Dear LTS maintainers,
See attached patch for CVE-2019-3880 in samba. Don't know if it applies cleanly.
Regards
Mathieu Parent
-- Forwarded message -
De : Sebastien Delafond
Date: lun. 8 avr. 2019 à 10:27
Subject: [SECURITY] [DSA 4427-1] samba security update
To:
-BEGIN
debian.org/debian-lts/2018/03/msg00047.html
I agree that a fix is needed for wheezy-lts.
I've added a comment in the bug about 3.6 being affected:
https://bugzilla.samba.org/show_bug.cgi?id=11343#c32
Regards
--
Mathieu Parent
2018-03-14 10:00 GMT+01:00 Paul Wise <p...@debian.org>:
> On Wed, Mar 14, 2018 at 4:42 PM, Mathieu Parent wrote:
>
>> See the attached patch for CVE-2018-1050 on samba 3.6. CVE-2018-10507
>> is on the AD DC code which is not part of samba 3.6.
>
> A beta of samba
Hi,
See the attached patch for CVE-2018-1050 on samba 3.6. CVE-2018-10507
is on the AD DC code which is not part of samba 3.6.
I won't handle the update in wheezy-lts (it's already done in sid and
stretch, and I will handle those in jessie tomorrow).
Regards
--
Mathieu Parent
From
.
2017-11-21 10:47 GMT+01:00 Salvatore Bonaccorso <car...@debian.org>:
> Hi Mathieu,
Hi Salvatore,
> On Tue, Nov 21, 2017 at 10:42:58AM +0100, Mathieu Parent wrote:
>> Hi,
>>
>> As you can see bellow, two samba CVEs have been un-embargoed.
>
> Yes seen a
Hi,
As you can see bellow, two samba CVEs have been un-embargoed.
Current status:
- I've build, tested and uploaded sid,
- I'm currently rebuilding stretch-security (I forgot "-sa").
Salvatore, where should I upload?
- I've build, tested and uploaded jessie-security in embargoed.
Salvatore will
2017-11-21 11:01 GMT+01:00 Mathieu Parent <math.par...@gmail.com>:
> .
>
> 2017-11-21 10:47 GMT+01:00 Salvatore Bonaccorso <car...@debian.org>:
[...]
>>> - I'm currently rebuilding stretch-security (I forgot "-sa").
>>> Salvatore, where should I
-dbg libwbclient0 libwbclient-dev
Architecture: source amd64 all
Version: 2:3.6.6-6+deb7u15
Distribution: wheezy-security
Urgency: high
Maintainer: Debian Samba Maintainers <pkg-samba-ma...@lists.alioth.debian.org>
Changed-By: Mathieu Parent <sath...@debian.org>
Description:
libnss-win
-dbg libwbclient0 libwbclient-dev
Architecture: source amd64 all
Version: 2:3.6.6-6+deb7u13
Distribution: wheezy-security
Urgency: medium
Maintainer: Debian Samba Maintainers <pkg-samba-ma...@lists.alioth.debian.org>
Changed-By: Mathieu Parent <sath...@debian.org>
Description:
li
Hi,
FYI, I'll take care of this on the wheezy side.
Regards
Mathieu Parent
-- Forwarded message --
From: Karolin Seeger via samba-announce <samba-annou...@lists.samba.org>
Date: 2017-05-22 10:37 GMT+02:00
Subject: Heads-up: Security Releases ahead!
To: samba-
2017-04-01 4:12 GMT+02:00 Roberto C. Sánchez :
> All,
Hello Roberto,
> I have prepared the 3.6.6-6+deb7u12 update of Samba for Wheezy LTS. The
> update incorporates some cherry-picked commits from upstream, the fix
> for CVE-2017-2619, and a fix for a regression introduced
2017-03-28 21:07 GMT+02:00 Ola Lundqvist :
> Hi Mathieu and Roberto
Hi,
> Mathieu, do you mean that they patches should apply cleanly and if they do
> not, then we have missed some other important patch, or do you just mean
> that they should generally apply cleanly?
I don't
Hi,
2017-03-26 14:39 GMT+02:00 Roberto C. Sánchez <robe...@connexer.com>:
> On Thu, Mar 23, 2017 at 11:30:09AM +0100, Mathieu Parent wrote:
>>
>> See attached the backported patches for 3.6 (those are from the samba
>> bugzilla which is still embargoed).
>>
>
Please wait a bit before uploading.
There is a regression in jessie when "follow symlinks = no" #858564,
and a segfault with vfs_shadow2 (#858590).
Regards
--
Mathieu Parent
bugzilla which is still embargoed).
Please take care of it.
Thanks
Mathieu Parent
-- Forwarded message --
From: Karolin Seeger via samba-announce <samba-annou...@lists.samba.org>
Date: 2017-03-23 10:11 GMT+01:00
Subject: [Announce] Samba 4.6.1, 4.5.7 and 4.4.12 Security Re
2016-12-19 22:21 GMT+01:00 Ola Lundqvist :
> Hello dear maintainer(s),
Hello,
> the Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of samba:
> https://security-tracker.debian.org/tracker/CVE-2016-2125
>
> Would you like to
16 matches
Mail list logo