Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
Hi, This is a pre-approval request about samba. A new Samba security version was released today to address CVE-2019-12435: 4.9.9. Sid/buster currently has 4.9.5. I'm tempted to upload 4.9.9 to sid (targeting buster). This would add a big diff of stability fixes. The d/changelog would look like: samba (2:4.9.9+dfsg-1) unstable; urgency=high * This is a security release in order to address the following defect: - CVE-2019-12435 zone operations can crash rpc server (Closes: #930748) * New upstream release - Remove security patches, included in release - libsamba-passdb.so bumped to 0.27.2 * Add missing Breaks+Replace found by piuparts (Closes: #929217) Thanks Andreas Beckmann! Without an ack from you, I will only add the patch for CVE-2019-12435 (and maybe #929217?) and delay the other fixes for buster-proposed-updates. What is you opinion? (not including the debdiff against the package in testing, which is huge) unblock samba/2:4.9.9+dfsg-1 -- System Information: Debian Release: 10.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.19.0-5-amd64 (SMP w/2 CPU cores) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), LANGUAGE=fr_FR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled