cifs-utils (2:6.14-1ubuntu0.1) jammy-security; urgency=medium * SECURITY UPDATE: buffer overflow in ip= command-line argument - debian/patches/CVE-2022-27239.patch: fix length check for ip option parsing in mount.cifs.c. - CVE-2022-27239 * SECURITY UPDATE: information leak via verbose logging - debian/patches/CVE-2022-29869.patch: fix verbose messages on option parsing in mount.cifs.c. - CVE-2022-29869 -- Marc Deslauriers Wed, 01 Jun 2022 12:08:56 -0400 cifs-utils (2:6.14-1build1) jammy; urgency=medium * No-change rebuild for ppc64el baseline bump. -- Łukasz 'sil2100' Zemczak Wed, 23 Mar 2022 10:46:19 +0100 cifs-utils (2:6.14-1) unstable; urgency=medium * New upstream version 6.14 - Remove 0002-Install-hook-relative-to-DESTDIR.patch, fixed upstream - Remove 0010-CVE-2021-20208.patch, merged * Fix d/watch * Standards-Version: 4.6.0 -- Mathieu Parent Tue, 14 Dec 2021 11:15:06 +0100 cifs-utils (2:6.11-3) unstable; urgency=high * CVE-2021-20208: cifs.upcall kerberos auth leak in container (Closes: #987308) -- Mathieu Parent Thu, 06 May 2021 21:24:29 +0200 cifs-utils (2:6.11-2) unstable; urgency=medium [ Sergio Durigan Junior ] * Add bash-completion for smbinfo. - d/bash-completion: New file. - d/control: Suggests bash-completion. - d/rules: Invoke dh --with bash-completion. [ Mathieu Parent ] * Recommends keyutils (Closes: #986867) -- Mathieu Parent Sat, 17 Apr 2021 18:31:22 +0200 cifs-utils (2:6.11-1) unstable; urgency=medium [ Debian Janitor ] * Set upstream metadata fields: Bug-Submit. * Remove obsolete fields Name, Contact from debian/upstream/metadata. * Update standards version to 4.4.1, no changes needed. [ Mathieu Parent ] * New upstream version 6.11 - CVE-2020-14342: Shell command injection vulnerability in mount.cifs * Add sign-tags to gpb.conf * Install hook relative to $(DESTDIR) * Update standards version to 4.5.0, no changes needed. * Update watch file format version to 4. * Move to debhelper-compat 13 * Change script shbangs to python3 * Add python3 dependency -- Mathieu Parent Fri, 13 Nov 2020 09:48:45 +0100 cifs-utils (2:6.9-1) unstable; urgency=medium [ Jelmer Vernooij ] * Add really basic debian/upstream/metadata file. [ Debian Janitor ] * Use secure URI in Homepage field. * Drop unnecessary dependency on dh-autoconf. * Set upstream metadata fields: Contact. * Bump debhelper from old 11 to 12. * New upstream release. * Refresh patches. [ Mathieu Parent ] * Standards-Version: 4.4.0 -- Mathieu Parent Thu, 29 Aug 2019 11:51:23 +0200 cifs-utils (2:6.8-2) unstable; urgency=medium * Drop Depends: samba-common (Closes: #901654) * Update Standards-Version to 4.1.4, no change -- Mathieu Parent Sun, 17 Jun 2018 21:58:28 +0200 cifs-utils (2:6.8-1) unstable; urgency=medium * New upstream version 6.8 - Use new upstream signing key - Add dependency on python3-docutils for rst2man * Repository moved to salsa: Update Vcs-* fields * Remove Christian Perrier (bubulle) from Uploaders. Thanks for bringing me to the pkg-samba team! (Closes: #894322) * Caught by lintian: - Standards-Version: 4.1.3 - Use https form of the copyright-format URL (Debian Policy 4.0.0) - Bump debhelper to compat 11 - Remove useless Build-Depends on dh-autoreconf - Update debian/copyright for removed replace.h - Update debian/watch to use secure URI - debian/rules: Use /usr/share/dpkg/architecture.mk instead of calling dpkg-architecure -- Mathieu Parent Thu, 29 Mar 2018 20:16:49 +0200 cifs-utils (2:6.7-1) unstable; urgency=medium * New upstream release - a6662ed: cifs.upcall: switch group IDs when handling an upcall - 109c189: cifs.upcall: drop capabilities early in program - ed97e4e: cifs.upcall: allow scraping of KRB5CCNAME out of initiating task's /proc//environ file (Closes: #854607) - ec387af4: cifs.upcall: trim even more capabilities - 2dcecd2: cifs.upcall: unset $KRB5CCNAME when creating new credcache from keytab - 9eaa21e: cifs.upcall: don't do env scraping when uid is 0 - 69949ba: cifs.upcall: use a MEMORY: ccache when instantiating from a keytab - and more commits... -- Mathieu Parent Wed, 08 Mar 2017 22:21:54 +0100 cifs-utils (2:6.6-5) unstable; urgency=low * Set architecture to linux-any. -- Jelmer Vernooij Sat, 07 Jan 2017 16:35:58 +0000 cifs-utils (2:6.6-4) unstable; urgency=medium * Add pam_cifscreds (Closes: #848140, LP: #1611816). Patch by David Mcbride -- Mathieu Parent Fri, 16 Dec 2016 05:22:12 +0100 cifs-utils (2:6.6-3) unstable; urgency=medium * Use correct idmapwb.so path in postinst/prerm (Closes: #848275) -- Mathieu Parent Fri, 16 Dec 2016 04:51:36 +0100 cifs-utils (2:6.6-2) unstable; urgency=medium * Add me to uploaders * Create idmap-plugin symlink using update-alternatives (Closes: #845532). Thanks Alessandro Larcher for reporting. -- Mathieu Parent Thu, 01 Dec 2016 23:21:42 +0100 cifs-utils (2:6.6-1) unstable; urgency=medium * Team upload * New upstream release -- Mathieu Parent Fri, 09 Sep 2016 13:24:03 +0200 cifs-utils (2:6.5-2) unstable; urgency=medium * Team upload * Move keyutils and winbind from Recommends to Suggests (Closes: #822841) * Spring cleaning: - Standards-Version: 3.9.8 (no change) - Use secure Vcs-* URIs - Remove cifs-utils.NEWS as mount.cifs is setuid again since 2:5.4-2 (pre-wheezy) - Updated gbp.conf (Old style config section) - Renamed cifs-utils.lintian to cifs-utils.lintian-overrides - Updated copyright file -- Mathieu Parent Tue, 03 May 2016 12:16:18 +0200 cifs-utils (2:6.5-1) unstable; urgency=medium [ Jelmer Vernooij ] * New upstream release. * Stop shipping README, which just contains build instructions. Closes: #758722 * Fix watch URL. * Bump standards version to 3.9.6 (no changes). -- Jelmer Vernooij Sun, 24 Apr 2016 18:55:00 +0200 cifs-utils (2:6.4-1) unstable; urgency=medium * New upstream release. * Add branch to Vcs-Git header. * Remove Luk Claes from uploaders, per his request. Closes: #748494 -- Jelmer Vernooij Thu, 17 Jul 2014 03:42:00 +0200 cifs-utils (2:6.3-1) unstable; urgency=medium * New upstream release. * Update standards version to 3.9.5 (no changes). * Depend on autotools-dev to update config.guess and config.sub. * Migrate to git, update Vcs-* headers. * Add upstream signing key. * Use dh-autoreconf. * Build against libcap-ng-dev. -- Jelmer Vernooij Sun, 30 Mar 2014 11:16:56 +0200 cifs-utils (2:5.5-1) unstable; urgency=low * New upstream release - Merge all patches, they are all upstream. -- Luk Claes Sun, 03 Jun 2012 19:29:16 +0200 cifs-utils (2:5.4-2) unstable; urgency=high * Set mount.cifs setuid again now that upstream took measures (Closes: #673140,#622802,#668137,#572691). * Add __attribute__((unused)) to stop gcc warnings -> errors. -- Luk Claes Fri, 18 May 2012 17:12:38 +0200 cifs-utils (2:5.4-1) unstable; urgency=low * New upstream release (Closes: #669327). - Version build dep on libwbclient-dev for wbclient.pc file - Add 01_use_rc.patch to fix building. - Add 02_add_D_FORTIFY_SOURCE.patch to fix building. * Drop smbfs binary package (Closes: #620847). -- Luk Claes Sun, 13 May 2012 18:39:07 +0200 cifs-utils (2:5.3-2) unstable; urgency=high * Drop capabilities instead of having mount.cifs setuid (Closes: #665923). -- Luk Claes Thu, 29 Mar 2012 20:15:27 +0200 cifs-utils (2:5.3-1) unstable; urgency=low * New upstream release - Add manpage for cifscreds - Add /etc/request-key.d configuration -- Luk Claes Sat, 04 Feb 2012 17:10:13 +0100 cifs-utils (2:5.2-1) unstable; urgency=low * New upstream release (Closes: #651580). - Move acltools to /usr/bin. -- Luk Claes Sat, 10 Dec 2011 16:16:19 +0100 cifs-utils (2:5.1-2) unstable; urgency=low * Bump debian/compat to 9 for dpkg-buildflags support. -- Steve Langasek Tue, 25 Oct 2011 04:40:11 +0000 cifs-utils (2:5.1-1) unstable; urgency=low * New upstream release. * Install getcifsacl and setcifsacl binaries and manpages -- Luk Claes Sun, 02 Oct 2011 15:42:26 +0200 cifs-utils (2:5.0-1) unstable; urgency=low * New upstream release. Closes: #628880. - mount.cifs: Use original device string all the way. Closes: #620818. * Install cifs.idmap upcall binary and manpage - Add libwbclient-dev to Build-Depends - Add winbind to Recommends * Install cifscreds binary -- Luk Claes Wed, 20 Jul 2011 18:25:39 +0200 cifs-utils (2:4.9-1) unstable; urgency=low [ Luk Claes ] * Add Recommends to keyutils so following DFS links works out of the box. Closes: #504690. * Install README. Closes: #603094. * Add --without-libcap to dh_auto_configure. Closes: #615211. [ Steve Langasek ] * New upstream release. Closes: #600788. - mount.cifs: use original device name as-is for mtab. Closes: #586009, #583508, #589218. -- Luk Claes Sat, 02 Apr 2011 17:10:35 +0200 cifs-utils (2:4.5-2) unstable; urgency=low * Lintian override for the suid-root binary. * Cherry-pick upstream fix for parsing of the cred= argument. Closes: #584104. -- Steve Langasek Fri, 04 Jun 2010 13:33:23 -0700 cifs-utils (2:4.5-1) unstable; urgency=low [ Christian Perrier ] * New upstream release. Closes: #576314. [ Steve Langasek ] * Set mount.cifs suid-root, again supported upstream and required for use in user mounts. Closes: #576713. -- Steve Langasek Mon, 31 May 2010 03:28:42 -0700 cifs-utils (2:4.1-1) unstable; urgency=low * New upstream release. Closes: #575112 - Fixes a segfault when calling mount.cifs. Closes: #574128 * Pass --enable-cifsupcall to configure, to guard against misbuilds. -- Steve Langasek Tue, 23 Mar 2010 23:11:40 -0700 cifs-utils (2:4.0-1) unstable; urgency=low * Initial release, packaging imported from samba source. (Closes: #571969) * Rename binary package from smbfs to cifs-utils, but leave the "smbfs" tools under the smbfs name for later deprecation post-squeeze. * Drop the dependency on netbase, which has no reason given in the changelog and doesn't appear to be needed. * Adjust the language in debian/cifs-utils.NEWS to make clear the consequences of this change, and direct users to alternatives. Closes: #572691. * umount.cifs (and by extension, smbumount) no longer exists upstream, because mount.cifs no longer permits non-root users to mount except by way of the standard /etc/fstab arguments. -- Steve Langasek Tue, 09 Mar 2010 17:20:22 -0800