Accepted samba 2:3.2.5-4~bpo41+1 (source all i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 14 Jan 2009 22:34:56 +0100
Source: samba
Binary: samba-doc-pdf samba-doc libsmbclient libpam-smbpass swat libwbclient0 winbind smbclient samba-tools samba libsmbclient-dev samba-common samba-dbg smbfs
Architecture: source all i386
Version: 2:3.2.5-4~bpo41+1
Distribution: etch-backports
Urgency: high
Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>
Changed-By: Christian Perrier <bubulle@debian.org>
Description:
libpam-smbpass - pluggable authentication module for SMB/CIFS password database
libsmbclient - shared library that allows applications to talk to SMB/CIFS serve
libsmbclient-dev - libsmbclient static libraries and headers
libwbclient0 - client library for interfacing with winbind service
samba - a LanManager-like file and printer server for Unix
samba-common - Samba common files used by both the server and the client
samba-dbg - Samba debugging symbols
samba-doc - Samba documentation
samba-doc-pdf - Samba documentation (PDF format)
samba-tools - tools provided by the Samba suite
smbclient - a LanManager-like simple client for Unix
smbfs - mount and umount commands for the smbfs (for kernels >= than 2.2.
swat - Samba Web Administration Tool
winbind - service to resolve user and group information from Windows NT ser
Closes: 155345 169624 218477 231229 256637 265468 265577 289179 292371 296057 305210 311300 340570 346547 349049 350790 350926 358479 359155 360384 366800 367379 386922 388282 391742 402392 408033 408507 410075 410663 414841 416802 417795 418196 418811 421636 421758 424629 424637 424683 425083 425640 425680 426002 426773 426979 427865 428411 429349 429429 430755 431661 433449 434372 436215 443230 444054 444054 445566 448546 448546 448686 449422 450738 451270 451271 451272 451273 451385 451685 451685 451839 452940 453144 453350 454770 457105 459243 460487 460491 462046 462046 465121 469976 470138 470844 476104 476104 478800 478800 479512 479512 480151 480151 480663 483187 483410 486056 486056 487681 487681 488384 488688 488709 488709 491881 493401 493752 494899 496073 496880 497857 498426 499359 500129 501499 506109 507620 508388 509101 510450
Changes:
samba (2:3.2.5-4~bpo41+1) etch-backports; urgency=low
.
* Backport to etch
* Drop libtalloc-dev from build dependencies
.
samba (2:3.2.5-4) unstable; urgency=low
.
* Fix segfault whan accessign some NAS devices running old versions of Samba
Closes: #500129
* Fix process crush when using gethostbyname_r in several threads
Closes: #509101, #510450
.
samba (2:3.2.5-3) unstable; urgency=high
.
* Security update
* Fix Potential access to "/" in setups with registry shares enabled
This fixes CVE-2009-0022, backported from 3.2.7
* Fix links in HTML documentation index file.
Closes: #508388
* Drop spurious docs-xml/smbdotconf/parameters.global.xml.new
file in the diff. Thanks to the release managers for spotting it
.
samba (2:3.2.5-2) unstable; urgency=low
.
* Fix typo in bug number in a comment for the default smb.conf file
Closes: #507620
* Document the need to set appropriate permissions on the printer
drivers directory, in the default smb.conf file. Also change
the example group from ntadmin to lpadmin
Closes: #459243
* Add missing rfc2307.so and sfu*.so links that prevent using the
'winbind nss info' feature properly
Thans to Martin Dag Nilsson for reporting and Jelmer Jaarsma for
the patch. Closes: #506109
.
samba (2:3.2.5-1) unstable; urgency=high
.
* New upstream version. Security-only release.
This addresses CVE-2008-4314: potentially leaking
arbitrary memory contents to malicious clients.
* Better document cases where using a "master" file for smb.conf
is a bad idea. Closes: #483187
* Insert example "add machine script" and "add group script" scripts
in the default smb.conf. Closes: #349049
* Move homepage URL to Homepage filed in debian/control
.
samba (2:3.2.4-1) unstable; urgency=low
.
[ Steve Langasek ]
* New upstream release.
- debian/rules: we don't need to move cifs.upcall around, it's now
installed to the right place upstream.
- Fixed in this release:
- typo in cifs.upcall.8. Closes: #501499
.
[ Christian Perrier ]
* Create /var/lib/samba in samba-common. Thanks to Thierry Carrez for
the patch. Closes: #499359
.
samba (2:3.2.3-3) unstable; urgency=low
.
[ Steve Langasek ]
* Add missing manpage for cifs.upcall; thanks to Per Olofsson for pointing
this out. Closes: #497857.
* Georgian debconf translation added. Closes: #498426
* Polish debconf translation added. Thanks to Å?ukasz Paździora.
.
[ Jelmer Vernooij ]
* Add ldb-tools to Suggests: of samba. Closes: #488384
.
samba (2:3.2.3-2) unstable; urgency=low
.
[ Christian Perrier ]
* Fix FTBFS on GNU/kFreeBSD. Closes: #496880
.
samba (2:3.2.3-1) unstable; urgency=high
.
* High-urgency upload for security fix
* New upstream release
- Fix "/usr/lib/cups/backend/smb does not try port 139 anymore by default"
Closes: #491881
- Fix the default permissions on ldb databases. Addresses
CVE-2008-3789; closes: #496073.
- debian/rules, debian/smbfs.files: build with cifs.upcall,
newly introduced to replace cifs.spnego
- debian/rules: no more need to rename libsmbclient.so to
libsmbclient.so.0, or libwbclient.so to libwbclient.so.0
.
[ Noèl Köthe ]
* fixing lintian warning "build-depends-on-1-revision"
.
samba (2:3.2.1-1) unstable; urgency=low
.
[ Steve Langasek ]
* Build-depend on keyutils only on the linux archs. Closes: #493401.
* New patch debian/patches/shrink-dead-code.patch: throw all .o files into
a .a archive as a first pass before linking the final executables, so
that the executables don't end up with quite so much unused code bloating
the system. Not applied to net or ntlm_auth, which have particularly
hairy linking needs. Partially addresses: bug #474543; no code was
harmed in the making of this patch.
* Build-depend on libcups2-dev | libcupsys2-dev, to facilitate backports.
.
[ Christian Perrier ]
* New upstream release
- Fix trusted domain handling in Winbindd. Closes: #493752
- Fix for print jobs that continued to show as active after printing
had completed. Closes: #494899.
.
samba (2:3.2.0-4) unstable; urgency=low
.
* Brown paper bag bug: add a change to debian/patches/fhs-filespaths.patch
that went missing somehow, causing samba to look for secrets.tdb in
/etc/samba instead of /var/lib/samba where it's been for years. No
migration handling added, because this was only present in unstable for
about a day. Thanks to Rick Nelson for pointing this out.
.
samba (2:3.2.0-3) unstable; urgency=low
.
* Upload to unstable.
* debian/patches/proper-static-lib-linking.patch: fix SMB_LIBRARY macro
and Makefile.in to properly avoid linking .a libraries into other .a
libraries, since this bloats the libraries without providing any useful
functionality.
* Version the build-dependency on libtalloc-dev, to ensure we're building
against a package with the right symbols.
* Add debian/libsmbclient.symbols and debian/libwbclient0.symbols, to get
more fine-grained versioned library dependencies
* Bump the shlibs version for libsmbclient to 2:3.2.0, as new symbols
have been added.
* Re-add docs/registry to samba-doc, restored upstream
* Move schannel_store.tdb out of /etc/samba to /var/lib/samba, where it
belongs according to the FHS. Closes: #454770.
.
samba (2:3.2.0-2) experimental; urgency=low
.
* Fix up the copyright file to correctly document that we're now under
GPLv3, not GPLv2.
.
samba (2:3.2.0-1) experimental; urgency=low
.
[ Christian Perrier ]
* New samba-tools package to provide all "torture" tools:
smbtorture msgtest masktest locktest locktest2 nsstest vfstest
pdbtest talloctort replacetort tdbtorture smbconftort
* Upgrade Standard to 3.8.0 (checked)
* Merged from unstable:
* Drop "invalid users = root" from the default smb.conf file
as it differs from upstream's behaviour and upstream is fairly
noisy about this choice of ours. Closes: #462046
* Drop commented "guest account = nobody". This is already upstream's
default
* Remove versioned Build-Depends when satisfied in etch (actually all
versioning in Build-Depends)
* Remove Conflicts with non-existing packages
* Drop dpkg-dev and binutils from Build-Depends, since the versioned
build-dep is no longer needed and these are both Build-Essential
* Mini-policy for settings in smb.conf:
- don't explicitly set settings to their default value
- commented settings with the default value are commented with "#"
- commented settings with a non-default value are commented with ";"
* Apply this policy to "socket options". Closes: #476104
* No longer gratuitously use /usr/lib/libsmbclient.so.0.1 but a more logical
libsmbclient.so.0 as upstream doesn't assign versions
* Add idmap_*(8) man pages (idea taken from SerNet packages)
* Create the entire set of directories needed by clients for
Point-and-Click printing (including old clients!) in
/var/lib/samba/printers (idea taken from SerNet packages)
* Update copyright and README.debian information for current and past
maintainers. Remove redundant mention of Tridge (the copyright is enough)
* Add doc-base files for samba-doc-pdf. Closes: #451685
* add a soft dependency on slapd in init script to allow
proper operation when dependency-based boot sequence is enabled.
Thanks to Petter Reinholdtsen for reporting and providing a patch
Closes: #478800
* Rename libcupsys2-dev to libcups2-dev in build dependencies
* Localize SWAT in German. Closes: #487681
.
[ Debconf translations ]
* Merged from unstable:
* Kurdish. Closes: #480151
* Romanian updated. Closes: #488709.
