just moves the code, and should not alter the logic (apart from ading in the boolean grant_access return variable. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434 Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
CVE 2018 10858 4.6.patch \| (download)	source3/libsmb/libsmb_dir.c \| 57 50 + 7 - 0 ! source3/libsmb/libsmb_path.c \| 11 8 + 3 - 0 ! 2 files changed, 58 insertions(+), 10 deletions(-)	[patch 1/2] libsmb: ensure smbc_urlencode() can't overwrite passed in buffer. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13453 CVE-2018-10858: Insufficient input validation on client directory listing in libsmbclient. Signed-off-by: Jeremy Allison <jra@samba.org>
CVE 2018 14629 v4 5.patch \| (download)	python/samba/tests/dns.py \| 120 120 + 0 - 0 ! python/samba/tests/dns_forwarder.py \| 11 8 + 3 - 0 ! selftest/knownfail.d/dns \| 19 17 + 2 - 0 ! source4/dns_server/dns_query.c \| 35 26 + 9 - 0 ! 4 files changed, 171 insertions(+), 14 deletions(-)	[patch 1/4] cve-2018-14629 dns: cname loop prevention using counter Count number of answers generated by internal DNS query routine and stop at 20 to match Microsoft's loop prevention mechanism. (backport to Samba 4.5) BUG: https://bugzilla.samba.org/show_bug.cgi?id=13600 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
CVE 2018 16841 master.patch \| (download)	source4/kdc/db-glue.c \| 6 3 + 3 - 0 ! testprogs/blackbox/test_pkinit_heimdal.sh \| 8 8 + 0 - 0 ! 2 files changed, 11 insertions(+), 3 deletions(-)	[patch 1/2] cve-2018-16841 heimdal: fix segfault on pkinit with mis-matching principal In Heimdal KRB5_KDC_ERR_CLIENT_NAME_MISMATCH is an enum, so we tried to double-free mem_ctx. This was introduced in 9a0263a7c316112caf0265237bfb2cfb3a3d370d for the MIT KDC effort. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13628 Signed-off-by: Andrew Bartlett <abartlet@samba.org>
CVE 2018 16851 master.patch \| (download)	source4/ldap_server/ldap_server.c \| 4 2 + 2 - 0 ! 1 file changed, 2 insertions(+), 2 deletions(-)	[patch] cve-2018-16851 ldap_server: check ret before manipulating blob In the case of hitting the talloc ~256MB limit, this causes a crash in the server. Note that you would actually need to load >256MB of data into the LDAP. Although there is some generated/hidden data which would help you reach that limit (descriptors and RMD blobs). BUG: https://bugzilla.samba.org/show_bug.cgi?id=13674 Signed-off-by: Garming Sam <garming@catalyst.net.nz>
fix rmdir.patch \| (download)	source3/libsmb/cli_smb2_fnum.c \| 136 135 + 1 - 0 ! source3/libsmb/cli_smb2_fnum.h \| 7 7 + 0 - 0 ! 2 files changed, 142 insertions(+), 1 deletion(-)	s3:libsmb: add cli_smb2_delete_on_close*() Signed-off-by: Stefan Metzmacher <metze@samba.org>
s3 ntlm_auth fix memory leak in manage_gensec_reques.patch \| (download)	source3/utils/ntlm_auth.c \| 15 9 + 6 - 0 ! 1 file changed, 9 insertions(+), 6 deletions(-)	[patch] s3:ntlm_auth: fix memory leak in manage_gensec_request() BUG: https://bugzilla.samba.org/show_bug.cgi?id=12736 Signed-off-by: Stefan Metzmacher <metze@samba.org>
CVE 2019 3880 v4 5 02.patch \| (download)	source3/rpc_server/winreg/srv_winreg_nt.c \| 96 6 + 90 - 0 ! 1 file changed, 6 insertions(+), 90 deletions(-)	[patch] cve-2019-3880 s3: rpc: winreg: remove implementations of SaveKey/RestoreKey. The were not using VFS backend calls and could only work locally, and were unsafe against symlink races and other security issues. If the incoming handle is valid, return WERR_BAD_PATHNAME. [MS-RRP] states "The format of the file name is implementation-specific" so ensure we don't allow this. As reported by Michael Hanselmann. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13851 Signed-off-by: Jeremy Allison <jra@samba.org>
CVE 2018 16860 v4 5 06.patch \| (download)	selftest/knownfail.d/mitm-s4u2self \| 1152 576 + 576 - 0 ! source4/heimdal/kdc/krb5tgs.c \| 7 7 + 0 - 0 ! source4/torture/krb5/kdc-canon-heimdal.c \| 115 111 + 4 - 0 ! 3 files changed, 694 insertions(+), 580 deletions(-)	[patch 1/2] cve-2018-16860 selftest: add test for s4u2self with unkeyed checksum BUG: https://bugzilla.samba.org/show_bug.cgi?id=13685 Signed-off-by: Isaac Boukris <iboukris@gmail.com> Signed-off-by: Andrew Bartlett <abartlet@samba.org>

Patch	File delta	Description
05_share_ldb_module \| (download)	source4/param/wscript_build \| 5 3 + 2 - 0 ! 1 file changed, 3 insertions(+), 2 deletions(-)	---
07_private_lib \| (download)	buildtools/wafsamba/samba_utils.py \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	always specify rpath for private libraries
bug_221618_precise 64bit prototype.patch \| (download)	source3/include/libsmbclient.h \| 10 10 + 0 - 0 ! 1 file changed, 10 insertions(+)	64 bit fix for libsmbclient
README_nosmbldap tools.patch \| (download)	examples/LDAP/README \| 3 3 + 0 - 0 ! 1 file changed, 3 insertions(+)	mention smbldap-tools package in examples/ldap/readme
smbclient pager.patch \| (download)	source3/include/local.h \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	use the pager alternative as pager is pager is undefined
usershare.patch \| (download)	docs-xml/smbdotconf/misc/usersharemaxshares.xml \| 2 1 + 1 - 0 ! docs/manpages/net.8 \| 4 2 + 2 - 0 ! lib/param/loadparm.c \| 2 2 + 0 - 0 ! source3/param/loadparm.c \| 2 1 + 1 - 0 ! 4 files changed, 6 insertions(+), 4 deletions(-)	enable net usershares by default at build time Enable net usershares by default at build time, with a limit of 100, and update the corresponding documentation.
VERSION.patch \| (download)	VERSION \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	add "debian" as vendor suffix
add so version to private libraries \| (download)	buildtools/wafsamba/wafsamba.py \| 3 3 + 0 - 0 ! 1 file changed, 3 insertions(+)	add so version number to private libraries for dpkg-shlibdeps
xsltproc_dont_build_smb.conf.5.patch \| (download)	docs-xml/wscript_build \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	don't build smb.conf.5 manpage This is a temporary workaround for a bug in xsltproc, which crashes on some architectures when building the smb.conf.5 manpage
heimdal rfc3454.txt \| (download)	source4/heimdal/lib/wind/rfc3454.txt-table \| 7074 7074 + 0 - 0 ! source4/heimdal_build/wscript_build \| 6 3 + 3 - 0 ! 2 files changed, 7077 insertions(+), 3 deletions(-)	patch in symbol table from rfc3454, for heimdal scripts.
no_build_env.patch \| (download)	source3/script/build_env.sh \| 11 0 + 11 - 0 ! 1 file changed, 11 deletions(-)	[patch] remove unreproducible build environment
no_build_system.patch \| (download)	buildtools/wafsamba/wscript \| 1 0 + 1 - 0 ! 1 file changed, 1 deletion(-)	drop host-specific define that prevents reproducible builds
Skip raw.write tests.patch \| (download)	selftest/quick \| 3 2 + 1 - 0 ! 1 file changed, 2 insertions(+), 1 deletion(-)	skip raw.write tests for now as they fail on 32-bit
systemd syslog.target is obsolete.patch \| (download)	packaging/systemd/nmb.service \| 2 1 + 1 - 0 ! packaging/systemd/samba.service \| 2 1 + 1 - 0 ! packaging/systemd/smb.service \| 2 1 + 1 - 0 ! packaging/systemd/winbind.service \| 2 1 + 1 - 0 ! 4 files changed, 4 insertions(+), 4 deletions(-)	systemd: syslog.target is obsolete After=syslog.target is unnecessary by now because syslog is socket-activated and will therefore be started when needed. Ref: https://lintian.debian.org/tags/systemd-service-file-refers-to-obsolete-target.html
Add documentation to systemd Unit files.patch \| (download)	ctdb/config/ctdb.service \| 1 1 + 0 - 0 ! packaging/systemd/nmb.service \| 1 1 + 0 - 0 ! packaging/systemd/samba.service \| 1 1 + 0 - 0 ! packaging/systemd/smb.service \| 1 1 + 0 - 0 ! packaging/systemd/winbind.service \| 1 1 + 0 - 0 ! 5 files changed, 5 insertions(+)	add documentation to systemd unit files
fix_kill_path_in_units.patch \| (download)	packaging/systemd/nmb.service \| 2 1 + 1 - 0 ! packaging/systemd/samba.service \| 2 1 + 1 - 0 ! packaging/systemd/smb.service \| 2 1 + 1 - 0 ! packaging/systemd/winbind.service \| 2 1 + 1 - 0 ! 4 files changed, 4 insertions(+), 4 deletions(-)	fix kill path Debian-bug: https://bugs.debian.org/828730
nmbd requires a working network.patch \| (download)	packaging/systemd/nmb.service \| 3 2 + 1 - 0 ! 1 file changed, 2 insertions(+), 1 deletion(-)	nmbd requires a working network Bug-Debian: https://bugs.debian.org/698056 Bug-Debian: https://bugs.debian.org/842056 Bug-Debian: https://bugs.debian.org/840608 Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1635491
provision Update root DNS servers list.patch \| (download)	python/samba/provision/sambadns.py \| 14 11 + 3 - 0 ! 1 file changed, 11 insertions(+), 3 deletions(-)	[patch] provision: update root dns servers list Signed-off-by: Amitay Isaacs <amitay@gmail.com>
CVE 2018 10919.patch \| (download)	libcli/security/access_check.c \| 126 91 + 35 - 0 ! selftest/knownfail.d/acl \| 2 1 + 1 - 0 ! selftest/knownfail.d/confidential_attr \| 30 15 + 15 - 0 ! source4/dsdb/samdb/ldb_modules/acl_read.c \| 351 307 + 44 - 0 ! source4/dsdb/tests/python/acl.py \| 68 68 + 0 - 0 ! source4/dsdb/tests/python/confidential_attr.py \| 1077 1051 + 26 - 0 ! source4/dsdb/tests/python/ldap.py \| 9 9 + 0 - 0 ! source4/selftest/tests.py \| 3 3 + 0 - 0 ! 8 files changed, 1545 insertions(+), 121 deletions(-)	[patch 01/11] cve-2018-10919 security: move object-specific access checks into separate function Object-specific access checks refer to a specific section of the MS-ADTS, and the code closely matches the spec. We need to extend this logic to properly handle the Control-Access Right (CR), so it makes sense to split the logic out into its own function. This patch just moves the code, and should not alter the logic (apart from ading in the boolean grant_access return variable. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434 Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
CVE 2018 10858 4.6.patch \| (download)	source3/libsmb/libsmb_dir.c \| 57 50 + 7 - 0 ! source3/libsmb/libsmb_path.c \| 11 8 + 3 - 0 ! 2 files changed, 58 insertions(+), 10 deletions(-)	[patch 1/2] libsmb: ensure smbc_urlencode() can't overwrite passed in buffer. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13453 CVE-2018-10858: Insufficient input validation on client directory listing in libsmbclient. Signed-off-by: Jeremy Allison <jra@samba.org>
CVE 2018 14629 v4 5.patch \| (download)	python/samba/tests/dns.py \| 120 120 + 0 - 0 ! python/samba/tests/dns_forwarder.py \| 11 8 + 3 - 0 ! selftest/knownfail.d/dns \| 19 17 + 2 - 0 ! source4/dns_server/dns_query.c \| 35 26 + 9 - 0 ! 4 files changed, 171 insertions(+), 14 deletions(-)	[patch 1/4] cve-2018-14629 dns: cname loop prevention using counter Count number of answers generated by internal DNS query routine and stop at 20 to match Microsoft's loop prevention mechanism. (backport to Samba 4.5) BUG: https://bugzilla.samba.org/show_bug.cgi?id=13600 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
CVE 2018 16841 master.patch \| (download)	source4/kdc/db-glue.c \| 6 3 + 3 - 0 ! testprogs/blackbox/test_pkinit_heimdal.sh \| 8 8 + 0 - 0 ! 2 files changed, 11 insertions(+), 3 deletions(-)	[patch 1/2] cve-2018-16841 heimdal: fix segfault on pkinit with mis-matching principal In Heimdal KRB5_KDC_ERR_CLIENT_NAME_MISMATCH is an enum, so we tried to double-free mem_ctx. This was introduced in 9a0263a7c316112caf0265237bfb2cfb3a3d370d for the MIT KDC effort. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13628 Signed-off-by: Andrew Bartlett <abartlet@samba.org>
CVE 2018 16851 master.patch \| (download)	source4/ldap_server/ldap_server.c \| 4 2 + 2 - 0 ! 1 file changed, 2 insertions(+), 2 deletions(-)	[patch] cve-2018-16851 ldap_server: check ret before manipulating blob In the case of hitting the talloc ~256MB limit, this causes a crash in the server. Note that you would actually need to load >256MB of data into the LDAP. Although there is some generated/hidden data which would help you reach that limit (descriptors and RMD blobs). BUG: https://bugzilla.samba.org/show_bug.cgi?id=13674 Signed-off-by: Garming Sam <garming@catalyst.net.nz>
fix rmdir.patch \| (download)	source3/libsmb/cli_smb2_fnum.c \| 136 135 + 1 - 0 ! source3/libsmb/cli_smb2_fnum.h \| 7 7 + 0 - 0 ! 2 files changed, 142 insertions(+), 1 deletion(-)	s3:libsmb: add cli_smb2_delete_on_close*() Signed-off-by: Stefan Metzmacher <metze@samba.org>
s3 ntlm_auth fix memory leak in manage_gensec_reques.patch \| (download)	source3/utils/ntlm_auth.c \| 15 9 + 6 - 0 ! 1 file changed, 9 insertions(+), 6 deletions(-)	[patch] s3:ntlm_auth: fix memory leak in manage_gensec_request() BUG: https://bugzilla.samba.org/show_bug.cgi?id=12736 Signed-off-by: Stefan Metzmacher <metze@samba.org>
CVE 2019 3880 v4 5 02.patch \| (download)	source3/rpc_server/winreg/srv_winreg_nt.c \| 96 6 + 90 - 0 ! 1 file changed, 6 insertions(+), 90 deletions(-)	[patch] cve-2019-3880 s3: rpc: winreg: remove implementations of SaveKey/RestoreKey. The were not using VFS backend calls and could only work locally, and were unsafe against symlink races and other security issues. If the incoming handle is valid, return WERR_BAD_PATHNAME. [MS-RRP] states "The format of the file name is implementation-specific" so ensure we don't allow this. As reported by Michael Hanselmann. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13851 Signed-off-by: Jeremy Allison <jra@samba.org>
CVE 2018 16860 v4 5 06.patch \| (download)	selftest/knownfail.d/mitm-s4u2self \| 1152 576 + 576 - 0 ! source4/heimdal/kdc/krb5tgs.c \| 7 7 + 0 - 0 ! source4/torture/krb5/kdc-canon-heimdal.c \| 115 111 + 4 - 0 ! 3 files changed, 694 insertions(+), 580 deletions(-)	[patch 1/2] cve-2018-16860 selftest: add test for s4u2self with unkeyed checksum BUG: https://bugzilla.samba.org/show_bug.cgi?id=13685 Signed-off-by: Isaac Boukris <iboukris@gmail.com> Signed-off-by: Andrew Bartlett <abartlet@samba.org>