Your message dated Mon, 23 Feb 2015 19:34:25 +0000 with message-id <e1ypylt-0007ny...@franck.debian.org> and subject line Bug#779033: fixed in samba 2:4.1.17+dfsg-1 has caused the Debian Bug report #779033, regarding samba: CVE-2015-0240: unexpected code execution in smbd to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 779033: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779033 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: samba Version: 2:3.5.6~dfsg-3 Severity: grave Tags: security upstream fixed-upstream Justification: user security hole Control: fixed -1 2:3.6.6-6+deb7u5 Hi, (just to track this in BTS as well) the following vulnerability was published for samba. CVE-2015-0240[0]: unexpected code execution in smbd If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2015-0240 [1] https://www.samba.org/samba/security/CVE-2015-0240 Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: samba Source-Version: 2:4.1.17+dfsg-1 We believe that the bug you reported is fixed in the latest version of samba, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 779...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ivo De Decker <iv...@debian.org> (supplier of updated samba package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 23 Feb 2015 20:20:21 +0100 Source: samba Binary: samba samba-libs samba-common samba-common-bin smbclient samba-testsuite registry-tools libparse-pidl-perl samba-dev samba-doc python-samba samba-dsdb-modules samba-vfs-modules libpam-smbpass libsmbclient libsmbclient-dev libsmbsharemodes0 libsmbsharemodes-dev winbind libpam-winbind libnss-winbind samba-dbg libwbclient0 libwbclient-dev Architecture: source amd64 all Version: 2:4.1.17+dfsg-1 Distribution: unstable Urgency: high Maintainer: Debian Samba Maintainers <pkg-samba-ma...@lists.alioth.debian.org> Changed-By: Ivo De Decker <iv...@debian.org> Description: libnss-winbind - Samba nameservice integration plugins libpam-smbpass - pluggable authentication module for Samba libpam-winbind - Windows domain authentication integration plugin libparse-pidl-perl - IDL compiler written in Perl libsmbclient - shared library for communication with SMB/CIFS servers libsmbclient-dev - development files for libsmbclient libsmbsharemodes-dev - development files for libsmbsharemodes libsmbsharemodes0 - shared library for non-samba access to the samba 'share modes' da libwbclient-dev - Samba winbind client library - development files libwbclient0 - Samba winbind client library python-samba - Python bindings for Samba registry-tools - tools for viewing and manipulating the Windows registry samba - SMB/CIFS file, print, and login server for Unix samba-common - common files used by both the Samba server and client samba-common-bin - Samba common files used by both the server and the client samba-dbg - Samba debugging symbols samba-dev - tools for extending Samba samba-doc - Samba documentation samba-dsdb-modules - Samba Directory Services Database samba-libs - Samba core libraries samba-testsuite - test suite from Samba samba-vfs-modules - Samba Virtual FileSystem plugins smbclient - command-line SMB/CIFS clients for Unix winbind - service to resolve user and group information from Windows NT ser Closes: 775041 776993 779033 Changes: samba (2:4.1.17+dfsg-1) unstable; urgency=high . * New upstream release. Fixes: - CVE-2014-8143: Elevation of privilege to Active Directory Domain Controller. Closes: #776993 - CVE-2015-0240: Unexpected code execution in smbd. Closes: #779033 * Refresh patch add-so-version-to-private-libraries. * Add new smbtorture test rpc.schannel_anon_setpw to detect the conditions leading to CVE-2015-0240. * Add breaks on qtsmbstatus-server (<< 2.2.1-3~). Closes: #775041 * Build-depend on reverted ldb version (with increased epoch). Checksums-Sha1: bbbf57fc46babcc75b59a96d5ae686988e3f3ce7 4206 samba_4.1.17+dfsg-1.dsc bcd6c979bfac8048fb07ab130df34c728558fa31 13239440 samba_4.1.17+dfsg.orig.tar.xz 8abc15a8b0ca42543f76260e163cac7e55e90f42 214476 samba_4.1.17+dfsg-1.debian.tar.xz df3154ff6944666bdddb0fbd7bc950c98a10cc18 228348 samba-common_4.1.17+dfsg-1_all.deb 585a0ee8d2dc6a12a6ac2ea4a158b0a95580d2ce 305426 samba-doc_4.1.17+dfsg-1_all.deb Checksums-Sha256: 98f47d6380799c4bbdd5d3c1d214e5ae0038b688b60a6db4fbdc0e43bd3a3180 4206 samba_4.1.17+dfsg-1.dsc e8ae945068847657bd75b278f4584541eedd74c5a6ba7f626d95b6a92740cbd1 13239440 samba_4.1.17+dfsg.orig.tar.xz 6097b3b181546b729ed5beea30b193857f6bc0c3e2dc2e853cdbf3f681cfdc7c 214476 samba_4.1.17+dfsg-1.debian.tar.xz 59f1bb727c9f288ad5abdffcffcdbbff1745864137af0741ef306a62eee12e89 228348 samba-common_4.1.17+dfsg-1_all.deb 704a3cf15d4e349c8ec4e6131c568f89ec6cdc14d83b5d8dc0443cb252689fa4 305426 samba-doc_4.1.17+dfsg-1_all.deb Files: ee173c9287b83e8d9af4998e22d2e39a 4206 net optional samba_4.1.17+dfsg-1.dsc 8dbb77c1eec30a9a1860f77c33b14338 13239440 net optional samba_4.1.17+dfsg.orig.tar.xz bd87eb606094e2bf72afa4f025c81c8c 214476 net optional samba_4.1.17+dfsg-1.debian.tar.xz 8b09d2bc4513caf9b0caa23684fdca9c 228348 net optional samba-common_4.1.17+dfsg-1_all.deb fe2e3ad8418a0c325070ee37a264ece4 305426 doc optional samba-doc_4.1.17+dfsg-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJU639fAAoJEKxAu1iXBOr88pMP/Rm4BHNvbosgow/x6j9K6bTF 1ehOiWdlohPpuW93pNJqYEFuE6eXQ/rcb8ZRIVEWWl+qHIfYzWaDy/dPa3nH1WGB U5dIVe6h7qRd4bvf2DbWsYAcN83U5UT+8XsuYQNQneUxmec9nGayIH8+CEQC65WP ANlunohYVXgf76+E7vmhNGI9OC4E18t5Y3zrPbiuAs/gWuZT6yvOT61wi9M0VwXD 45Svlbvdt4MXQHOl6CEPvE1tUpYa4KHWBwZ87wHfs8BxEsyu0VQMLmUjKAa2FNC2 fa5O9QASmTY7d82xlgw5ZiIjOQ5ScsHO/rOfnvl57Ag4YMeeJ5VNmOGc/I1d+z/Y NvdH08QozJteu7zbJgTUfki1xrz4tykEPn4uvOsIzuypg23UFAeg8I3PcM1X+n6h ByAx8k00ftwQD2e1yclWl6wocCW9Hy68hpixVRrjzg1nhLYHApMTALG8rKEPnGbM Kbb4GI2MUGN0fie9gGrVeLGeBRWOJ9fmFqEDY1ozcgSvXrKTsC8pPXPCqQgJZtrJ z46rCVGEXxplg7VUkYUuPMSw+DvZOoifMnR+BkYoR8LitYiBptuuRBTWcOpL0UnM XorOPND3emgfhjYS1rhwvjhUv9wQ0noIR5wckN+rm3av3m3o78U4fiRz5MfLuvQz TxOX88a9hz/nos752cfx =af2w -----END PGP SIGNATURE-----
--- End Message ---
