Back to samba PTS page

Accepted samba 2:4.13.13+dfsg-1~deb11u3 (source) into proposed-updates->stable-new, proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted samba 2:4.13.13+dfsg-1~deb11u3 (source) into proposed-updates->stable-new, proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sun, 13 Feb 2022 22:32:26 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1nJNPu-000J9m-SV@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 03 Feb 2022 21:54:02 +0100
Source: samba
Architecture: source
Version: 2:4.13.13+dfsg-1~deb11u3
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 1001068 1004693 1004694
Changes:
 samba (2:4.13.13+dfsg-1~deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Add patches for CVE-2022-0336 (Closes: #1004694)
     - CVE-2022-0336: pytest: Add a test for an SPN conflict with a re-added
       SPN.
     - CVE-2022-0336: s4/dsdb/samldb: Don't return early when an SPN is
       re-added to an object.
   * Add patches for CVE-2021-44142 (Closes: #1004693)
     - CVE-2021-44142: libadouble: add defines for icon lengths.
     - CVE-2021-44142: smbd: add Netatalk xattr used by vfs_fruit to the list
       of private Samba xattrs.
     - CVE-2021-44142: libadouble: harden ad_unpack_xattrs()
     - CVE-2021-44142: libadouble: add basic cmocka tests.
     - CVE-2021-44142: libadouble: harden parsing code.
   * Add patches to address "The CVE-2020-25717 username map [script] advice
     has undesired side effects for the local nt token" (Closes: #1001068)
     - CVE-2020-25727: idmap_nss: verify that the name of the sid belongs to
       the configured domain
     - CVE-2020-25717: tests/krb5: Add method to automatically obtain server
       credentials
     - CVE-2020-25717: nsswitch/nsstest.c: Lower 'non existent uid' to make
       room for new accounts
     - CVE-2020-25717: selftest: turn ad_member_no_nss_wb into
       ad_member_idmap_nss
     - CVE-2020-25717: tests/krb5: Add a test for idmap_nss mapping users to
       SIDs
     - CVE-2020-25717: s3:auth: Fallback to a SID/UID based mapping if the
       named based lookup fails
Checksums-Sha1: 
 62595a0c2cd92a646f2ee32ef98a9b7f12737a74 4514 samba_4.13.13+dfsg-1~deb11u3.dsc
 9a5f54933e1409a4c403e4a4d7f122071af9700d 467700 samba_4.13.13+dfsg-1~deb11u3.debian.tar.xz
Checksums-Sha256: 
 0d84245dfa8ac468b5f50910d1942bac515c8d17e08261390f8ce8a422ba9a05 4514 samba_4.13.13+dfsg-1~deb11u3.dsc
 b053b5d46c3f42c6167312a640f0b73972c2e8c9e87405e5559e3fb91fd5fe89 467700 samba_4.13.13+dfsg-1~deb11u3.debian.tar.xz
Files: 
 1241d6789653e4eea6b82fa627468dda 4514 net optional samba_4.13.13+dfsg-1~deb11u3.dsc
 e25800062ba55e437c3e036c6e023a89 467700 net optional samba_4.13.13+dfsg-1~deb11u3.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmH8RsRfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EhxQQAJv0xn6HV0bmHW4BvocvQ+fkei30Qs3x
mnGRMlIJo/3zRjr/813Ia9ZiFSBT/TTvxnvlr+1Fk+zJSRALpyoXtqQ/GXpwOa10
eEX5AK9rwBm5XAVK45OchrrX4yXYcqG8/SRZzcJo/RDJApTBYM2zSS5LOkfX0xE+
m+GqTPbp1PHFDe2BJnQZnt1hhtIVaNvGP/Mf/6OWqjWUlRPGhp9AgjUr+ffPGtx3
0HIZ61GRB0Uxr3mgRQvhzWZJYQ+/XU6hMNS+EBV9NbXIQY+XOOiRLagZlYi4I52a
42RcCi+6gXjPwIrJqSsSZTOafSZQox3sszEohBcH1gN0htFI3KfmzEdZWyIoaX2Y
GTRckvx9bG+WgPyVESSS+gBGBwQgx9hg2Ae0an5C8PpcmFECcl7b+meiNwVqF3MR
+LuIRvlC2cgv2PUMXfoedsA98UVkLGxSJk9MJ+1Gsldhy6EhdSjQqsLIKkYmf7Yj
oFJFJ6np2u7j7HAUEZrAXmuEm+vJW62VuhE5f1ZKyhI0D4u7Sus2pr3+5hdEc8m0
HCcgcgbkuxxan+N+5WM+s3OngZQAWxNEPVtszxu/TpRNcLF9122lcrmiVYWmj5uz
f81juB9L5VBCuUMQBO7FBS87XJ4tfqmIfL1gTOiAmAU+lwYXI9Jy43s/XU7hTbtf
7kiZHZ4gcsk+
=lSxZ
-----END PGP SIGNATURE-----