Package: samba / 2:4.5.16+dfsg-1+deb9u2
Metadata
Package | Version | Patches format |
---|---|---|
samba | 2:4.5.16+dfsg-1+deb9u2 | 3.0 (quilt) |
Patch series
view the series filePatch | File delta | Description |
---|---|---|
05_share_ldb_module | (download) |
source4/param/wscript_build |
5 3 + 2 - 0 ! |
--- |
07_private_lib | (download) |
buildtools/wafsamba/samba_utils.py |
2 1 + 1 - 0 ! |
always specify rpath for private libraries |
bug_221618_precise 64bit prototype.patch | (download) |
source3/include/libsmbclient.h |
10 10 + 0 - 0 ! |
64 bit fix for libsmbclient |
README_nosmbldap tools.patch | (download) |
examples/LDAP/README |
3 3 + 0 - 0 ! |
mention smbldap-tools package in examples/ldap/readme |
smbclient pager.patch | (download) |
source3/include/local.h |
2 1 + 1 - 0 ! |
use the pager alternative as pager is pager is undefined |
usershare.patch | (download) |
docs-xml/smbdotconf/misc/usersharemaxshares.xml |
2 1 + 1 - 0 ! |
enable net usershares by default at build time Enable net usershares by default at build time, with a limit of 100, and update the corresponding documentation. |
VERSION.patch | (download) |
VERSION |
2 1 + 1 - 0 ! |
add "debian" as vendor suffix |
add so version to private libraries | (download) |
buildtools/wafsamba/wafsamba.py |
3 3 + 0 - 0 ! |
add so version number to private libraries for dpkg-shlibdeps |
xsltproc_dont_build_smb.conf.5.patch | (download) |
docs-xml/wscript_build |
2 1 + 1 - 0 ! |
don't build smb.conf.5 manpage This is a temporary workaround for a bug in xsltproc, which crashes on some architectures when building the smb.conf.5 manpage |
heimdal rfc3454.txt | (download) |
source4/heimdal/lib/wind/rfc3454.txt-table |
7074 7074 + 0 - 0 ! |
patch in symbol table from rfc3454, for heimdal scripts. |
no_build_env.patch | (download) |
source3/script/build_env.sh |
11 0 + 11 - 0 ! |
[patch] remove unreproducible build environment |
no_build_system.patch | (download) |
buildtools/wafsamba/wscript |
1 0 + 1 - 0 ! |
drop host-specific define that prevents reproducible builds |
Skip raw.write tests.patch | (download) |
selftest/quick |
3 2 + 1 - 0 ! |
skip raw.write tests for now as they fail on 32-bit |
systemd syslog.target is obsolete.patch | (download) |
packaging/systemd/nmb.service |
2 1 + 1 - 0 ! |
systemd: syslog.target is obsolete After=syslog.target is unnecessary by now because syslog is socket-activated and will therefore be started when needed. Ref: https://lintian.debian.org/tags/systemd-service-file-refers-to-obsolete-target.html |
Add documentation to systemd Unit files.patch | (download) |
ctdb/config/ctdb.service |
1 1 + 0 - 0 ! |
add documentation to systemd unit files |
fix_kill_path_in_units.patch | (download) |
packaging/systemd/nmb.service |
2 1 + 1 - 0 ! |
fix kill path Debian-bug: https://bugs.debian.org/828730 |
nmbd requires a working network.patch | (download) |
packaging/systemd/nmb.service |
3 2 + 1 - 0 ! |
nmbd requires a working network Bug-Debian: https://bugs.debian.org/698056 Bug-Debian: https://bugs.debian.org/842056 Bug-Debian: https://bugs.debian.org/840608 Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1635491 |
provision Update root DNS servers list.patch | (download) |
python/samba/provision/sambadns.py |
14 11 + 3 - 0 ! |
[patch] provision: update root dns servers list Signed-off-by: Amitay Isaacs <amitay@gmail.com> |
CVE 2018 10919.patch | (download) |
libcli/security/access_check.c |
126 91 + 35 - 0 ! |
