-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 31 Mar 2017 17:58:52 -0400 Source: samba Binary: samba samba-common-bin samba-common samba-tools smbclient swat samba-doc samba-doc-pdf libpam-smbpass libsmbclient libsmbclient-dev winbind libpam-winbind libnss-winbind samba-dbg libwbclient0 libwbclient-dev Architecture: source amd64 all Version: 2:3.6.6-6+deb7u12 Distribution: wheezy-security Urgency: high Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org> Changed-By: Roberto C. Sanchez <roberto@debian.org> Description: libnss-winbind - Samba nameservice integration plugins libpam-smbpass - pluggable authentication module for Samba libpam-winbind - Windows domain authentication integration plugin libsmbclient - shared library for communication with SMB/CIFS servers libsmbclient-dev - development files for libsmbclient libwbclient-dev - Samba winbind client library - development files libwbclient0 - Samba winbind client library samba - SMB/CIFS file, print, and login server for Unix samba-common - common files used by both the Samba server and client samba-common-bin - common files used by both the Samba server and client samba-dbg - Samba debugging symbols samba-doc - Samba documentation samba-doc-pdf - Samba documentation in PDF format samba-tools - Samba testing utilities smbclient - command-line SMB/CIFS clients for Unix swat - Samba Web Administration Tool winbind - Samba nameservice integration server Changes: samba (2:3.6.6-6+deb7u12) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. - CVE-2017-2619: symlink race permits opening files outside share directory * Cherry-pick the following upstream changes required for CVE-2017-2619: - s3: smbd: Maintain a back-pointer to the fsp in struct smb_Dir. - s3: vfs: Change vfs_dirsort.c from MALLOC -> TALLOC. - s3: vfs: Protect against early error in SMB_VFS_NEXT_READDIR. - s3: vfs: Use an index i rather than re-using a state variable. - s3: vfs: Protect open_and_sort_dir() from the directory changing size. - s3: vfs: Clean error paths in opendir and fd_opendir. - s3: vfs: Check SMB_VFS_NEXT_OPENDIR return in dirsort_opendir(). - s3: vfs: Convert mtime from a time_t to a struct timespec. - s3: vfs: Remove the use of dirfd inside the vfs_dirsort.c. * CVE-2017-2619 requires the following changes: - s3: smbd: re-open directory after dptr_CloseDir() - s3: vfs: dirsort doesn't handle opendir of "." correctly. - s3: VFS: vfs_streams_xattr.c: Make streams_xattr_open() store the same path as streams_xattr_recheck(). - vfs_streams_xattr: use fsp, not base_fsp - s3: smbd: Create wrapper function for OpenDir in preparation for making robust. - s3: smbd: Opendir_internal() early return if SMB_VFS_OPENDIR failed. - s3: smbd: Create and use open_dir_safely(). Use from OpenDir(). - s3: smbd: OpenDir_fsp() use early returns. - s3: smbd: OpenDir_fsp() - Fix memory leak on error. - s3: smbd: Move the reference counting and destructor setup to just before retuning success. - s3: smbd: Correctly fallback to open_dir_safely if FDOPENDIR not supported on system. - s3: smbd: Remove O_NOFOLLOW guards. We insist on O_NOFOLLOW existing. - s3: smbd: Move special handling of symlink errno's into a utility function. - s3: smbd: Add the core functions to prevent symlink open races. - s3: smbd: Use the new non_widelink_open() function. * The initial CVE-2017-2619 fix caused a regression when the configuration option "follow symlink = no" was set, requiring these changes: - s3: smbd: Fix incorrect logic exposed by fix for the security bug 12496 (CVE-2017-2619). - s3: smbd: Fix "follow symlink = no" regression part 2. - s3: smbd: Fix "follow symlink = no" regression part 2. * The regression fix was accompanied by these unit test changes/updates: - s3: Test for CVE-2017-2619 regression with "follow symlinks = no". - s3: Fixup test for CVE-2017-2619 regression with "follow symlinks = no" - s3: Test for CVE-2017-2619 regression with "follow symlinks = no" - part 2 Checksums-Sha1: 2f4d99f7ab6dd0d0feb8b7cf9c1954e2e22a84de 3093 samba_3.6.6-6+deb7u12.dsc ed52b3ed1896627c13acc7592486d9eee0f5cd05 535109 samba_3.6.6-6+deb7u12.debian.tar.gz 1fcea62807cb6486208632f1025ae0fe874c3d61 4310740 samba_3.6.6-6+deb7u12_amd64.deb ad6f61b738c274f16eb10561e5039638938f5881 3895238 samba-common-bin_3.6.6-6+deb7u12_amd64.deb a11fd587a4f093d7dc15719d35a1499e397b30d5 216824 samba-common_3.6.6-6+deb7u12_all.deb e5eba940d9d2540749b7cf82e1c20ca2a0b48aa2 5500660 samba-tools_3.6.6-6+deb7u12_amd64.deb afa3c8a8b4becc54ae879c7fd4fc53bc3d3938f7 6031026 smbclient_3.6.6-6+deb7u12_amd64.deb 04091e90767d18835a189427f07c3deeb315ca5d 1776046 swat_3.6.6-6+deb7u12_amd64.deb df487131fa41e0372566f81435fcd08f9accd05d 5778632 samba-doc_3.6.6-6+deb7u12_all.deb 0437e0e0b717007186991923577bc9df7814ef39 7070450 samba-doc-pdf_3.6.6-6+deb7u12_all.deb 95ecb8e9b6b024582d08845e7289a50a82a01132 699802 libpam-smbpass_3.6.6-6+deb7u12_amd64.deb e2297a2c3fc0d01392abcbd5c4b962ad6d45adba 1569710 libsmbclient_3.6.6-6+deb7u12_amd64.deb ae0078342aff4f97409e27075e691d7b39767b90 1905798 libsmbclient-dev_3.6.6-6+deb7u12_amd64.deb 1256c25627d1d749acc3de14adaeb5c331f764ec 2702140 winbind_3.6.6-6+deb7u12_amd64.deb a18eff7213a115f5e34ec01bce2c2189dd7ad42c 106068 libpam-winbind_3.6.6-6+deb7u12_amd64.deb 0d9cbcab831a3595ca51a7b0757c890d26cd6630 579724 libnss-winbind_3.6.6-6+deb7u12_amd64.deb 43ee3f3266fdae8d6a8dbc4f757540220be0b18a 76506182 samba-dbg_3.6.6-6+deb7u12_amd64.deb e6efcbf3e2c7e41dfbaaf8ab5a930b33a9bcb81b 99426 libwbclient0_3.6.6-6+deb7u12_amd64.deb e5fe2b0534c439f691a95dc67f19bb9d6f723b67 86934 libwbclient-dev_3.6.6-6+deb7u12_amd64.deb Checksums-Sha256: 6d127460a8bdbe333841484d8428cbb3fb6e949bbbde977618ffc6cac72cd22c 3093 samba_3.6.6-6+deb7u12.dsc 1c1ed2fb08b60bac6a49a4ab32732e91cc4f3fa9efa64fbde0a672af1c1e2bdc 535109 samba_3.6.6-6+deb7u12.debian.tar.gz 9643bfbedf32862b96f0749184be0622fe5fec5e6161d6468398c3e34224ba8b 4310740 samba_3.6.6-6+deb7u12_amd64.deb 89feb6ca5db2cc79ba9157e5e58eb4e45d9b35daedd32a484defce0a67b2ee64 3895238 samba-common-bin_3.6.6-6+deb7u12_amd64.deb 8d425ca4721c2b44e74eb309615970c7778a37780cc65a226ece50f573688b27 216824 samba-common_3.6.6-6+deb7u12_all.deb 926bb354c960f4e28fef2082c4266018d209c17f889e18097cbe440c09d35167 5500660 samba-tools_3.6.6-6+deb7u12_amd64.deb fe8c4585c946ec1f70162a73c5423f40ca993e26314f00d13a7bd319ec0e7938 6031026 smbclient_3.6.6-6+deb7u12_amd64.deb 4eb437eb19959cc052bf37f37d6f0de980f8de968d8f58cfa363482c3d41ccfa 1776046 swat_3.6.6-6+deb7u12_amd64.deb 65b67eb1007bf32b7ed05e7ce495638ec81d35ce90d4191bf04e2abb9c6874e3 5778632 samba-doc_3.6.6-6+deb7u12_all.deb 78212be9b092fe0d76f4289627525bb99be2f80ac8ebb05fc2984cd6006297b6 7070450 samba-doc-pdf_3.6.6-6+deb7u12_all.deb 55fef85ac5f5707016308fc0ed26447f9b350141dc442e815066446c786b24c0 699802 libpam-smbpass_3.6.6-6+deb7u12_amd64.deb