.
[ Steve Langasek ]
* New upstream release
* Merged from unstable:
* debian/patches/no-unnecessary-cups.patch: don't try to connect to a
cups server when we know that no printers are configured.
Closes: #479512.
.
[ Jelmer Vernooij ]
* Merged from unstable:
* Fix bashism in smbtar. (Closes: #486056)
.
[ Peter Eisentraut ]
* Merged from unstable:
* Removed myself from Uploaders
.
samba (2:3.2.0~rc2-1) experimental; urgency=low
.
[ Christian Perrier ]
* New upstream release
.
[ Steve Langasek ]
* Enable building of cifs.spnego for the smbfs package, adding a
build-dependency on keyutils-dev, to allow kerberos-based authentication
of cifs mounts. Closes: #480663, LP: #236830.
.
samba (2:3.2.0~rc1-2) experimental; urgency=low
.
* Reupload to experimental. Sigh.
.
samba (1:3.2.0~rc1-1) unstable; urgency=low
.
* New upstream version
* debian/samba-doc.doc-base.samba-using: index file is no named toc.html
.
samba (1:3.2.0~pre3-1) experimental; urgency=low
.
* New upstream version
* debian/patches/fix-manpage-htmlchars.patch: dropped as fixed upstream
* docs/registry removed from samba-doc as missing from upstream tarball
(upstream bug #5421)
* debian/samba-doc.doc-base.samba-using: The index (and only) file
is now book.html
.
samba (1:3.2.0~pre2-2) experimental; urgency=low
.
[ Christian Perrier ]
* Upload to experimental with an epoch as the earlier version
accidentally went to unstable.
.
[ Peter Eisentraut ]
* Removed myself from Uploaders
.
samba (3.2.0~pre2-1) unstable; urgency=low
.
* New upstream (pre-)release. It closes the following bugs:
- typos in net.8. Closes: #460487, #460491
- mention insmb.conf(5) that logging still occurs when
"syslog only" is enabled and "syslog=0". Closes: #311300
- bad link in HTML docs. Closes: #358479
- enhance a useless and confusing debug message in pdb_ldap
Closes: #448546
- mention the correct default debug level in smbclient(1)
Closes: #292371
- no longer mention that "ip" parameter can use the host name
in mount.cifs(8). Closes: #296057
- wrong spelling of "its own" in source comments fixed
Closes: #448686
- fix "ldapsam_getgroup: Did not find group" debug message
Closes: #448546
- fix smbclient(1): useless use of cat. Closes: #429349
.
[ Steve Langasek ]
* debian/patches/fix-manpage-htmlchars.patch: patch all the manpages from
3.2.0pre2, which ended up with html entity encodings embedded in them
by mistake. This patch is expected to go away again for 3.2.0pre3.
* fix up the FHS patches for the new upstream release:
- debian/patches/fhs-newpaths.patch has been merged upstream, drop it.
- debian/patches/fhs-filespaths.patch has been mostly applied; only one
path usage remains inconsistent, and a new .tdb has been added with
the wrong path so fix this up here too.
- debian/patches/fhs-filespaths-debatable.patch: updated for some new
uses of lock_path() which we map to cache_path().
- debian/patches/fhs-assignpaths.patch: patch source/m4/check_path.m4
instead of source/configure.in.
* debian/patches/smbstatus-locking.patch: merged upstream
* debian/patches/smbpasswd-syslog.patch: updated to account for new
calls to logging functions
* Handle the new libraries available in samba 3.2: ship libwbclient as a
shared library, link against the system libtalloc (adding a
build-dependency on libtalloc-dev - which is actually sort of kludgy
because this only works as long as the system libtalloc has the same
soname as the one within the samba tree, this should be fixed to
properly build against the system libtalloc), and suppress generation
of the tdb and netapi libraries which aren't useful to us right now.
.
samba (2:3.0.31-1) unstable; urgency=medium
.
* New upstream release
.
samba (2:3.0.30-4) unstable; urgency=low
.
[ Christian Perrier ]
* Rename libcupsys2-dev to libcups2-dev in build dependencies
* Localize SWAT in German. Closes: #487681
.
[ Jelmer Vernooij ]
* Fix bashism in smbtar. (Closes: #486056)
.
[ Jamie Strandboge ]
* debian/patches/upstream_bug5517.patch: adjust cli_negprot() to properly
calculate buffer sizes. This bug was introduced in the fix for
CVE-2008-1105. Closes: #488688
.
[ Debconf translations ]
* Romanian updated. Closes: #488709.
.
samba (2:3.0.30-3) unstable; urgency=low
.
[ Christian Perrier ]
* add a soft dependency on slapd in init script to allow
proper operation when dependency-based boot sequence is enabled.
Thanks to Petter Reinholdtsen for reporting and providing a patch
Closes: #478800
.
[ Steve Langasek ]
* debian/patches/no-unnecessary-cups.patch: don't try to connect to a cups
server when we know that no printers are configured. Closes: #479512.
