Fwd: [SECURITY] [DSA 4427-1] samba security update

Dear LTS maintainers, See attached patch for CVE-2019-3880 in samba. Don't know if it applies cleanly. Regards Mathieu Parent -- Forwarded message - De : Sebastien Delafond Date: lun. 8 avr. 2019 à 10:27 Subject: [SECURITY] [DSA 4427-1] samba security update To: -BEGIN

Re: fixing CVE-2018-1050 in samba 3.3.6

debian.org/debian-lts/2018/03/msg00047.html I agree that a fix is needed for wheezy-lts. I've added a comment in the bug about 3.6 being affected: https://bugzilla.samba.org/show_bug.cgi?id=11343#c32 Regards -- Mathieu Parent

Re: CVE-2018-1050 and CVE-2018-1057 for samba

2018-03-14 10:00 GMT+01:00 Paul Wise <p...@debian.org>: > On Wed, Mar 14, 2018 at 4:42 PM, Mathieu Parent wrote: > >> See the attached patch for CVE-2018-1050 on samba 3.6. CVE-2018-10507 >> is on the AD DC code which is not part of samba 3.6. > > A beta of samba

CVE-2018-1050 and CVE-2018-1057 for samba

Hi, See the attached patch for CVE-2018-1050 on samba 3.6. CVE-2018-10507 is on the AD DC code which is not part of samba 3.6. I won't handle the update in wheezy-lts (it's already done in sid and stretch, and I will handle those in jessie tomorrow). Regards -- Mathieu Parent From

Re: [Announce] Samba 4.7.3, 4.6.11 and 4.5.15 Security Releases Available for Download

. 2017-11-21 10:47 GMT+01:00 Salvatore Bonaccorso <car...@debian.org>: > Hi Mathieu, Hi Salvatore, > On Tue, Nov 21, 2017 at 10:42:58AM +0100, Mathieu Parent wrote: >> Hi, >> >> As you can see bellow, two samba CVEs have been un-embargoed. > > Yes seen a

Re: [Announce] Samba 4.7.3, 4.6.11 and 4.5.15 Security Releases Available for Download

Hi, As you can see bellow, two samba CVEs have been un-embargoed. Current status: - I've build, tested and uploaded sid, - I'm currently rebuilding stretch-security (I forgot "-sa"). Salvatore, where should I upload? - I've build, tested and uploaded jessie-security in embargoed. Salvatore will

Re: [Announce] Samba 4.7.3, 4.6.11 and 4.5.15 Security Releases Available for Download

2017-11-21 11:01 GMT+01:00 Mathieu Parent <math.par...@gmail.com>: > . > > 2017-11-21 10:47 GMT+01:00 Salvatore Bonaccorso <car...@debian.org>: [...] >>> - I'm currently rebuilding stretch-security (I forgot "-sa"). >>> Salvatore, where should I

Accepted samba 2:3.6.6-6+deb7u15 (source amd64 all) into oldoldstable

-dbg libwbclient0 libwbclient-dev Architecture: source amd64 all Version: 2:3.6.6-6+deb7u15 Distribution: wheezy-security Urgency: high Maintainer: Debian Samba Maintainers <pkg-samba-ma...@lists.alioth.debian.org> Changed-By: Mathieu Parent <sath...@debian.org> Description: libnss-win

Accepted samba 2:3.6.6-6+deb7u13 (source amd64 all) into oldstable

-dbg libwbclient0 libwbclient-dev Architecture: source amd64 all Version: 2:3.6.6-6+deb7u13 Distribution: wheezy-security Urgency: medium Maintainer: Debian Samba Maintainers <pkg-samba-ma...@lists.alioth.debian.org> Changed-By: Mathieu Parent <sath...@debian.org> Description: li

Fwd: Heads-up: Security Releases ahead!

Hi, FYI, I'll take care of this on the wheezy side. Regards Mathieu Parent -- Forwarded message -- From: Karolin Seeger via samba-announce <samba-annou...@lists.samba.org> Date: 2017-05-22 10:37 GMT+02:00 Subject: Heads-up: Security Releases ahead! To: samba-

Re: Review and help test Wheezy LTS update of Samba

2017-04-01 4:12 GMT+02:00 Roberto C. Sánchez : > All, Hello Roberto, > I have prepared the 3.6.6-6+deb7u12 update of Samba for Wheezy LTS. The > update incorporates some cherry-picked commits from upstream, the fix > for CVE-2017-2619, and a fix for a regression introduced

Re: Fwd: [Announce] Samba 4.6.1, 4.5.7 and 4.4.12 Security Releases Available for Download

2017-03-28 21:07 GMT+02:00 Ola Lundqvist : > Hi Mathieu and Roberto Hi, > Mathieu, do you mean that they patches should apply cleanly and if they do > not, then we have missed some other important patch, or do you just mean > that they should generally apply cleanly? I don't

Re: Fwd: [Announce] Samba 4.6.1, 4.5.7 and 4.4.12 Security Releases Available for Download

Hi, 2017-03-26 14:39 GMT+02:00 Roberto C. Sánchez <robe...@connexer.com>: > On Thu, Mar 23, 2017 at 11:30:09AM +0100, Mathieu Parent wrote: >> >> See attached the backported patches for 3.6 (those are from the samba >> bugzilla which is still embargoed). >> >

Re: [Announce] Samba 4.6.1, 4.5.7 and 4.4.12 Security Releases Available for Download

Please wait a bit before uploading. There is a regression in jessie when "follow symlinks = no" #858564, and a segfault with vfs_shadow2 (#858590). Regards -- Mathieu Parent

Fwd: [Announce] Samba 4.6.1, 4.5.7 and 4.4.12 Security Releases Available for Download

bugzilla which is still embargoed). Please take care of it. Thanks Mathieu Parent -- Forwarded message -- From: Karolin Seeger via samba-announce <samba-annou...@lists.samba.org> Date: 2017-03-23 10:11 GMT+01:00 Subject: [Announce] Samba 4.6.1, 4.5.7 and 4.4.12 Security Re

Re: Wheezy update of samba?

2016-12-19 22:21 GMT+01:00 Ola Lundqvist : > Hello dear maintainer(s), Hello, > the Debian LTS team would like to fix the security issues which are > currently open in the Wheezy version of samba: > https://security-tracker.debian.org/tracker/CVE-2016-2125 > > Would you like to