-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 15 Nov 2022 19:26:10 +0300 Source: samba Architecture: source Version: 2:4.17.3+dfsg-1 Distribution: unstable Urgency: medium Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org> Changed-By: Michael Tokarev <mjt@tls.msk.ru> Closes: 1023759 Changes: samba (2:4.17.3+dfsg-1) unstable; urgency=medium . * new upstream security release 4.17.3, fixing the following issue: CVE-2022-42898: Heimdal Kerberos libraries suffers from an integer multiplication overflow vulnerability which affects 32bit platforms, see https://www.samba.org/samba/security/CVE-2022-42898.html This changes third_party/heimdal/, it does not affect mitkrb5 builds. * d/rules: stop stripping +dfsg suffix from ldb version * d/control: declare dependency on password (for groupadd in postinst) for winbind and samba (Closes: #1023759) * implement pkg.samba.mitkrb5 build profile to build with system mit-krb5 (with "mitkrb5" version suffix in some packages for now) * d/control: mark libufing-dev build dep with <!pkg.samba.nouring> (to simplify out-of-archive builds for older systems) * d/rules: parametrise list of packages to omit (eg on ubuntu-i386) with ${omit-pkgs} * d/rules: use variables in a more consistent way, use single ${config-args} * d/control: tdb-tools and lmdb-utils packages are also needed for tests (everything is commented out for now anyway) * d/rules: update knownfail tests * d/rules: stop exporting buildflags, export compiler options when needed * d/rules: always define rados:Depends & vfsmods:Depends substvars * unwrap-getresgid-typo.patch - fix crash during p11-kit execution (https://bugzilla.samba.org/show_bug.cgi?id=15227) (for the testsuite only) * nsswitch-pam-data-time_t.patch - fix time_t not fit in a pointer (eg x32) (https://bugzilla.samba.org/show_bug.cgi?id=15224) Checksums-Sha1: 7a907a906806a16638fd563ca7968691059d8007 4268 samba_4.17.3+dfsg-1.dsc 25631db18fe67096b36ffd0d9b186195ed2a3155 18395732 samba_4.17.3+dfsg.orig.tar.xz ebab90ff555df0008a09f7e34c6bb9f2060259f0 265696 samba_4.17.3+dfsg-1.debian.tar.xz 9d24f15b970defc7a22b1d0197f4ca05e85af1a3 5957 samba_4.17.3+dfsg-1_source.buildinfo Checksums-Sha256: 06427fb6c905a25d2d766a4f2abe16a0129c70d5a5043a56874ee80ca59db582 4268 samba_4.17.3+dfsg-1.dsc 8629a5ac6bb674bcbec0ecd0054989c5ee17210e426354b3b8830decf1c6cb98 18395732 samba_4.17.3+dfsg.orig.tar.xz 8af75351f186181c3d6e0abfb8871dc0f7dcbe674c01407ae863b944b3bede4e 265696 samba_4.17.3+dfsg-1.debian.tar.xz b524b7092053b9ccab8062db75945f27e59ec83d8330f49235f940f442754276 5957 samba_4.17.3+dfsg-1_source.buildinfo Files: f707471631a90fb31e2c10626541c3cd 4268 net optional samba_4.17.3+dfsg-1.dsc 67816b7170f96cfe62204047af012e50 18395732 net optional samba_4.17.3+dfsg.orig.tar.xz 81f925755dfcd23caadf7771698835d3 265696 net optional samba_4.17.3+dfsg-1.debian.tar.xz e391a0e793c528ef6993ed7bb342817d 5957 net optional samba_4.17.3+dfsg-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAmNzvc0PHG1qdEB0bHMu bXNrLnJ1AAoJEHAbT2saaT5Z5DUH/2jfpjOrqqa6yVqarT1DBjDLUCqZlWa/Ha1e ZdlLMu58Da+6RrRKF/oxK6ha9i0vq5TlHA5u4mcCllGO3Lg6HiL7Rxh4cjWYxalW MZZjVPNgRuy/z1KqkQukYc0yPI2ZbMO2O0j/qNDoFSK7he8ewHnyLL15jc5rRwe+ EHzWxzqRo2O7y16o/Yz/7YyN/OV74KWyW4FFMPoOg5w3LE6San56OhyMV4kZH+U7 V2U/tVSixWNZ6Dz1ePxUGSeL4PSV3TYj7Hmee3kUKJv70dh/GE7RIiUwQwfgCVj6 BZw1Ug2kmsCLnOjlC+eU12lgiwdyVrXQp4osYuCPJOry6nm54T0= =P3H2 -----END PGP SIGNATURE-----