-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 12 Apr 2016 16:18:57 +1200 Source: samba Binary: samba samba-libs samba-common samba-common-bin smbclient samba-testsuite registry-tools libparse-pidl-perl samba-dev samba-doc python-samba samba-dsdb-modules samba-vfs-modules libpam-smbpass libsmbclient libsmbclient-dev winbind libpam-winbind libnss-winbind samba-dbg libwbclient0 libwbclient-dev ctdb Architecture: all source Version: 2:4.2.10+dfsg-0+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org> Changed-By: Andrew Bartlett <abartlet+debian@catalyst.net.nz> Closes: 813406 Description: ctdb - clustered database to store temporary data libnss-winbind - Samba nameservice integration plugins libpam-smbpass - pluggable authentication module for Samba libpam-winbind - Windows domain authentication integration plugin libparse-pidl-perl - IDL compiler written in Perl libsmbclient - shared library for communication with SMB/CIFS servers libsmbclient-dev - development files for libsmbclient libwbclient-dev - Samba winbind client library - development files libwbclient0 - Samba winbind client library python-samba - Python bindings for Samba registry-tools - tools for viewing and manipulating the Windows registry samba - SMB/CIFS file, print, and login server for Unix samba-common - common files used by both the Samba server and client samba-common-bin - Samba common files used by both the server and the client samba-dbg - Samba debugging symbols samba-dev - tools for extending Samba samba-doc - Samba documentation samba-dsdb-modules - Samba Directory Services Database samba-libs - Samba core libraries samba-testsuite - test suite from Samba samba-vfs-modules - Samba Virtual FileSystem plugins smbclient - command-line SMB/CIFS clients for Unix winbind - service to resolve user and group information from Windows NT ser Changes: samba (2:4.2.10+dfsg-0+deb8u1) jessie-security; urgency=high . [ Jelmer Vernooij ] * New upstream release. + Drop patch Fix-CTDB-build-with-PMDA.patch: applied upstream. * Re-enable cluster support. * Add patch no_wrapper: avoid dependencies on {nss,uid,socket}_wrapper. . [ Mathieu Parent ] * Fix CTDB behavior since CVE-2015-8543 (Closes: #813406) * Don't build ctdb twice: - Shorten build time - Fix ctdb log path from /var/log/log.ctdb to /var/log/ctdb/log.ctdb - Remove unused /usr/lib/*/ctdb/*.so files . [ Andrew Bartlett ] * New upstream release + Fixes: - CVE-2015-5370 (Multiple errors in DCE-RPC code) - CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP) - CVE-2016-2111 (NETLOGON Spoofing Vulnerability) - CVE-2016-2112 (LDAP client and server don't enforce integrity) - CVE-2016-2113 (Missing TLS certificate validation) - CVE-2016-2114 ("server signing = mandatory" not enforced) - CVE-2016-2115 (SMB IPC traffic is not integrity protected) - CVE-2016-2118 (SAMR and LSA man in the middle attacks possible) * Backport BackupKey patches from Samba 4.3.0 to avoid regressions * Additional regression fix for 'net ads join' to a Windows 2003 domain by metze * Revert the change to made libsamba-debug a library, allowing openchange to link to Samba 4.2 * Add Breaks against openchangeproxy that uses an API and ABI that has changed . [ Marc Deslauriers ] * Fix double-free in pam_smbpass Checksums-Sha1: 9b1421e0e0c84f2667acb33ee5ddbe085e014bd0 4174 samba_4.2.10+dfsg-0+deb8u1.dsc c8ec9e26f0fbcede075fefdbef67abd39ad5a5bf 20851189 samba_4.2.10+dfsg.orig.tar.gz b6c168d86b55949e9465a6053ffcbb4edd866c39 228480 samba_4.2.10+dfsg-0+deb8u1.debian.tar.xz a9581bb8733cb1841287187cb207a73b45cc2075 237814 samba-common_4.2.10+dfsg-0+deb8u1_all.deb c6830a302ce9eddb651ed2e29bd1f97b2a80b8a4 315206 samba-doc_4.2.10+dfsg-0+deb8u1_all.deb Checksums-Sha256: b3f9b76398e34fd607fe98112d6c89760cbc3fe9d6053fafa30673635d434ab0 4174 samba_4.2.10+dfsg-0+deb8u1.dsc 57b2371e14f2c9a87447560269fed86da22ed63b2e4fdd03df7d652dd2424a77 20851189 samba_4.2.10+dfsg.orig.tar.gz f68e797c73046d976ab9d36c2b029736201514b2a659d16cd32d7fa7935d2f59 228480 samba_4.2.10+dfsg-0+deb8u1.debian.tar.xz 067cf5d03ede7c4421fc7898727fa98f068e816c05ceaaeea59c3ae775d0cbca 237814 samba-common_4.2.10+dfsg-0+deb8u1_all.deb 2350f903b2016732734a3843919964be016542ce4416e464afde24feee4c428d 315206 samba-doc_4.2.10+dfsg-0+deb8u1_all.deb Files: 2d13478d0dfbd0c05d7f7dbcc12a38de 4174 net optional samba_4.2.10+dfsg-0+deb8u1.dsc 353282048a8daa3d97e2310a138f4a45 20851189 net optional samba_4.2.10+dfsg.orig.tar.gz 2884aae8f70418115a6306f6f2dc4dfc 228480 net optional samba_4.2.10+dfsg-0+deb8u1.debian.tar.xz f14e9ba500e6b955d6b6528b201fffa8 237814 net optional samba-common_4.2.10+dfsg-0+deb8u1_all.deb 7d313b9318c7330000e026220604c4b4 315206 doc optional samba-doc_4.2.10+dfsg-0+deb8u1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJXDRetAAoJEAVMuPMTQ89EUx4P/0H+R9OLVhzGzywbNBO8/eNa ZP728okHWAnSiKrUOjAk3RAKb9FmXwzfxzezXI+4fpnwlQaVd+1SWzGLsy3ooFBJ lUg/H4uZFDzVxs2bBqERyVTieOcpSRtpvveB2SimsGyELu7ch6buL7DYPpljjHpG gCBSeQJu6HurxbKPJ44ybUn8I0szv9110lC9AYH4RGWoEsDnjZNYMIw67Qk7EUp2 vs9H/rgY/g6NZX0pWCl23CTLOO64pM/RShOqPZ8WnIIqw4BKKlaPF5YTzb2ItNu3 Vj8BKPr5NF+NjiPENnZV0wYeNVu3AFMr68GSLk7rAcz0amF3WMbvsuzhUbkxcUcH R7kbE5lRIuMXF3jDvDp3/1IZQGP21HtQeFx4LRKIlOwv3hF7qyOGIMqE82E/4OYe Dd1ZscOj9pg4OiRgEfJdZCNexOwy8KurSnBaeBd3QPbXmaxyarRXAIKVvDcl3j9J aXcDKutePu5OGCzlcY+g3Ov4v5QDZZKln77sE0NxtPHob01l9zcHuWda6PSVWg/K MA6Opst55Q4Ecz0N2p+3iKaKYqWe0ga9R3mt33UyjJy26BhDbKWh+PZ9MySXCYfp 4zQIvmo6u+D9EwhYwovSwa05NrBKFLsdn56IbPA4pkglz6vcggoUQfk5V4Krzk8U zjREaFT9xVw2rxtpwIGa =AZBB -----END PGP SIGNATURE-----