Bug#930749: unblock: samba/2:4.9.9+dfsg-1
Control: tag -1 - moreinfo Le jeu. 20 juin 2019 à 09:03, Paul Gevers a écrit : > > Control: tags -1 moreinfo > > On 19-06-2019 22:14, Mathieu Parent wrote: > > Without an ack from you, I will only add the patch for CVE-2019-12435 (and > > maybe #929217?) and delay the other fixes for buster-proposed-updates. > > > > What is you opinion? > > Please do the targeted fix (for both issues). We are really closing the > release now and its not appropriate anymore to include new upstream > releases that are *not* target fix upstream releases. I went ahead and uploaded 2:4.9.5+dfsg-5 to sid just now. The debdiff is attached. > Please also try hard to meet the dead-line for a ready to migrate > package at 2019-06-25 13:00 UTC [1]. It should be ok. > Remove the moreinfo tag once there is something ready to review. Done. Regards -- Mathieu Parent debdiff Description: Binary data
Bug#930749: unblock: samba/2:4.9.9+dfsg-1
Control: tags -1 moreinfo On 19-06-2019 22:14, Mathieu Parent wrote: > Without an ack from you, I will only add the patch for CVE-2019-12435 (and > maybe #929217?) and delay the other fixes for buster-proposed-updates. > > What is you opinion? Please do the targeted fix (for both issues). We are really closing the release now and its not appropriate anymore to include new upstream releases that are *not* target fix upstream releases. Please also try hard to meet the dead-line for a ready to migrate package at 2019-06-25 13:00 UTC [1]. Remove the moreinfo tag once there is something ready to review. Paul [1] https://lists.debian.org/debian-devel-announce/2019/06/msg3.html Paul signature.asc Description: OpenPGP digital signature
Bug#930749: unblock: samba/2:4.9.9+dfsg-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi, This is a pre-approval request about samba. A new Samba security version was released today to address CVE-2019-12435: 4.9.9. Sid/buster currently has 4.9.5. I'm tempted to upload 4.9.9 to sid (targeting buster). This would add a big diff of stability fixes. The d/changelog would look like: samba (2:4.9.9+dfsg-1) unstable; urgency=high * This is a security release in order to address the following defect: - CVE-2019-12435 zone operations can crash rpc server (Closes: #930748) * New upstream release - Remove security patches, included in release - libsamba-passdb.so bumped to 0.27.2 * Add missing Breaks+Replace found by piuparts (Closes: #929217) Thanks Andreas Beckmann! Without an ack from you, I will only add the patch for CVE-2019-12435 (and maybe #929217?) and delay the other fixes for buster-proposed-updates. What is you opinion? (not including the debdiff against the package in testing, which is huge) unblock samba/2:4.9.9+dfsg-1 -- System Information: Debian Release: 10.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.19.0-5-amd64 (SMP w/2 CPU cores) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), LANGUAGE=fr_FR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled