tag 858564 pending
thanks

Hello,

Bug #858564 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:

    https://anonscm.debian.org/cgit/pkg-samba/samba.git/commit/?id=a88130d

---
commit a88130d25e6fddd56259044af3fb01057a39c652
Author: Mathieu Parent <math.par...@gmail.com>
Date:   Thu Mar 30 22:15:47 2017 +0200

    Release 2:4.2.14+dfsg-0+deb8u5

diff --git a/debian/changelog b/debian/changelog
index a7f1de5..57b2ce1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,29 @@
+samba (2:4.2.14+dfsg-0+deb8u5) jessie-security; urgency=high
+
+  * This is a security release in order to fix regressions from CVE-2017-2619
+  * Fix "follow symlink = no" (Closes: #858564)
+    - s3: smbd: Fix incorrect logic exposed by fix for the security bug 12496
+      (CVE-2017-2619).
+    - s3: smbd: Fix "follow symlink = no" regression part 2.
+    - s3: smbd: Fix "follow symlink = no" regression part 2.
+  * Fix shadow_copy2 (Closes: #858648, #858590)
+    - vfs_shadow_copy: handle non-existant files and wildcards
+    - vfs_shadow_copy2: fix crash in 4.2.x backport
+    - vfs_shadow_copy2: add a blackbox test suite
+    - s3: libsmb: Correctly align create contexts in a create call.
+    - s3: libsmb: Add return args to clistr_is_previous_version_path().
+    - s3: libsmb: Add cli_smb2_shadow_copy_data() function that gets shadow 
copy
+      info over SMB2.
+    - s3: libsmb: Plumb new SMB2 shadow copy call into cli_shadow_copy_data().
+    - s3: libsmb: Add the capability to find a @GMT- path in an SMB2 create and
+      transform to a timewarp token.
+    - s2-selftest: run shadow_copy2 test both in NT1 and SMB3 modes
+    - selftest: add content to files created during shadow_copy2 test
+    - selftest: check file readability in shadow_copy2 test
+    - selftest: test listing directories inside snapshots
+
+ -- Mathieu Parent <sath...@debian.org>  Thu, 30 Mar 2017 22:15:40 +0200
+
 samba (2:4.2.14+dfsg-0+deb8u4) jessie-security; urgency=high
 
   * Non-maintainer upload by the Security Team.

Reply via email to