Bug#988169: unblock: samba/2:4.13.5+dfsg-2

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#988169: unblock: samba/2:4.13.5+dfsg-2
From: Mathieu Parent <math.parent@gmail.com>
Date: Thu, 6 May 2021 21:57:12 +0200
Message-id: <[🔎] CAFX5sbzwX+u3oWcTYe=eomWB_VYpuOYxKWmcnX8rK4jsAXiicQ@mail.gmail.com>
Reply-to: Mathieu Parent <math.parent@gmail.com>, 988169@bugs.debian.org

Package: release.debian.org
User: release.debian.org@packages.debian.org
Usertags: unblock
Severity: normal

Please unblock package samba.

[ Reason ]

It fixes:

  * CVE-2021-20254: Negative idmap cache entries can cause incorrect group
    entries in the Samba file server process token (Closes: #987811)
  * Add Breaks+Replaces: samba-dev (<< 2:4.11) (Closes: #987209)

[ Impact ]

Without the second fix, some buster -> bulleye upgrades will fail.

There is no known exploit for the security issue, but:

> an unprivileged user was able to delete a file within
> a network share that they should have been disallowed access to


[ Tests ]

Minimal manual tests done.

[ Risks ]

?

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
(Anything else the release team should know.)

unblock samba/2:4.13.5+dfsg-2

Attachment: samba.debdiff
Description: Binary data

Reply to:

Follow-Ups:
- Bug#988169: marked as done (unblock: samba/2:4.13.5+dfsg-2)
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: Bug#988168: unblock: cifs-utils/6.11-3
Next by Date: Bug#987987: marked as done (unblock: needrestart/3.5-4)
Previous by thread: Bug#988168: marked as done (unblock: cifs-utils/6.11-3)
Next by thread: Bug#988169: marked as done (unblock: samba/2:4.13.5+dfsg-2)
Index(es):
- Date
- Thread