tag 858564 pending thanks Hello,
Bug #858564 reported by you has been fixed in the Git repository. You can see the changelog below, and you can check the diff of the fix at: https://anonscm.debian.org/cgit/pkg-samba/samba.git/commit/?id=a88130d --- commit a88130d25e6fddd56259044af3fb01057a39c652 Author: Mathieu Parent <math.par...@gmail.com> Date: Thu Mar 30 22:15:47 2017 +0200 Release 2:4.2.14+dfsg-0+deb8u5 diff --git a/debian/changelog b/debian/changelog index a7f1de5..57b2ce1 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,29 @@ +samba (2:4.2.14+dfsg-0+deb8u5) jessie-security; urgency=high + + * This is a security release in order to fix regressions from CVE-2017-2619 + * Fix "follow symlink = no" (Closes: #858564) + - s3: smbd: Fix incorrect logic exposed by fix for the security bug 12496 + (CVE-2017-2619). + - s3: smbd: Fix "follow symlink = no" regression part 2. + - s3: smbd: Fix "follow symlink = no" regression part 2. + * Fix shadow_copy2 (Closes: #858648, #858590) + - vfs_shadow_copy: handle non-existant files and wildcards + - vfs_shadow_copy2: fix crash in 4.2.x backport + - vfs_shadow_copy2: add a blackbox test suite + - s3: libsmb: Correctly align create contexts in a create call. + - s3: libsmb: Add return args to clistr_is_previous_version_path(). + - s3: libsmb: Add cli_smb2_shadow_copy_data() function that gets shadow copy + info over SMB2. + - s3: libsmb: Plumb new SMB2 shadow copy call into cli_shadow_copy_data(). + - s3: libsmb: Add the capability to find a @GMT- path in an SMB2 create and + transform to a timewarp token. + - s2-selftest: run shadow_copy2 test both in NT1 and SMB3 modes + - selftest: add content to files created during shadow_copy2 test + - selftest: check file readability in shadow_copy2 test + - selftest: test listing directories inside snapshots + + -- Mathieu Parent <sath...@debian.org> Thu, 30 Mar 2017 22:15:40 +0200 + samba (2:4.2.14+dfsg-0+deb8u4) jessie-security; urgency=high * Non-maintainer upload by the Security Team.