[patch 01/11] cve-2018-10919 security: move object-specific access checks into separate function Object-specific access checks refer to a specific section of the MS-ADTS, and the code closely matches the spec. We need to extend this logic to properly handle the Control-Access Right (CR), so it makes sense to split the logic out into its own function. This patch just moves the code, and should not alter the logic (apart from ading in the boolean grant_access return variable. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434 Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> |
CVE 2018 10858 4.6.patch | (download) |
source3/libsmb/libsmb_dir.c |
57 50 + 7 - 0 ! |
[patch 1/2] libsmb: ensure smbc_urlencode() can't overwrite passed in buffer. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13453 CVE-2018-10858: Insufficient input validation on client directory listing in libsmbclient. Signed-off-by: Jeremy Allison <jra@samba.org> |
CVE 2018 14629 v4 5.patch | (download) |
python/samba/tests/dns.py |
120 120 + 0 - 0 ! |
[patch 1/4] cve-2018-14629 dns: cname loop prevention using counter Count number of answers generated by internal DNS query routine and stop at 20 to match Microsoft's loop prevention mechanism. (backport to Samba 4.5) BUG: https://bugzilla.samba.org/show_bug.cgi?id=13600 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> |
CVE 2018 16841 master.patch | (download) |
source4/kdc/db-glue.c |
6 3 + 3 - 0 ! |
[patch 1/2] cve-2018-16841 heimdal: fix segfault on pkinit with mis-matching principal In Heimdal KRB5_KDC_ERR_CLIENT_NAME_MISMATCH is an enum, so we tried to double-free mem_ctx. This was introduced in 9a0263a7c316112caf0265237bfb2cfb3a3d370d for the MIT KDC effort. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13628 Signed-off-by: Andrew Bartlett <abartlet@samba.org> |
CVE 2018 16851 master.patch | (download) |
source4/ldap_server/ldap_server.c |
4 2 + 2 - 0 ! |
[patch] cve-2018-16851 ldap_server: check ret before manipulating blob In the case of hitting the talloc ~256MB limit, this causes a crash in the server. Note that you would actually need to load >256MB of data into the LDAP. Although there is some generated/hidden data which would help you reach that limit (descriptors and RMD blobs). BUG: https://bugzilla.samba.org/show_bug.cgi?id=13674 Signed-off-by: Garming Sam <garming@catalyst.net.nz> |
fix rmdir.patch | (download) |
source3/libsmb/cli_smb2_fnum.c |
136 135 + 1 - 0 ! |
s3:libsmb: add cli_smb2_delete_on_close*() Signed-off-by: Stefan Metzmacher <metze@samba.org> |
s3 ntlm_auth fix memory leak in manage_gensec_reques.patch | (download) |
source3/utils/ntlm_auth.c |
15 9 + 6 - 0 ! |
[patch] s3:ntlm_auth: fix memory leak in manage_gensec_request() BUG: https://bugzilla.samba.org/show_bug.cgi?id=12736 Signed-off-by: Stefan Metzmacher <metze@samba.org> |
CVE 2019 3880 v4 5 02.patch | (download) |
source3/rpc_server/winreg/srv_winreg_nt.c |
96 6 + 90 - 0 ! |
[patch] cve-2019-3880 s3: rpc: winreg: remove implementations of SaveKey/RestoreKey. The were not using VFS backend calls and could only work locally, and were unsafe against symlink races and other security issues. If the incoming handle is valid, return WERR_BAD_PATHNAME. [MS-RRP] states "The format of the file name is implementation-specific" so ensure we don't allow this. As reported by Michael Hanselmann. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13851 Signed-off-by: Jeremy Allison <jra@samba.org> |
CVE 2018 16860 v4 5 06.patch | (download) |
selftest/knownfail.d/mitm-s4u2self |
1152 576 + 576 - 0 ! |
[patch 1/2] cve-2018-16860 selftest: add test for s4u2self with unkeyed checksum BUG: https://bugzilla.samba.org/show_bug.cgi?id=13685 Signed-off-by: Isaac Boukris <iboukris@gmail.com> Signed-off-by: Andrew Bartlett <abartlet@samba.org> |