Bug#930749: unblock: samba/2:4.9.9+dfsg-1
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Hi,
This is a pre-approval request about samba.
A new Samba security version was released today to address
CVE-2019-12435: 4.9.9.
Sid/buster currently has 4.9.5. I'm tempted to upload 4.9.9 to sid
(targeting buster).
This would add a big diff of stability fixes. The d/changelog would look like:
samba (2:4.9.9+dfsg-1) unstable; urgency=high
* This is a security release in order to address the following defect:
- CVE-2019-12435 zone operations can crash rpc server (Closes: #930748)
* New upstream release
- Remove security patches, included in release
- libsamba-passdb.so bumped to 0.27.2
* Add missing Breaks+Replace found by piuparts (Closes: #929217)
Thanks Andreas Beckmann!
Without an ack from you, I will only add the patch for CVE-2019-12435 (and
maybe #929217?) and delay the other fixes for buster-proposed-updates.
What is you opinion?
(not including the debdiff against the package in testing, which is huge)
unblock samba/2:4.9.9+dfsg-1
-- System Information:
Debian Release: 10.0
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-5-amd64 (SMP w/2 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8),
LANGUAGE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Reply to: