Package: release.debian.org User: release.debian....@packages.debian.org Usertags: unblock Severity: normal
Please unblock package samba. [ Reason ] It fixes: * CVE-2021-20254: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token (Closes: #987811) * Add Breaks+Replaces: samba-dev (<< 2:4.11) (Closes: #987209) [ Impact ] Without the second fix, some buster -> bulleye upgrades will fail. There is no known exploit for the security issue, but: > an unprivileged user was able to delete a file within > a network share that they should have been disallowed access to [ Tests ] Minimal manual tests done. [ Risks ] ? [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] (Anything else the release team should know.) unblock samba/2:4.13.5+dfsg-2
samba.debdiff
Description: Binary data