dfd6f4f8275c358fff76368d270c4b005eee27100f5a8da89e482e8580195c24 1569710 libsmbclient_3.6.6-6+deb7u12_amd64.deb 7f434b8bc6602c6c41fe37de058abe166e9c34c5d9b8500370babb0e25cf3b31 1905798 libsmbclient-dev_3.6.6-6+deb7u12_amd64.deb d61526d7688435f9a1d5c3df8a58a821e893fc534abb2e3a43120e54ecfcd90b 2702140 winbind_3.6.6-6+deb7u12_amd64.deb 261016fd2cd2f120b22f9da0443b6fd43ace3f6fdce4d1f8e3f6eb882312aa43 106068 libpam-winbind_3.6.6-6+deb7u12_amd64.deb 6874ffca8ef6d20e0f773b678d6380d7a937d2ec624858cc30419fe28a0dd28d 579724 libnss-winbind_3.6.6-6+deb7u12_amd64.deb a2681a390c0f6d6e651be7b24a46e5d74d9b44f6de948498b0c6f529179f748b 76506182 samba-dbg_3.6.6-6+deb7u12_amd64.deb 75b245fc1b17c8cfe0ff039fee486700f4692c4f88568b5b132547daecd94626 99426 libwbclient0_3.6.6-6+deb7u12_amd64.deb dbe1b6dde1de2d242f19f520c0e5fbb35a45bd8eba5ac0379c9d4847c6edc130 86934 libwbclient-dev_3.6.6-6+deb7u12_amd64.deb Files: 634ee55bf6b038461e725d8da11d3b9b 3093 net optional samba_3.6.6-6+deb7u12.dsc 66e156c75fb80dc288c3be5ea3b60792 535109 net optional samba_3.6.6-6+deb7u12.debian.tar.gz f1153b0f2445f55b0a3ca095be5e1d22 4310740 net optional samba_3.6.6-6+deb7u12_amd64.deb 3a6985f6d3ce49d759028ada41ac1212 3895238 net optional samba-common-bin_3.6.6-6+deb7u12_amd64.deb 68e1a8ca3bd7b0d41f5d1249022a28dd 216824 net optional samba-common_3.6.6-6+deb7u12_all.deb 42b78d41387eabc0d56fdda46f3e4fae 5500660 net optional samba-tools_3.6.6-6+deb7u12_amd64.deb 64b4d1faec5234ac1484862314921728 6031026 net optional smbclient_3.6.6-6+deb7u12_amd64.deb de1102bcb0eba5a9ab5b4a075ad056f9 1776046 net optional swat_3.6.6-6+deb7u12_amd64.deb 04b3f84313bc767483ef903e213f2450 5778632 doc optional samba-doc_3.6.6-6+deb7u12_all.deb 1b5614c6538dd94f5f7c7e56668e6953 7070450 doc optional samba-doc-pdf_3.6.6-6+deb7u12_all.deb 97d4ba900092a91e05055388ee040e6b 699802 admin extra libpam-smbpass_3.6.6-6+deb7u12_amd64.deb 90acbec3091410d54ebe4f9364df9974 1569710 libs optional libsmbclient_3.6.6-6+deb7u12_amd64.deb d9003c6653742ed6292b483f588ee63b 1905798 libdevel extra libsmbclient-dev_3.6.6-6+deb7u12_amd64.deb a691264d5977b8fb4f29ab53761996be 2702140 net optional winbind_3.6.6-6+deb7u12_amd64.deb 3a7088f1122694669ea2df25bc97e798 106068 net optional libpam-winbind_3.6.6-6+deb7u12_amd64.deb ec143a6dbb13e95f4fce48ee4311695f 579724 net optional libnss-winbind_3.6.6-6+deb7u12_amd64.deb 932bbbfc4b31d68969d9dc3827748d63 76506182 debug extra samba-dbg_3.6.6-6+deb7u12_amd64.deb 9de0984edbba53add01586a115754102 99426 libs optional libwbclient0_3.6.6-6+deb7u12_amd64.deb 03c627ec616231715bf22179d06d0373 86934 libdevel optional libwbclient-dev_3.6.6-6+deb7u12_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJY7NLfAAoJECzXeF7dp7IPw6sP/0L7zYOz3RUlegaIsjQI9K0O WWIdOz2o4vKWrcmi6n9mdqHDK/sbzc2xF9m1fnGYGx1p0HFILza50KiZZyuPJ8kG OmzUVX9SZ6orxjZDRYfwYtM3VhDWfiMHncuRX8tDxezDG5ZjGkT/VBkPBEtCNLLz /CMlGiryBB3Q1KtRgZ8tkwjv5ilPTR1f2v8YkJDm4q7HIWK40CQiuZkSjwYAnB2L BzMqYnlETItreFnI2IwOc7Ky5fHjITGLv3L0HiGQPAn4ELcfwGx+V7aW+/TYOTdu v3huQcsaUVbN42KOgDI2to6waPEIUf+ZK60kNvlLsaz0pRnN7su29wLanyhqIsNN r6SMjH0T/wGOpMTWjQ/sMDBFpVfW8lcEnuHR8H6i9X+2X54lqqoDQEMetYktU796 VFpqtWf/RjtU8InZoWPaouAoai6FFvDMFlXOqp3P0bUb0sRZyYxq4KP8IEbKO6BY QcR/9Cpeowe0XRbvnNq6KNocJBySRptmBTlwHk13bYR/JCbxUILjYP81MDZi4jc5 rOW4M2plWgkwIKux5ewlbZkyhyNEJhM26OLVQ1XVQPvwVdv1cbQ0O3vd2uk/7mYg 5eyw2IYbYWdrUjmKQkvYTpTM2sTaeqpu0FOBFiOuBgCp8BbKWYbjP0z+WSzfnWig pJdB5YUerSHobQNjCOgd =5PhO -----END PGP SIGNATURE-----