Package: release.debian.org Severity: normal Tags: wheezy User: release.debian....@packages.debian.org Usertags: pu
Dear release team, The attached patch removes the samba4 binary package. Please accept it for wheezy, even though it's clear that this is not a nice option. The samba4 source package in wheezy contains a beta version of samba 4.0. Most samba functionality is disabled in this package, because it is provided by the samba package (version 3.6.6) in wheezy. Only the samba AD DC functionality is enabled, but it is severely limited. There is no security support for this beta version of samba. It is vulnerable to a number of public issues. The samba4 package in wheezy is not suitable for usage in a production environment. It should not have been released with wheezy. With this patch, the samba4 package is removed. Removing the samba4 source package with all associated binary packages is not really an option, as there are some packages in wheezy that depend on the libs provided by samba4 (most notably evolution-mapi). The patch adds a conflict on samba4 to the samba4-common-bin binary package. On dist-upgrade, apt-get proposes to remove the samba4 package. Thanks in advance. Cheers, Ivo
diff -Nru samba4-4.0.0~beta2+dfsg1/debian/NEWS samba4-4.0.0~beta2+dfsg1/debian/NEWS --- samba4-4.0.0~beta2+dfsg1/debian/NEWS 1970-01-01 01:00:00.000000000 +0100 +++ samba4-4.0.0~beta2+dfsg1/debian/NEWS 2014-04-13 21:31:56.000000000 +0200 @@ -0,0 +1,22 @@ +samba4 (4.0.0~beta2+dfsg1-3.2+deb7u1) wheezy; urgency=medium + + The samba4 binary package was removed from wheezy. + + The samba4 source package in wheezy contains a beta version of samba 4.0. + Most samba functionality is disabled in this package, because it is + provided by the samba package in wheezy. Only the samba AD DC functionality + is enabled, but it is severely limited. + + There is no security support for this beta version of samba. It is + vulnerable to a number of public issues. + + The samba4 package in wheezy is not suitable for usage in a production + environment. It should not have been released with wheezy. + + This issue is tracked on https://bugs.debian.org/744711 + + To use the samba AD DC functionality, a newer version of samba is + necessary. The samba packages in jessie and jessie-backports (version 4.1 + or later) provide this functionality. + + -- Ivo De Decker <ivo.dedec...@ugent.be> Sun, 13 Apr 2014 21:08:44 +0200 diff -Nru samba4-4.0.0~beta2+dfsg1/debian/changelog samba4-4.0.0~beta2+dfsg1/debian/changelog --- samba4-4.0.0~beta2+dfsg1/debian/changelog 2013-03-22 02:48:13.000000000 +0100 +++ samba4-4.0.0~beta2+dfsg1/debian/changelog 2014-04-13 21:45:53.000000000 +0200 @@ -1,3 +1,11 @@ +samba4 (4.0.0~beta2+dfsg1-3.2+deb7u1) wheezy; urgency=medium + + * Remove samba4 binary package. It has several security issues, has limited + functionality and should not have been released with wheezy. + Closes: #744711 + + -- Ivo De Decker <ivo.dedec...@ugent.be> Sun, 13 Apr 2014 21:45:53 +0200 + samba4 (4.0.0~beta2+dfsg1-3.2) unstable; urgency=medium * Non-maintainer upload. diff -Nru samba4-4.0.0~beta2+dfsg1/debian/control samba4-4.0.0~beta2+dfsg1/debian/control --- samba4-4.0.0~beta2+dfsg1/debian/control 2012-08-08 22:04:53.000000000 +0200 +++ samba4-4.0.0~beta2+dfsg1/debian/control 2014-04-13 21:31:56.000000000 +0200 @@ -53,33 +53,6 @@ Vcs-Bzr: http://bzr.debian.org/pkg-samba/samba4/unstable DM-Upload-Allowed: yes -Package: samba4 -Architecture: any -Recommends: attr, bind9 (>= 1:9.5.1), bind9utils, ldb-tools -Suggests: phpldapadmin, samba-gtk, swat2 -Conflicts: samba (<< 2:3.3.0~rc2-5), samba-tools -Replaces: libsamdb0 (<< 4.0.0~alpha17~) -Depends: python, - python-dnspython, - python-samba, - samba-dsdb-modules, - samba4-common-bin (=${binary:Version}), - tdb-tools, - ${misc:Depends}, - ${python:Depends}, - ${shlibs:Depends} -Description: SMB/CIFS file, NT domain and active directory server (version 4) - Samba is an implementation of the SMB/CIFS protocol for Unix systems, - providing support for cross-platform file sharing with Microsoft Windows, OS X, - and other Unix systems. Samba can also function as a domain controller - or member server in both NT4-style and Active Directory domains. - . - These packages contain snapshot versions of Samba 4, the next-generation - version of Samba. These should be considered _experimental_, and should - not be used in production. - . - This package contains the main daemon. - Package: libsamdb0 Pre-Depends: ${misc:Pre-Depends} Multi-Arch: same @@ -140,8 +113,9 @@ samba-common (>= 2:3.4.0~pre2-1), ${misc:Depends}, ${python:Depends} -Conflicts: samba (<< 2:3.3.0~rc2-5), samba-common (<< 2:3.3.0~rc2-5) -Replaces: samba-common (<< 2:3.4.0~pre2-1), samba4-common (<< 4.0.0~alpha7-1) +Conflicts: samba (<< 2:3.3.0~rc2-5), samba-common (<< 2:3.3.0~rc2-5), samba4 +Replaces: samba-common (<< 2:3.4.0~pre2-1), samba4-common (<< 4.0.0~alpha7-1), + samba4 Description: Samba 4 common files used by both the server and the client Samba is an implementation of the SMB/CIFS protocol for Unix systems, providing support for cross-platform file sharing with Microsoft Windows, OS X, diff -Nru samba4-4.0.0~beta2+dfsg1/debian/rules samba4-4.0.0~beta2+dfsg1/debian/rules --- samba4-4.0.0~beta2+dfsg1/debian/rules 2012-08-08 22:04:53.000000000 +0200 +++ samba4-4.0.0~beta2+dfsg1/debian/rules 2014-04-13 21:31:56.000000000 +0200 @@ -96,6 +96,11 @@ do \ rm -r $(DESTDIR)/usr/lib/$(DEB_HOST_MULTIARCH)/$$line; \ done < debian/samba3-files-lib + # Remove files from the old samba4 binary package + while read line; \ + do \ + rm -rf $(DESTDIR)/$$line; \ + done < debian/samba4.install dh_install --sourcedir=$(DESTDIR) --list-missing --fail-missing override_dh_python2:
