Back to samba PTS page

Accepted samba 2:4.17.4+dfsg-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted samba 2:4.17.4+dfsg-1 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Thu, 15 Dec 2022 21:13:21 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: samba_4.17.4+dfsg-1_source.changes
Debian-source: samba
Debian-suite: unstable
Debian-version: 2:4.17.4+dfsg-1
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=tp4P713xUUFX4zji7OTovn+Fya40tR5SPizMprEcGU8=; b=MDQhpacWK56/6wRZZ4g4rSvqtM 03ZMBE5oqMl0pKoRnPQy7yYzBX72XacBdE2E+ZDcv/M0q7H9QLv40jjlA+H2ei307+1gtbJLy+p2S zZVYw93BJakVomzI8R8ENpyhxOPbobPxm/cpdvyidNyXLrjVRjAIfzaPpNujNH3ktMdLoXIdse6w5 DpP4Ag+pQLO4Pf/28VCkupJ6cLpIybgTYHL7Sy24KZcqIZmELkSKaiSG8y4bjqoDi4Ar6WnY8wvTg BST0x9uQV0FZOAGkRk15SX4SoLidtYqE5z1ZUkDVtt5qzyjSmMqeNRT9O/1GboX2QmkUiUT+/rtQz moC3qXyg==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1p5vXd-00GGs8-ER@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 15 Dec 2022 21:54:31 +0300
Source: samba
Architecture: source
Version: 2:4.17.4+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Changes:
 samba (2:4.17.4+dfsg-1) unstable; urgency=medium
 .
   * new upstream stable/security release, with the following changes:
    - CVE-2022-37966: Windows Kerberos RC4-HMAC Elevation of Privilege
      Vulnerability disclosed by Microsoft on Nov 8 2022, see
      https://www.samba.org/samba/security/CVE-2022-37966.html
    - CVE-2022-37967: Windows Kerberos Elevation of Privilege Vulnerability
      disclosed by Microsoft on Nov 8 2022. See
      https://www.samba.org/samba/security/CVE-2022-37967.html
    - CVE-2022-38023: Weak "RC4" (rc4-hmac) protection of the NetLogon Secure
      channel uses, see https://www.samba.org/samba/security/CVE-2022-38023.html
     There are several important behavior changes included in this release,
     which may cause compatibility problems interacting with system still
     expecting the former behavior.  Please read the documents referenced above!
     See also the WHATSNEW.txt document, as there are several new, changed
     and deprecated smb.conf parameters.
   * Other bugfixes in this release (from WHATSNEW.txt):
     https://bugzilla.samba.org/show_bug.cgi?id=14929 CVE-2022-44640
      Upstream Heimdal free of user-controlled pointer in FAST.
     https://bugzilla.samba.org/show_bug.cgi?id=15219
      Heimdal session key selection in AS-REQ examines wrong entry.
     https://bugzilla.samba.org/show_bug.cgi?id=13135 The KDC logic around
      msDs-supportedEncryptionTypes differs from Windows.
     https://bugzilla.samba.org/show_bug.cgi?id=14611 CVE-2021-20251
      Bad password count not incremented atomically.
     https://bugzilla.samba.org/show_bug.cgi?id=15206 libnet: change_password()
      doesn't work with dcerpc_samr_ChangePasswordUser4()
     https://bugzilla.samba.org/show_bug.cgi?id=15230
      Memory leak in snprintf replacement functions.
     https://bugzilla.samba.org/show_bug.cgi?id=15253 RODC doesn't reset
      badPwdCount reliable via an RWDC (CVE-2021-20251 regression).
     https://bugzilla.samba.org/show_bug.cgi?id=15198
      Prevent EBADF errors with vfs_glusterfs.
     https://bugzilla.samba.org/show_bug.cgi?id=15243
      %U for include directive doesn't work for share listing (netshareenum).
     https://bugzilla.samba.org/show_bug.cgi?id=15257
      Stack smashing in net offlinejoin requestodj.
   * removed patches which are now included upstream:
    - nsswitch-pam-data-time_t.patch
    - CVE-2022-42898-lib-krb5-fix-_krb5_get_int64-on-32bit.patch
Checksums-Sha1:
 45bd04052997dc4da900e4feab4548be44b0cbd4 4386 samba_4.17.4+dfsg-1.dsc
 d1d85aea5dd654015901100071da86b7064a0605 18416236 samba_4.17.4+dfsg.orig.tar.xz
 d6a0954d6ae301d61e2299bdd32eeef11320550e 267156 samba_4.17.4+dfsg-1.debian.tar.xz
 198e1a518c651ed1bd9c88ec2bdd3fcba81e47d9 5983 samba_4.17.4+dfsg-1_source.buildinfo
Checksums-Sha256:
 6c34443b9cb0548ed507706ae449d517242a24f409cc4ae017c3f2413ba4a424 4386 samba_4.17.4+dfsg-1.dsc
 a7905360a0a0492efcdd2add64948a0aa1dddd7adebf480b1ede6075d8a7cb7f 18416236 samba_4.17.4+dfsg.orig.tar.xz
 db7d4ce308e490d96d264381a45dd12f2623900f3357d8dfc211330c5993b835 267156 samba_4.17.4+dfsg-1.debian.tar.xz
 19f0ca8d6aaea437c69797067c7a8cae544a2cc0cbb08052310da9999848f74e 5983 samba_4.17.4+dfsg-1_source.buildinfo
Files:
 b7331b6bb50d152c685fbfa99966b8a5 4386 net optional samba_4.17.4+dfsg-1.dsc
 4973f1d706181472379313f4337c73ce 18416236 net optional samba_4.17.4+dfsg.orig.tar.xz
 2cbabce68314f92eb3b874d548232e0b 267156 net optional samba_4.17.4+dfsg-1.debian.tar.xz
 c75b774860fa7508819db89eb0aeda4c 5983 net optional samba_4.17.4+dfsg-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAmObcP8PHG1qdEB0bHMu
bXNrLnJ1AAoJEHAbT2saaT5ZqtkIAK29TcfovUJcjnz3KhhdLZnvUiI9YXN/wU1N
zAtgYnKKbI3HF4CEKCRMsl5QGggsjnbYhD8sBaOyAn8gOFlhGOjakoAeAZm2gIJh
FIGtIu0n/s06Scfme7Tw3Xttoxz7CcFGFkhUFwgHVAn9VsenXVlEO27C/6NnuOiD
V3GEbhoQyDPhs1TGrsWbHIYs3c5/JJDB8u2+CD4l6Fw/iaqliJqFLWx5Pb6riFAV
rrtToZsPm+K5hQiJdwLbYpEC2bCwuGtoUZKv94DFm89FqVfSoGPKueF4nv0CKrhU
Fwf4Ub5Vu1mq8uhP296qrlXboH6SPoj4RC4IflrRwxlV3IIKwYE=
=MYLx
-----END PGP SIGNATURE-----