-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 28 May 2022 22:52:59 +0300
Source: samba
Architecture: source
Version: 2:4.13.13+dfsg-1~deb11u4
Distribution: bullseye-proposed-updates
Urgency: medium
Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org> Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Closes: 953530 998423 999876 1001053 1004691 1005642 1006935 1009855
Changes:
samba (2:4.13.13+dfsg-1~deb11u4) bullseye-proposed-updates; urgency=medium
.
* fix the order of everything during build by exporting PYTHONHASHSEED=1
for waf. This should fix the broken i386 build of the last security
upload. Closes: #1006935, #1009855
* Import the left-over patches from 4.13.17 upstream stable branch:
- s3-winbindd-fix-allow-trusted-domains-no-regression.patch
https://bugzilla.samba.org/show_bug.cgi?id=14899
Closes: #999876, winbind fails to start with `allow trusted domains: no`
- IPA-DC-add-missing-checks.patch
https://bugzilla.samba.org/show_bug.cgi?id=14903
- CVE-2020-25717-s3-auth-fix-MIT-Realm-regression.patch
https://bugzilla.samba.org/show_bug.cgi?id=14922
Closes: #1001053, MIT-kerberos auth broken after 4.13.13+dfsg-1~deb11u2
- dsdb-Use-DSDB_SEARCH_SHOW_EXTENDED_DN-when-searching.patch
https://bugzilla.samba.org/show_bug.cgi?id=14656
https://bugzilla.samba.org/show_bug.cgi?id=14902
- s3-smbd-Fix-mkdir-race-condition-allows-share-escape.patch
https://bugzilla.samba.org/show_bug.cgi?id=13979
Closes: #1004691, CVE-2021-43566: mkdir race condition allows share escape
* 4 patches from upstream to fix possible serious data corruption issue
with windows client cache poisoning, Closes: #1005642
https://bugzilla.samba.org/show_bug.cgi?id=14928
* two patches from upstream to fix coredump when connecting to shares
with var substitutions, Closes: #998423
https://bugzilla.samba.org/show_bug.cgi?id=14809
* samba-common-bin.postinst: mkdir /run/samba before invoking samba binaries
Closes: #953530
* remove file creation+deletion from previously applied combined patches
CVE-2021-23192-only-4.13-v2.patch & CVE-2021-3738-dsdb-crash-4.13-v03.patch
to make patch deapply happy (quilt does not notice this situation)
* d/salsa-ci.yml: target bullseye
Checksums-Sha1:
0ca51aa2da29720bbd031f3312a2cd9b1510e2e1 4034 samba_4.13.13+dfsg-1~deb11u4.dsc
3a47efcafa28d4822f1255a013a5f6e969c08fd9 473752 samba_4.13.13+dfsg-1~deb11u4.debian.tar.xz
5fdee37732717fb03c62f3a1192e362e33d9dfd1 8990 samba_4.13.13+dfsg-1~deb11u4_source.buildinfo
Checksums-Sha256:
8a73f505c06f019493f5f072849883f91225d153dc04cf29b0c842db95f2f122 4034 samba_4.13.13+dfsg-1~deb11u4.dsc
400ee978570b9e4660504dd78134cc48c49976f7779c0d91d50759194fdb577b 473752 samba_4.13.13+dfsg-1~deb11u4.debian.tar.xz
acd609e8ea1a52aae286c1b4c8627786fc8e942318ab37aaf1647441929933e9 8990 samba_4.13.13+dfsg-1~deb11u4_source.buildinfo
Files:
a6145bfa833244fe4cb634424a6788a0 4034 net optional samba_4.13.13+dfsg-1~deb11u4.dsc
608b6314448bc0d7caf365567f1ceade 473752 net optional samba_4.13.13+dfsg-1~deb11u4.debian.tar.xz
a91c6e2d38554116a6032357bb70bcdd 8990 net optional samba_4.13.13+dfsg-1~deb11u4_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAmKSfjIPHG1qdEB0bHMu bXNrLnJ1AAoJEHAbT2saaT5ZNgUH/0jEPHRjiCZG3HXAYsOvT4W8c++knegy0qEM GWJen2oFCCNQQCGcxzATDPOk2YuzFjgWBnvxsTKDqPXtZCZxIomzr/rAmf5UmIc6 y2Qlbl9CnrgTlQbfUiUEEuvd306VDg3zff0ttsEAkiSp/PmBPpTqA2dnXZuPfnZo l/3xfq936EdjeTaHAsZkerH5+4W34W8ZM2PqGJ2gjWGCfWaK450UAWJIMEFK6hFB 8SdmE4M8PmK3eEhe8bSt1IRoYS0/juTRdpaZnP5dJ9qSiDy9Rf5zk4YQjFTAoTJP +giD8JgtrzCcoQ1GSy2N6TuulsG1ipafxSpYg9he/J6FT79qS8U=
=ssEN
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)