Bug#836795: jessie-pu: package samba/2:4.1.17+dfsg-2+deb8u2

To: Jelmer Vernooĳ <jelmer@debian.org>
Cc: 836795@bugs.debian.org, team@security.debian.org
Subject: Bug#836795: jessie-pu: package samba/2:4.1.17+dfsg-2+deb8u2
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sat, 10 Sep 2016 11:16:00 +0100
Message-id: <[🔎] 1473502560.2011.28.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 836795@bugs.debian.org
In-reply-to: <147310864605.23516.10117125108176620617.reportbug@morgaine.jelmer.uk>
References: <147310864605.23516.10117125108176620617.reportbug@morgaine.jelmer.uk>

Control: tags -1 + moreinfo

[CC += team@security]

On Mon, 2016-09-05 at 20:50 +0000, Jelmer Vernooĳ wrote:
> I'd like to update Samba in jessie to 4.2.14+dfsg. Debdiff is attached.

This didn't make it to debian-release, most likely due to the size of
the debdiff.

> The 4 Samba releases since 4.2.10 (currently in jessie) only fix
> important bugs, in particular a CVE (CVE-2016-2119) and various
> regressions introduced by the security fixes from 4.2.10.

Has the possibility of releasing this via the security archive been
discussed? CVE-2016-2119 isn't marked no-dsa in the Security Tracker
currently and by the sound of it the remaining changes relate to fixes
for issues in the previous security update.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#836795: jessie-pu: package samba/2:4.1.17+dfsg-2+deb8u2
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Bug#837199: transition: armadillo
Next by Date: Processed: Re: Bug#836795: jessie-pu: package samba/2:4.1.17+dfsg-2+deb8u2
Previous by thread: Bug#835397: transition: superlu soname 4 -> 5
Next by thread: Processed: Re: Bug#836795: jessie-pu: package samba/2:4.1.17+dfsg-2+deb8u2
Index(es):
- Date
- Thread