.
samba (2:3.0.30-2) unstable; urgency=high
.
* Brown paper bag releae with epoch increased after yet another
accidental upload of 3.2.0 to unstable. Sigh and apologies to
autobuilders.
.
samba (1:3.0.30-1) unstable; urgency=high
.
* New upstream release: fix a heap overflow when parsing SMB responses in
client code. (CVE-2008-1105). Closes: #483410
.
samba (1:3.0.29-1) unstable; urgency=low
.
* New upstream release
.
samba (1:3.0.28a-3) unstable; urgency=low
.
* The "bug hunting at SambaXP" release
* Drop "invalid users = root" from the default smb.conf file
as it differs from upstream's behaviour and upstream is fairly
noisy about this choice of ours. Closes: #462046
* Drop commented "guest account = nobody". This is already upstream's
default
* Remove versioned Build-Depends when satisfied in etch (actually all
versioning in Build-Depends)
* Remove Conflicts with non-existing packages
* Drop dpkg-dev and binutils from Build-Depends, since the versioned
build-dep is no longer needed and these are both Build-Essential
* Mini-policy for settings in smb.conf:
- don't explicitly set settings to their default value
- commented settings with the default value are commented with "#"
- commented settings with a non-default value are commented with ";"
* Apply this policy to "socket options". Closes: #476104
* No longer gratuitously use /usr/lib/libsmbclient.so.0.1 but a more logical
libsmbclient.so.0 as upstream doesn't assign versions
* Add idmap_*(8) man pages (idea taken from SerNet packages)
* Create the entire set of directories needed by clients for
Point-and-Click printing (including old clients!) in
/var/lib/samba/printers (idea taken from SerNet packages)
* Update copyright and README.debian information for current and past
maintainers. Remove redundant mention of Tridge (the copyright is enough)
* Add doc-base files for samba-doc-pdf. Closes: #451685
* Kurdish debconf translation. Closes: #480151
.
samba (1:3.0.28a-2) unstable; urgency=low
.
[ Peter Eisentraut ]
* Removed myself from Uploaders
.
[ Steve Langasek ]
* debian/patches/manpage-encoding.patch: fix up the manpage synopses to
not use embedded iso8859-1 non-break spaces, there is a roff escape
sequence that we should use instead. Closes: #470844.
.
[ Christian Perrier ]
* Reupload with an epoch to supersede an accidental upload of 3.2.0
in unstable
.
samba (3.0.28a-1) unstable; urgency=low
.
[ Christian Perrier ]
* New upstream release. This fixes the following Debian bugs:
- Prevent nmbd from shutting down when no network
interfaces can be located. Closes: #433449
* Debian patches dropped as applied upstream:
- make-distclean.patch
- linux-cifs-user-perms.patch
- cifs-umount-same-user.patch
- get_global_sam_sid-non-root.patch
- chgpasswd.patch
- cups.patch
* Fix doc-base section from Apps/Net to Network
* Fix copyright in debian/copyright
* Updated Standards-Version to 3.7.3 (no changes needed)
* [Lintian] No longer use -1 revision for the libacl-dev build
dependency
.
[ Steve Langasek ]
* Merge smb.conf changes from Ubuntu:
- correct an inconsistency inthe winbind enum comment
- correct default and example settings to use the canonical names for all
options, rather than historical synonyms
- clarify the comment for 'max log size'.
Thanks to Chuck Short and Richard Laager.
* Add an additional sed command to samba-common.postinst to cleverly
pick up any shares that have been appended to the default smb.conf
and exclude them from the ucf diff.
.
samba (3.0.28-4) unstable; urgency=low
.
[ Steve Langasek ]
* Brown paper bag: fix samba-common.files to list all of the smb.conf
templates, not just the current one. Closes: #470138.
* Drop debian/patches/gcc42-arm-workaround.patch, which should have been
dropped in the previous upload
.
samba (3.0.28-3) unstable; urgency=low
.
* Drop the arm optimization workaround, as the compiler is now reported
to be fixed.
* Add missing eventlogadm(8) manpage.
* Refresh the list of Linux architectures from type-handling, to pick up
libacl-dev on armel. Closes: #465121.
* Convert handling of smb.conf to use ucf, so that we can sanely manage
syntax changes going forward.
* In the process, fix the dhcp handling to allow proper reconfiguration
via debconf.
.
[ Debconf translations ]
* Indonesian added. Closes: #469976
.
samba (3.0.28-2) unstable; urgency=low
.
[ Steve Langasek ]
* Drop some further code in samba-common.postinst that's specific to
pre-3.0 upgrades.
* Make the mount.smbfs wrapper a bash script instead of a POSIX sh script,
so we can use bash array variables and cope with arguments containing
embedded spaces (such as share names). Thanks to Julian Gilbey
<jdg@debian.org> for the patch. Closes: #457105.
* debian/patches/gcc42-arm-workaround.patch: work around an arm compiler
problem by building rpc_parse/parse_prs.o with -O0 on this architecture.
Thanks to Martin Michlmayr for helping to pin down the problem file.
Closes: #445566.
* mount.smbfs: map the smbfs "guest" option to "guest,sec=none", which is
a closer approximation of the semantics with cifs.
.
samba (3.0.28-1) unstable; urgency=high
.
* New upstream release. Security fix
* Fix a remote code execution vulnerability when running as a domain
logon server (PDC or BDC). (CVE-2007-6015)
.
samba (3.0.27a-2) unstable; urgency=low
.
* debian/patches/disable-weak-auth.patch: disable plaintext authentication
on the client, and lanman authentication on both client and server, by
default since these are only needed for Win9x or Samba with encrypted
passwords disabled and are potential password attack vectors. This
change is backported from Samba 3.2. LP: #163194.
* Don't build the userspace tools for the deprecated smbfs kernel driver
anymore; instead, use a shell wrapper around mount.cifs that translates
option names between the smbfs and cifs drivers.
Closes: #169624, #256637, #265468, #289179, #305210, #410075;
LP: #29413
* debian/panic-action: detect when we're on an Ubuntu system and direct bug
reporters to Launchpad instead of to the Debian BTS. Closes: #452940.
* debian/samba.init: call log_progress_msg separately for each daemon on
stop rather than passing a second arg to log_daemon_msg, for greater
compatibility with both Debian and Ubuntu LSB initscript implementations.
Closes: #453350.
* Drop smbldap-tools to Suggests:, consistent with the textbook meaning of
recommends/suggests which is now implemented correctly in apt.
Closes: #453144.
* Get rid of the build-dependency on type-handling:
- add a new target, "update-archs", to be invoked by hand to refresh
the list of known Linux architectures for the libacl1-dev
build-dep; this avoids the clean target making changes to
debian/control
- rework the sed line so that it works in-place on debian/control,
so we can get rid of debian/control.in as well and just update
debian/control directly
Closes: #340570.
.
samba (3.0.27a-1) unstable; urgency=low
.
[ Steve Langasek ]
* New upstream release
- fix regression with smbfs clients, introduced by the security fix in
3.0.27. Closes: #451839.
- debian/patches/cifs-umount-trailing-slashes.patch: merged upstream.
* Drop the deprecated "printer admin" example from the default smb.conf.
Closes: #451273.
* Add a *new* debian/patches/cups.patch to *enable* cups as the default
printing system, because since the original introduction of this patch
in Debian there was a regression upstream that caused cups to never be
selected as the default print system.
* Set the default value for the workgroup question to "WORKGROUP" in
samba-common.templates, not just in the template smb.conf, so that the
debconf question comes out right every time; and always treat this
as a high-priority debconf question instead of selecting the
priority based on whether there's an existing value, since there's
now *always* an existing value but the value doesn't tell us
anything meaningful about the user's preference. Closes: #451271.
* Drop some code from samba.postinst that only applies to upgrades from
pre-3.0 (i.e., pre-sarge) packages
.
[ Christian Perrier ]
* Update the "built by" part of README.debian
* Remove the very outdated parts of README.debian
.
samba (3.0.27-1) unstable; urgency=low
.
* New upstream version
- fixes a remote code execution vulnerability when running nmbd as a
WINS server. (CVE-2007-5398; closes: #451385)
- fixes a buffer overflow in nmbd when running as a domain controller
during processing of GETDC logon server requests. (CVE-2007-4572)
.
[ Steve Langasek ]
* fhs.patch: net usershares should also be stored under /var/lib, not under
/var/run. No transition handling in maintainer scripts, since this
feature is not activated by default.
* get_global_sam_sid-non-root.patch: avoid calling get_global_sam_sid()
from smbpasswd -L or pam_smbpass when running as non-root, to avoid a
foreseeable panic. Closes: #346547, #450738.
* usershare.patch: enable "user shares" by default in the server with a
default limit of 100, to support user shares on both upgrades and new
installs with no need to munge config files. Thanks to Mathias Gug
<mathiaz@ubuntu.com> for the patch. Closes: #443230.
* On Ubuntu, support autopopulating the sambashare group using the existing
members of the admin group; no equivalent handling is done on Debian,
because there doesn't seem to be an appropriate template group we can use
that wouldn't be considered a privilege escalation for those users.
* Update Samba to explicitly use the C locale when doing password changes,
to account for Linux-PAM's recently adopted i18n support.
Closes: #451272.
* Enforce creation of the pid directory (/var/run/samba) in the samba
init script, for compatibility with systems that use a tmpfs for
/var/run. Closes: #451270.
* debian/patches/cups.patch, debian/NEWS: drop the patch to force bsd
as the default printing system, as CUPS is now the dominant/default
printing system for Linux.
.
[ Debconf translations ]
* Hebrew added. Closes: #444054
.
[ Christian Perrier ]
* Split fhs.patch into 3 separate patches to make upstream integration
easier:
- fhs-newpaths.patch: introduce new paths
- fhs-filespaths.patch: assign files to new paths
- fhs-assignpaths.patch: assign paths to FHS-compatible locations
* Compile with DNS update support. Thanks to Matthias Gug for
reporting and contributions from Launchpad's #156686
Closes: #449422
.
samba (3.2.0~pre1-1) experimental; urgency=low
.
* New upstream (pre-)release
.
[ Steve Langasek ]
* fhs.patch: net usershares should also be stored under /var/lib, not under
/var/run. No transition handling in maintainer scripts, since this
feature is not activated by default.
* Update smbstatus-locking.patch to use db_open() instead of
tdb_open(), per upstream recommendation.
* Use talloc_strdup() and talloc_asprintf() instead of static strings in
data_path(), state_path(), and cache_path(), as suggested by Volker
Lendecke.
.
[ Debconf translations ]
* Hebrew added. Closes: #444054
.
[ Christian Perrier ]
* Split fhs.patch into 4 separate patches to make upstream integration
easier:
- fhs-newpaths.patch: introduce new paths
- fhs-filespaths.patch: assign files to new paths
- fhs-filespaths-debatable.patch: assign files to new paths (part that
seems more difficult to be integrated upstream)
- fhs-assignpaths.patch: assign paths to FHS-compatible locations
.
samba (3.0.26a-1) unstable; urgency=low
.
* New upstream release.
* Remove the samba-common/unsupported-passdb debconf template and
the associated code in samba-common.postinst, that deals with pre-etch
versions transition
* Remove the samba/tdbsam template and the remaining line referencing
it (for no need) in samba.postinst. That code was removed in 3.0.23c-2
and was dealing with pre-3.0 transitions.
.
samba (3.0.26-1) unstable; urgency=high
.
* New upstream release: security update for CVE-2007-4138:
incorrect primary group assignment for domain users using the rfc2307 or
sfu winbind nss info plugin.
.
samba (3.0.25c-1) unstable; urgency=low
.
[ Noèl Köthe ]
* new upstream released from 2007-08-20
- added smbfs deprecation information to help and manpage
Closes: #360384
- fixed winbind leaking file descriptors
Closes: #410663
- fixed smbpasswd fails with errorcode SUCCESS as normal user
Closes: #155345
.
[ Christian Perrier ]
* Drop the (upstream unmaintained) python bindings (python-samba package)
* swat: turn the dependency on samba-doc to a Recommends:
Thanks to Peter Eisentraut for dealing with that issue and bringing it
back. Closes: #391742
.
samba (3.0.25b-2) unstable; urgency=low
.
[ Steve Langasek ]
* Don't start nmbd if 'disable netbios' is set in the config.
Closes: #429429.
* missing_userspace_bugzilla999.patch: always use opt_gid and opt_uid,
set to those of the invoking user, when called as non-root.
Closes: #431661.
* Fix up fhs.patch for some new FHS regressions:
- make sure all references to winbindd_idmap.tdb look in /var/lib/samba
- make sure all references to winbindd_cache.tdb look in /var/cache/samba
- share_info.tdb belongs in /var/lib/samba; this is a regression
introduced in 3.0.23-1, so fix up this path on samba upgrade
- move the ADS "gpo" cache directory to /var/cache/samba
- move idmap_cache.tdb to /var/cache/samba, and fix up the path on
winbind upgrade
* linux-cifs-user-perms.patch: also support setting a default uid and gid
value when mount.cifs is called as non-root
* cifs-umount-trailing-slashes.patch: canonicalize mount point names when
umount.cifs is called, to avoid unnecessarily leaving entries behind in
/etc/mtab if invoked with a trailing slash in the mount point name
* cifs-umount-same-user.patch: the CIFS_IOC_CHECKMOUNT ioctl check
in umount.cifs assumed that errors would return a value > 0, when in fact
the return value on failure is -1. Correct this assumption, which was
allowing any user to unmount shares mounted by other users.
* smbpasswd-syslog.patch: Fix pam_smbpass to no longer call openlog()
and closelog(), since this will interfere with syslogging behavior
of the calling application. Closes: #434372.
* swat should depend only on inet-superserver, not update-inetd, per
Marco d'Itri.
.
[ Christian Perrier ]
* debian/panic-action: bail out if there's no "mail" command
Patch from the Ubuntu samba packagers.
* debian/smb.conf: use the comment from Ubuntu package for the "valid users"
setting of [homes] as a basis for ours. Ubuntu's wording is better.
.
[ Peter Eisentraut ]
* Don't ignore errors from make distclean, as per lintian check
.
[ Debconf translations ]
* Gujarati updated. Closes: #436215
.
samba (3.0.25b-1) unstable; urgency=low
.
* New upstream version
* Bugs fixed upstream:
- correct default mentioned for "store dos attribute" in smb.conf(5)
Closes: #367379
- fix typo in pdbedit.c. Closes: #421758
- fixed crashes in idmap_rid. Closes: #428411
- misleading documentation in smb.conf(5). Closes: #218477
- don't crash when no eventlog names are defined in smb.conf
Closes: #424683
- typography errors in manpages. Closes: #427865, #418811
- fix compilation and linking of pam_smbpass.so. Closes: #430755
* Drop patches that have been applied upstream:
- nmbd-signalling.patch
.
samba (3.0.25a-2) unstable; urgency=low
.
[ Debconf translations ]
* Danish updated. Closes: #426773
.
[ Christian Perrier ]
* Clean out some remaining cruft that is not deleted
by "make clean". Taken from Ubuntu patches.
* Add missing userspace patches to properly pass uid and gid with 2.6
kernels. See #408033 and upstream's #999 for rationale
* Drop smbmount-unix-caps.patch as workaraound for #310982 as the issue
is fixed in 2.4 and 2.6 kernels (2.6 kernels need
missing_userspace_bugzilla999.patch, though)
Closes: #408033
* Add the samba-common and winbind packages to samba-dbg to get
debugging symbols for winbindd, net, etc.
* Replace all occurrences of ${Source:Version} by ${$binary:Version} in
dependencies. All these were Arch:any depending on Arch:any (the only
Arch:any depending on Arch:all already used ${source:Version}
.
[ Steve Langasek ]
* Update samba.config to not override user preference on passdb.tdb
creation after initial configuration. Closes: #350926.
* Drop the last vestiges of the unified samba.patch; this reverts the
change for bug #112195 which it's been determined has no actual security
benefits, and drops the fix for bug #106976 which is superseded
upstream.
.
[ Debconf translations ]
* Vietnamese updated. Closes: #426979.
.
samba (3.0.25a-1) unstable; urgency=low
.
[ Christian Perrier ]
* New upstream version
* Bugs fixed upstream:
- password expiration loog on samba domain controllers. Closes: #425083
- no more login on samba servers that are members of samba domains
Closes: #425680, #426002
- users no longer have access according to their secondary groups
on shares with "force group". Closes: #424629
* Debian packaging fixes:
- Enforce building with "--with-ads" and therefore fail
when the build can't be done with kerberos support.
Closes: #424637
- debian/control: wrap long lines in packages' descriptions
- uncomment out use of type-handling in the clean target, because
type-handling has been fixed to support the new /usr/share/dpkg/ostable
- avoid installing extra COPYING files in /usr/share/doc/* (one was
installed along with the pcap2nbench example)
* Merge Ubuntu changes:
- use of PIDDIR instead of hardcoding it in samba.init and winbind.init
* Patches to upstream source:
- patches/fhs.patch: recreate winbindd_cache.tdb in the cache directory
instead of the lock directory. Thanks to C. K. Jester-Young for the
patch. Closes: #425640
.
[ Steve Langasek ]
* swat and samba depend on update-inetd instead of on netbase; swat also
depends on "openbsd-inetd | inet-superserver", for samba this is only a
Suggests.
.
samba (3.0.25-1) unstable; urgency=high
.
* New upstream version including security fixes
* Bugs fixed upstream:
- nmbd no longer segfaults on bad interface line
Closes: #265577, #386922, #359155, #366800
- documentation issues about displaycharset. Closes: #350790
- documentation makes it clear that case options such as
"default case" can only be set on a per-share basis.
Closes: #231229
- all occurrences of "encypt" fixed in smb.conf(5)
Closes: #408507
- two typos on "account" fixed in source/passdb/pdb_ldap.c and
source/utils/pdbedit.c. Closes: #402392
- no longer panic when using the (deprecated) "only user" option
in user level security. Closes: #388282
- CVE-2007-2444 (User privilege elevation because of a local SID/Name
translation bug)
- CVE-2007-2446 (Multiple heap overflows allow remote code execution)
- CVE-2007-2447 (Unescaped user input parameters are passed as
arguments to /bin/sh allowing for remote command
execution)
.
[ Debconf translations ]
* Marathi added. Closes: #416802
* Esperanto added. Closes: #417795.
* Basque updated. Closes: #418196.
* Wolof updated. Closes: #421636
.
[ Christian Perrier ]
* /etc/dhcp3/dhclient-enter-hooks.d/samba tests for /etc/init.d/samba
before running invoke-rc.d. Closes: #414841
.
[ Steve Langasek ]
* Comment out use of type-handling in the clean target, because
type-handling is currently broken in unstable and clean shouldn't be
editing debian/control anyway.
Files:
8a17b911d9b898b04501647ae4ea72ac 1376 net optional samba_3.2.5-4~bpo41+1.dsc
0f7539e09803ae60a2912e70adf1c747 50276407 net optional samba_3.2.5.orig.tar.gz
06cf31568205a6da023586d2d9010c81 227611 net optional samba_3.2.5-4~bpo41+1.diff.gz
656aa7eeb49ca916bebe2fe3214ce1c5 7953368 doc optional samba-doc_3.2.5-4~bpo41+1_all.deb
7247dca0669db431cf41039c7ffb61e6 6251762 doc optional samba-doc-pdf_3.2.5-4~bpo41+1_all.deb
6defc569cd02ee09bb514246df813ab4 4200310 net optional samba_3.2.5-4~bpo41+1_i386.deb
876cf7fcdb5ac89938d6d979c8f3b56b 3336018 net optional samba-common_3.2.5-4~bpo41+1_i386.deb
1ed74c355500e4cb79252def5d0f47f1 4957002 net optional samba-tools_3.2.5-4~bpo41+1_i386.deb
9e71d6c8c0d55ce2ccd89121a027d2c0 6155568 net optional smbclient_3.2.5-4~bpo41+1_i386.deb
cca3ae6a06a470172078c02af90bc82d 964610 net optional swat_3.2.5-4~bpo41+1_i386.deb
08c7ef89908502a4353a4b6e116e7a1c 1318770 otherosfs optional smbfs_3.2.5-4~bpo41+1_i386.deb
7f9d6d8483161a3464d0087e099cc342 550416 admin extra libpam-smbpass_3.2.5-4~bpo41+1_i386.deb
20fd18e3e67438fd7a5f66493a179c28 1202506 libs optional libsmbclient_3.2.5-4~bpo41+1_i386.deb
712dfc2d020de4196a17f66c89d47ad9 1827762 libdevel extra libsmbclient-dev_3.2.5-4~bpo41+1_i386.deb
d69d8f728fdeeab0438383617c363344 2860264 net optional winbind_3.2.5-4~bpo41+1_i386.deb
6e3c83bb9bd76529e63e66ff0fb8dd39 2099550 devel extra samba-dbg_3.2.5-4~bpo41+1_i386.deb
0b201133e5b1d91536c83f2c8766626e 78032 libs optional libwbclient0_3.2.5-4~bpo41+1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFJhYFB1OXtrMAUPS0RAsmLAJ0brQgUxbxoZYDFIM7vgiNqOHvtCwCfbEOn
QgClNSocX0qGtm0hBjQ8UQs=
=CMgx
-----END PGP SIGNATURE-----
Accepted:
libpam-smbpass_3.2.5-4~bpo41+1_i386.deb
to pool/main/s/samba/libpam-smbpass_3.2.5-4~bpo41+1_i386.deb
libsmbclient-dev_3.2.5-4~bpo41+1_i386.deb
to pool/main/s/samba/libsmbclient-dev_3.2.5-4~bpo41+1_i386.deb
libsmbclient_3.2.5-4~bpo41+1_i386.deb
to pool/main/s/samba/libsmbclient_3.2.5-4~bpo41+1_i386.deb
libwbclient0_3.2.5-4~bpo41+1_i386.deb
to pool/main/s/samba/libwbclient0_3.2.5-4~bpo41+1_i386.deb
samba-common_3.2.5-4~bpo41+1_i386.deb
to pool/main/s/samba/samba-common_3.2.5-4~bpo41+1_i386.deb
samba-dbg_3.2.5-4~bpo41+1_i386.deb
to pool/main/s/samba/samba-dbg_3.2.5-4~bpo41+1_i386.deb
samba-doc-pdf_3.2.5-4~bpo41+1_all.deb
to pool/main/s/samba/samba-doc-pdf_3.2.5-4~bpo41+1_all.deb
samba-doc_3.2.5-4~bpo41+1_all.deb
to pool/main/s/samba/samba-doc_3.2.5-4~bpo41+1_all.deb
samba-tools_3.2.5-4~bpo41+1_i386.deb
to pool/main/s/samba/samba-tools_3.2.5-4~bpo41+1_i386.deb
samba_3.2.5-4~bpo41+1.diff.gz
to pool/main/s/samba/samba_3.2.5-4~bpo41+1.diff.gz
samba_3.2.5-4~bpo41+1.dsc
to pool/main/s/samba/samba_3.2.5-4~bpo41+1.dsc
samba_3.2.5-4~bpo41+1_i386.deb
to pool/main/s/samba/samba_3.2.5-4~bpo41+1_i386.deb
samba_3.2.5.orig.tar.gz
to pool/main/s/samba/samba_3.2.5.orig.tar.gz
smbclient_3.2.5-4~bpo41+1_i386.deb
to pool/main/s/samba/smbclient_3.2.5-4~bpo41+1_i386.deb
smbfs_3.2.5-4~bpo41+1_i386.deb
to pool/main/s/samba/smbfs_3.2.5-4~bpo41+1_i386.deb
swat_3.2.5-4~bpo41+1_i386.deb
to pool/main/s/samba/swat_3.2.5-4~bpo41+1_i386.deb
winbind_3.2.5-4~bpo41+1_i386.deb
to pool/main/s/samba/winbind_3.2.5-4~bpo41+1_i386.deb
Reply to: