Package: release.debian.org User: release.debian....@packages.debian.org Usertags: unblock Severity: normal
Please unblock package samba.
[ Reason ]
It fixes:
* CVE-2021-20254: Negative idmap cache entries can cause incorrect group
entries in the Samba file server process token (Closes: #987811)
* Add Breaks+Replaces: samba-dev (<< 2:4.11) (Closes: #987209)
[ Impact ]
Without the second fix, some buster -> bulleye upgrades will fail.
There is no known exploit for the security issue, but:
> an unprivileged user was able to delete a file within
> a network share that they should have been disallowed access to
[ Tests ]
Minimal manual tests done.
[ Risks ]
?
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
[ Other info ]
(Anything else the release team should know.)
unblock samba/2:4.13.5+dfsg-2
samba.debdiff
Description: Binary data
