* SECURITY UPDATE: buffer overflow in ip= command-line argument
- debian/patches/CVE-2022-27239.patch: fix length check for ip option
parsing in mount.cifs.c.
- CVE-2022-27239
* SECURITY UPDATE: information leak via verbose logging
- debian/patches/CVE-2022-29869.patch: fix verbose messages on option
parsing in mount.cifs.c.
- CVE-2022-29869
* No-change rebuild for ppc64el baseline bump.
* New upstream version 6.14
- Remove 0002-Install-hook-relative-to-DESTDIR.patch, fixed upstream
- Remove 0010-CVE-2021-20208.patch, merged
* Fix d/watch
* Standards-Version: 4.6.0
* CVE-2021-20208: cifs.upcall kerberos auth leak in container
(Closes: #987308)
[ Sergio Durigan Junior ]
* Add bash-completion for smbinfo.
- d/bash-completion: New file.
- d/control: Suggests bash-completion.
- d/rules: Invoke dh --with bash-completion.
[ Mathieu Parent ]
* Recommends keyutils (Closes: #986867)
[ Debian Janitor ]
* Set upstream metadata fields: Bug-Submit.
* Remove obsolete fields Name, Contact from debian/upstream/metadata.
* Update standards version to 4.4.1, no changes needed.
[ Mathieu Parent ]
* New upstream version 6.11
- CVE-2020-14342: Shell command injection vulnerability in mount.cifs
* Add sign-tags to gpb.conf
* Install hook relative to $(DESTDIR)
* Update standards version to 4.5.0, no changes needed.
* Update watch file format version to 4.
* Move to debhelper-compat 13
* Change script shbangs to python3
* Add python3 dependency
[ Jelmer Vernooij ]
* Add really basic debian/upstream/metadata file.
[ Debian Janitor ]
* Use secure URI in Homepage field.
* Drop unnecessary dependency on dh-autoconf.
* Set upstream metadata fields: Contact.
* Bump debhelper from old 11 to 12.
* New upstream release.
* Refresh patches.
[ Mathieu Parent ]
* Standards-Version: 4.4.0
* Drop Depends: samba-common (Closes: #901654)
* Update Standards-Version to 4.1.4, no change
* New upstream version 6.8
- Use new upstream signing key
- Add dependency on python3-docutils for rst2man
* Repository moved to salsa: Update Vcs-* fields
* Remove Christian Perrier (bubulle) from Uploaders.
Thanks for bringing me to the pkg-samba team! (Closes: #894322)
* Caught by lintian:
- Standards-Version: 4.1.3
- Use https form of the copyright-format URL (Debian Policy 4.0.0)
- Bump debhelper to compat 11
- Remove useless Build-Depends on dh-autoreconf
- Update debian/copyright for removed replace.h
- Update debian/watch to use secure URI
- debian/rules: Use /usr/share/dpkg/architecture.mk instead of calling
dpkg-architecure
* New upstream release
- a6662ed: cifs.upcall: switch group IDs when handling an upcall
- 109c189: cifs.upcall: drop capabilities early in program
- ed97e4e: cifs.upcall: allow scraping of KRB5CCNAME out of initiating
task's /proc/<pid>/environ file (Closes: #854607)
- ec387af4: cifs.upcall: trim even more capabilities
- 2dcecd2: cifs.upcall: unset $KRB5CCNAME when creating new credcache from
keytab
- 9eaa21e: cifs.upcall: don't do env scraping when uid is 0
- 69949ba: cifs.upcall: use a MEMORY: ccache when instantiating from a keytab
- and more commits...
* Set architecture to linux-any.
* Add pam_cifscreds (Closes: #848140, LP: #1611816). Patch by David Mcbride
* Use correct idmapwb.so path in postinst/prerm (Closes: #848275)
* Add me to uploaders
* Create idmap-plugin symlink using update-alternatives (Closes: #845532).
Thanks Alessandro Larcher for reporting.
* Team upload
* New upstream release
* Team upload
* Move keyutils and winbind from Recommends to Suggests (Closes: #822841)
* Spring cleaning:
- Standards-Version: 3.9.8 (no change)
- Use secure Vcs-* URIs
- Remove cifs-utils.NEWS as mount.cifs is setuid again since 2:5.4-2
(pre-wheezy)
- Updated gbp.conf (Old style config section)
- Renamed cifs-utils.lintian to cifs-utils.lintian-overrides
- Updated copyright file
[ Jelmer Vernooij ]
* New upstream release.
* Stop shipping README, which just contains build instructions.
Closes: #758722
* Fix watch URL.
* Bump standards version to 3.9.6 (no changes).
* New upstream release.
* Add branch to Vcs-Git header.
* Remove Luk Claes from uploaders, per his request. Closes: #748494
* New upstream release.
* Update standards version to 3.9.5 (no changes).
* Depend on autotools-dev to update config.guess and config.sub.
* Migrate to git, update Vcs-* headers.
* Add upstream signing key.
* Use dh-autoreconf.
* Build against libcap-ng-dev.
* New upstream release
- Merge all patches, they are all upstream.
* Set mount.cifs setuid again now that upstream took measures
(Closes: #673140,#622802,#668137,#572691).
* Add __attribute__((unused)) to stop gcc warnings -> errors.
* New upstream release (Closes: #669327).
- Version build dep on libwbclient-dev for wbclient.pc file
- Add 01_use_rc.patch to fix building.
- Add 02_add_D_FORTIFY_SOURCE.patch to fix building.
* Drop smbfs binary package (Closes: #620847).
* Drop capabilities instead of having mount.cifs setuid
(Closes: #665923).
* New upstream release
- Add manpage for cifscreds
- Add /etc/request-key.d configuration
* New upstream release (Closes: #651580).
- Move acltools to /usr/bin.
* Bump debian/compat to 9 for dpkg-buildflags support.
* New upstream release.
* Install getcifsacl and setcifsacl binaries and manpages
* New upstream release. Closes: #628880.
- mount.cifs: Use original device string all the way.
Closes: #620818.
* Install cifs.idmap upcall binary and manpage
- Add libwbclient-dev to Build-Depends
- Add winbind to Recommends
* Install cifscreds binary
[ Luk Claes ]
* Add Recommends to keyutils so following DFS links works out of the
box. Closes: #504690.
* Install README. Closes: #603094.
* Add --without-libcap to dh_auto_configure. Closes: #615211.
[ Steve Langasek ]
* New upstream release. Closes: #600788.
- mount.cifs: use original device name as-is for mtab.
Closes: #586009, #583508, #589218.
* Lintian override for the suid-root binary.
* Cherry-pick upstream fix for parsing of the cred= argument.
Closes: #584104.
[ Christian Perrier ]
* New upstream release. Closes: #576314.
[ Steve Langasek ]
* Set mount.cifs suid-root, again supported upstream and required for use
in user mounts. Closes: #576713.
* New upstream release. Closes: #575112
- Fixes a segfault when calling mount.cifs. Closes: #574128
* Pass --enable-cifsupcall to configure, to guard against misbuilds.
* Initial release, packaging imported from samba source. (Closes: #571969)
* Rename binary package from smbfs to cifs-utils, but leave the "smbfs"
tools under the smbfs name for later deprecation post-squeeze.
* Drop the dependency on netbase, which has no reason given in the changelog
and doesn't appear to be needed.
* Adjust the language in debian/cifs-utils.NEWS to make clear the
consequences of this change, and direct users to alternatives.
Closes: #572691.
* umount.cifs (and by extension, smbumount) no longer exists upstream,
because mount.cifs no longer permits non-root users to mount except by
way of the standard /etc/fstab arguments.