Maintainer Evgeny Sinelnikov in the sisyphus branch: Information
Maintainer name: Evgeny Sinelnikov (sin)
Built source packages in this branch: 124
-
- @qa
- @python
- @kernel
- @mono
Last changes
Mar 28, 2024, 07:02 AM
#343786 sent by Evgeny Sinelnikov
The Samba4 CIFS and AD client and server suite
March 28, 2024 Evgeny Sinelnikov:
- Add support 'client force dns canonicalize hostname' global parameter, enables client library tries to resolve canonical name. This feature allows to communicate via kerberos to services using CNAME records without adding SPNs. - Fixes updated from upstream for smbd: + If we fail to close file_handle ensure we should reset the fd (Samba#15527). + simplify handling of failing fstat() after unlinking file (Samba#15527). - Fixes updated from upstream for gpo: + libgpo: Do not segfault if we don't have a valid security descriptor (Samba#15599). + python:gp: Implement client site lookup in site_dn_for_machine() (Samba#15588). + librpc:idl: Make netlogon_samlogon_response public (Samba#15588).
Mar 15, 2024, 05:06 AM
#342749 sent by Evgeny Sinelnikov
System Security Services Daemon
March 15, 2024 Evgeny Sinelnikov:
- Update 2.9 major release with fixes from upstream: + Fix the build with Samba 4.20. + IFP: don't trigger backtrace in case of ACL check fail. + krb5_child: fix order of calloc arguments. + pam: fix SC auth with multiple certs and missing login name.
Mar 15, 2024, 12:52 AM
#342747 sent by Evgeny Sinelnikov
Certificate Enrollment through CEP/CES
March 15, 2024 Evgeny Sinelnikov:
- Update to latest release, which includes spnego changes.
Mar 11, 2024, 06:01 AM
#342426 sent by Evgeny Sinelnikov
Symas Lightning Memory-Mapped Database
March 11, 2024 Evgeny Sinelnikov:
- Updated to 0.9.32. - Add lmdb.pc pkg-config file from Fedora to development subpackages.
Mar 11, 2024, 05:54 AM
#342424 sent by Evgeny Sinelnikov
The Samba4 CIFS and AD client and server suite
March 11, 2024 Evgeny Sinelnikov:
- Update to stable release of Samba 4.19 - Fixes from upstream: + Windows 2016 fails to restore previous version of a file from a shadow_copy2 snapshot (Samba#13688). + smbd fixes (Samba#12421, Samba#15550). + samba-gpupdate fixes (Samba#15548, Samba#15557, Samba#15552, Samba#15558). + smbpasswd reset permissions only if not 0600 (Samba#15555).
Feb 29, 2024, 02:05 AM
#341643 sent by Evgeny Sinelnikov
ALT Local Policies Default templates
Feb. 29, 2024 Evgeny Sinelnikov:
- Improve oddjob-gpupdate-dbus-timeout control. - Initial support build for debian.
Feb 19, 2024, 08:29 AM
#341032 sent by Evgeny Sinelnikov
Extended samba-tool (netcmd) version
Feb. 19, 2024 Evgeny Sinelnikov:
- Add compatibility with stable releases of samba-4.18 and later (closes: 49404). - Replace python3 build to new pyproject_build process.
Jan 29, 2024, 08:43 AM
#339237 sent by Evgeny Sinelnikov
Local applications interface for alterator browser.
Categories interface for alterator browser.
Alterator manager backends generator for support the old alterator modules.
Revised alterator
Jan. 28, 2024 Evgeny Sinelnikov:
- first build for Sisyphus
Jan 22, 2024, 06:35 AM
#338344 sent by Evgeny Sinelnikov
The Samba4 CIFS and AD client and server suite
Jan. 16, 2024 Evgeny Sinelnikov:
- Update to stable release of Samba 4.19 - Fixes from upstream: + net changesecretpw cannot set the machine account password if secrets.tdb is empty (Samba#13577). + Following intermediate abolute share-local symlinks is broken (Samba#15505). ctdb RELEASE_IP causes a crash in release_ip if a connection to a non-public address disconnects first (Samba#15523). + shadow_copy2 broken when current fileset's directories are removed (Samba#15544). + 'force user = localunixuser' doesn't work if 'allow trusted domains = no' is set (Samba#15469). + smbget: debug logging doesn't work (Samba#15525), username in the smburl and interactive password entry doesn't work (Samba#15532), auth function doesn't set values for password prompt correctly (Samba#15538). + Unable to copy and write files from clients to Ceph cluster via SMB Linux gateway with Ceph VFS module (Samba#15440). + Multichannel refresh network information (Samba#15547).
Jan 21, 2024, 10:45 PM
#338343 sent by Evgeny Sinelnikov
System Security Services Daemon
Jan. 17, 2024 Evgeny Sinelnikov:
- Update to latest 2.9 major release in long-term maintenance (LTM) phase. - Fixes from upstream: + A crash when PAM passkey processing incorrectly handles non-passkey data. + A workaround was implemented to handle gracefully misbehaving applications that destroy internal state of SSSD client librarires. + An error when rotating KCM's logs was fixed. + Group membership handling when members are coming from different forest domains and using ldap token groups is prohibited. + Files provider was erroneously taking into consideration local_auth_policy config option, thus breaking smartcard authentication of local user in setups that didn't explicitly specify this option.
Jan 19, 2024, 08:03 AM
#337671 sent by Evgeny Sinelnikov
Allows command execution as another user
Jan. 4, 2024 Evgeny Sinelnikov:
- Update to latest stable bugfix release: + Fixed evaluation of the "lecture", "listpw", "verifypw", and "fdexec" sudoers Defaults settings when used without an explicit value. + Sudo will now transparently rename a user's lecture file from the older name-based path to the newer user-ID-based path. + Memory allocation failure if sysconf(_SC_LOGIN_NAME_MAX) fails.
Dec 24, 2023, 11:52 PM
#337130 sent by Evgeny Sinelnikov
Chromium-specific ADMX policy templates
Dec. 25, 2023 Evgeny Sinelnikov:
- Update to latest release 120.0-6099.130
Dec 18, 2023, 07:31 AM
#336633 sent by Evgeny Sinelnikov
An oddjob helper which applies group policy objects
Dec. 18, 2023 Evgeny Sinelnikov:
- Add debug and dbus_timeout options to pam_oddjob_gpupdate (thx liannnix@)
Dec 14, 2023, 09:14 PM
#336481 sent by Evgeny Sinelnikov
Allows command execution as another user
Dec. 14, 2023 Evgeny Sinelnikov:
- Update to stable release with fixing regressions to changes in sudo 1.9.15.
Dec 13, 2023, 10:20 AM
#336385 sent by Evgeny Sinelnikov
ALT Local Policies Default templates
Dec. 13, 2023 Evgeny Sinelnikov:
- Fix krb5-conf-ccache control: * Incorrect file presence check when option not found has been fixed. * Avoid grep warning with 'stray \ before /' pattern (ALT#47648).
Dec 13, 2023, 10:09 AM
#336384 sent by Evgeny Sinelnikov
PAM module that uses login name configured through NSS
Dec. 13, 2023 Evgeny Sinelnikov:
- Add control pam_propperpwnam for support module in system authentication (ALT#47713).
Dec 13, 2023, 01:39 AM
#336370 sent by Evgeny Sinelnikov
Library providing support for "XML Signature" and "XML Encryption" standards
Dec. 13, 2023 Evgeny Sinelnikov:
- new version 1.2.38
Dec 13, 2023, 01:30 AM
#336369 sent by Evgeny Sinelnikov
Toolkit for one-time password authentication systems
Dec. 13, 2023 Evgeny Sinelnikov:
- Update to release 2.6.9 with mutliple fixes and improved libxmlsec compatibility. - Enable build check tests.
Dec 12, 2023, 04:30 AM
#336288 sent by Evgeny Sinelnikov
The Samba4 CIFS and AD client and server suite
Dec. 12, 2023 Evgeny Sinelnikov:
- Replace samba service pam config to samba-common due regression with password authentication in security = user mode with obey pam restrictions = yes.
Dec 12, 2023, 03:36 AM
#336291 sent by Evgeny Sinelnikov
A tool to test PAM applications and PAM modules
Dec. 12, 2023 Evgeny Sinelnikov:
- Fixed building with Python 3.12
Dec 12, 2023, 03:20 AM
#336290 sent by Evgeny Sinelnikov
YandexBrowser-specific ADMX policy templates
Dec. 12, 2023 Evgeny Sinelnikov:
- Update policy templates to release 116.0.5845.228
Dec 7, 2023, 06:39 AM
#335768 sent by Evgeny Sinelnikov
The Samba4 CIFS and AD client and server suite
Dec. 5, 2023 Evgeny Sinelnikov:
- Update to stable release of Samba 4.19 with fixes of the Samba CVE for Deleted Object tombstones visible in AD LDAP to normal users (CVE-2018-14628). - Security fixes: + CVE-2018-14628: Wrong ntSecurityDescriptor values for "CN=Deleted Objects" allow read of object tombstones over LDAP (Administrator action required!) https://www.samba.org/samba/security/CVE-2018-14628.html
Nov 23, 2023, 10:06 AM
#333680 sent by Evgeny Sinelnikov
Rebuild_wirh_new_major_samba_release
The talloc library
A trivial database system
A schema-less, ldap like, API and database
The Samba4 CIFS and AD client and server suite
Nov. 6, 2023 Evgeny Sinelnikov:
- Update to stable release of Samba 4.19 with latest bugfixes and new features: + Migrated smbget to use common command line parser. This has some advantages as you get all the feature it provides like Kerberos authentication. The support for smbgetrc has been removed. + gpupdate changes: The libgpo.get_gpo_list function has been deprecated in favor of an implementation written in python, connects to Active Directory using the SamDB module, instead of ADS (which is what libgpo uses). + Improved winbind logging and a new tool for parsing the winbind logs. Winbind logs (if smb.conf 'winbind debug traceid = yes' is set) contain new trace header fields 'traceid' and 'depth'. + AD database prepared to Functional Level 2016 standards for new domains. While Samba still provides only Functional Level 2008R2 by default, Samba as an AD DC will now, in provision ensure that the blank database is already prepared for Functional Level 2016, with AD Schema 2019. + Kerberos Claims, Authentication Silos and NTLM authentication policies. The primary limitation is that while Samba can read and write claims in the directory, and populate the PAC, Samba does not yet use them for access control decisions. + Improved KDC Auditing now provides Samba-style JSON audit logging of all issued Kerberos tickets, including if they would fail a policy that is not yet enforced. Additionally most failures are audited. + Kerberos Armoring (FAST) Support for Windows clients. In domains where the domain controller functional level is set to 2012, 2012_R2 or 2016, Windows clients will, if configured via GPO, use FAST to protect user passwords between (in particular) a workstation and the KDC on the AD DC. This is a significant security improvement, as weak passwords in an AS-REQ are no longer available for offline attack. + Claims compression in the AD PAC. Samba as an AD DC will compress "AD claims" using the same compression algorithm as Microsoft Windows. + Resource SID compression in the AD PAC. Samba as an AD DC will now correctly populate the various PAC group membership buffers, splitting global and local groups correctly. + Resource Based Constrained Delegation (RBCD) support in both MIT and Heimdal. Samba 4.17 added to samba-tool delegation the 'add-principal' and 'del-principal' subcommands in order to manage RBCD, and the database changes made by these tools are now honoured by the Heimdal KDC once Samba is upgraded. + New samba-tool support for silos, claims, sites and subnets. samba-tool can now list, show, add and manipulate Authentication Silos (silos) and Active Directory Authentication Claims (claims). + Updated Heimdal import. Samba's Heimdal branch (known as lorikeet-heimdal) has been updated to the current pre-8.0 (master) tree from upstream Heimdal, ensuring that this vendored copy, included in our release remains as close as possible to the current upstream code. + Revocation support in Heimdal KDC for PKINIT certificates. Samba will now correctly honour the revocation of 'smart card' certificates used for PKINIT Kerberos authentication. + Require encrypted connection to modify unicodePwd on the AD DC. + Samba AD TLS Certificates can be reloaded. The TLS certificates used for Samba's AD DC LDAP server were previously only read on startup, and this meant that when then expired it was required to restart Samba, disrupting service to other users (smbcontrol ldap_server reload-certs).
System Security Services Daemon
Nov. 20, 2023 Evgeny Sinelnikov:
- Update to latest 2.9 major release. + KCM: provide mechanism to purge expired credentials. + Default hardening - id_provider channel defaults unencrypted with starttls. + sssd-sudo missing debug statement in its .service file. + SSSD goes offline during initgroups of trusted user if a group is missing SID. + Incorrect handling of reverse IPv6 update results in update failure. + sssd-2.9.2 breaks smart card authentication (on el8). - The proxy provider is now able to handle certificate mapping and matching rules and users handled by the proxy provider can be configured for local Smartcard authentication. - Passkey doesn't fail when using FreeIPA server-side authentication and require-user-verification=false. - When adding a new credential to KCM and the user has already reached their limit, the oldest expired credential will be removed to free some space.
rebuild admc-0.14.0-alt1
Active Directory Management Center
rebuild gpui-0.2.38-alt1
Group policy editor
rebuild freeipa-4.9.12-alt1
The Identity, Policy and Audit system
Nov 23, 2023, 07:14 AM
#334932 sent by Evgeny Sinelnikov
Firefox-specific ADMX policy templates
Nov. 23, 2023 Evgeny Sinelnikov:
- Update Policy templates for Firefox 120 and Firefox ESR 115.5 - Add "Enable or disable printing" policy support
Nov 23, 2023, 07:05 AM
#334931 sent by Evgeny Sinelnikov
Chromium-specific ADMX policy templates
Nov. 23, 2023 Evgeny Sinelnikov:
- Update to latest release 119.0-6045.160
Nov 21, 2023, 11:10 AM
#334706 sent by Evgeny Sinelnikov
System Security Services Daemon
Nov. 20, 2023 Evgeny Sinelnikov:
- Update to latest 2.9 major release. + KCM: provide mechanism to purge expired credentials. + Default hardening - id_provider channel defaults unencrypted with starttls. + sssd-sudo missing debug statement in its .service file. + SSSD goes offline during initgroups of trusted user if a group is missing SID. + Incorrect handling of reverse IPv6 update results in update failure. + sssd-2.9.2 breaks smart card authentication (on el8). - The proxy provider is now able to handle certificate mapping and matching rules and users handled by the proxy provider can be configured for local Smartcard authentication. - Passkey doesn't fail when using FreeIPA server-side authentication and require-user-verification=false. - When adding a new credential to KCM and the user has already reached their limit, the oldest expired credential will be removed to free some space.
Nov 21, 2023, 08:48 AM
#334774 sent by Evgeny Sinelnikov
Common files for [Alterator Entry] specification
Nov. 21, 2023 Evgeny Sinelnikov:
- alterator-entry: fix version printing.
Nov 21, 2023, 07:38 AM
#334771 sent by Evgeny Sinelnikov
Common files for [Alterator Entry] specification
Nov. 21, 2023 Evgeny Sinelnikov:
- Initial build for Sisyphus.
Nov 13, 2023, 03:22 AM
#334282 sent by Evgeny Sinelnikov
A fast text processor and publishing toolchain for converting AsciiDoc content to different formats
Nov. 13, 2023 Evgeny Sinelnikov:
- ^ 2.0.18 -> 2.0.20
Nov 8, 2023, 11:07 PM
#333865 sent by Evgeny Sinelnikov
Allows command execution as another user
Nov. 8, 2023 Evgeny Sinelnikov:
- Update to latest stable bugfix and security release (fixes: CVE-2023-42465): + The sudoers plugin has been modified to make it more resilient to ROWHAMMER attacks on authentication and policy matching. + The sudoers plugin now constructs the user time stamp file path name using the user-ID instead of the user name. This avoids a potential problem with user names that contain a path separator ('/') being interpreted as part of the path name. A similar issue in sudo-rs has been assigned CVE-2023-42456. - Fixes in behavior: + The visudo utility will no longer create an empty file when the specified sudoers file does not exist and the user exits the editor without making any changes (GitHub#294). + Fixed a bug where output could go to the wrong terminal if "use_pty" is enabled (the default) and the standard input, output or error is redirected to a different terminal. Bug #1056. + A path separator ('/') in a user, group or host name is now replaced with an underbar character ('_') when expanding escapes in @include and @includedir directives as well as the "iolog_file" and "iolog_dir" sudoers Default settings. - Fixes in user output: + Running "sudo -ll command" now produces verbose output that includes matching rule as well as the path to the sudoers file the matching rule came from. + Changes to terminal settings are now performed atomically, where possible. If the command is being run in a pseudo-terminal and the user's terminal is already in raw mode, sudo will not change the user's terminal settings. This prevents concurrent sudo processes from restoring the terminal settings to the wrong values (GitHub#312). + Better log message when rejecting a command if the "intercept" option is enabled and the "intercept_allow_setid" option is disabled. Previously, "command not allowed" would be logged and the user had no way of knowing what the actual problem was. - Fixes in logging: + The sudoers source is now logged in the JSON event log. This makes it possible to tell which rule resulted in a match. + Sudo will now log the invoking user's environment as "submitenv" in the JSON logs. The command's environment ("runenv") is no longer logged for commands rejected by the sudoers file or an approval plugin. + The sudo_logsrvd server will now raise its open file descriptor limit to the maximum allowed value when it starts up. Each connection can require up to nine open file descriptors so the default soft limit may be too low. - Fixed regressions: + Fixed the warning message for "sudo -l command" when the command is not permitted. There was a missing space between "list" and the actual command due to changes in sudo 1.9.14. + The "intercept_verify" sudoers option is now only applied when the "intercept" option is set in sudoers. Previously, it was also applied when "log_subcmds" was enabled. Sudo 1.9.14 contained an incorrect fix for this. + Reverted a change from sudo 1.9.4 that resulted in PAM session modules being called with the environment of the command to be run instead of the environment of the invoking user (GitHub#318).
Nov 4, 2023, 04:35 AM
#333295 sent by Evgeny Sinelnikov
New_major_release_of_samba
A schema-less, ldap like, API and database
The Samba4 CIFS and AD client and server suite
Nov. 1, 2023 Evgeny Sinelnikov:
- Update to stable release of Samba 4.18 with latest bugfixes and new features: + SMB Server performance improvements. The locking overhead for contended path based operations is reduced by an additional factor of ~ 3 compared to 4.17. + More succinct samba-tool error messages. + Accessing the old samba-tool messages with full Python stack trace by using the argument '-d3'. + New samba-tool dsacl subcommand for deleting ACES + Colour output with samba-tool --color and + No colour with NO_COLOR environment variable + New wbinfo option --change-secret-at which forces the trust account password to be changed at a specified domain controller. + New option acl_xattr:security_acl_name to change the NT ACL default protected location security.NTACL not accessible from normal users outside of Samba. + New option server addresses as per-share parameter to limit share visibility and accessibility to specific server IP addresses. This option can offer a different set of shares per interface. + Azure Active Directory / Office365 synchronisation improvements with the Azure AD Connect cloud sync tool which now supported for password hash synchronisation, allowing Samba AD Domains to synchronise passwords with this popular cloud environment.
rebuild sssd-2.9.2-alt1
System Security Services Daemon
rebuild admc-0.14.0-alt1
Active Directory Management Center
rebuild gpui-0.2.37-alt1
Group policy editor
rebuild freeipa-4.9.12-alt1
The Identity, Policy and Audit system
Nov 4, 2023, 12:03 AM
#333337 sent by Evgeny Sinelnikov
Utilities for doing and managing mounts of the Linux CIFS filesystem
Nov. 4, 2023 Evgeny Sinelnikov:
- Latest stable release with gssproxy support
Oct 22, 2023, 05:04 PM
#332448 sent by Evgeny Sinelnikov
The Samba4 CIFS and AD client and server suite
Oct. 22, 2023 Evgeny Sinelnikov:
- Revert services type from forking to notify.
Oct 20, 2023, 07:58 AM
#332209 sent by Evgeny Sinelnikov
Glasgow Haskell Compilation system
Aug. 29, 2023 Evgeny Sinelnikov:
- Bootstrap from version 8.10.7 to 9.2.8 - Disabled LTO on armh and aarch64 due link problems with llvm: "-latomic is needed for sub-word-sized atomic operations... failed." - Disabled overriding the default linker use by gcc on armh and aarch64 due problems with debugedit "Cannot handle 8-byte build ID" (based on GHC#21570) - Avoid cycle dependency between basic and common packages - Backport users-guide compatibility fixes (GHC#23807, GHC#23818) - Backport update of rdt-theme to latest upstream version (GHC#23444) - Add work around of haddock build trouble due locale encoding (GHC#8118) - Fix debugedit problem with 'Cannot handle 8-byte build ID' on armh and aarch64
Oct 20, 2023, 06:13 AM
#332216 sent by Evgeny Sinelnikov
Chromium-specific ADMX policy templates
Oct. 20, 2023 Evgeny Sinelnikov:
- Update to latest release 118.0-5993.89
Oct 20, 2023, 06:09 AM
#332213 sent by Evgeny Sinelnikov
Firefox-specific ADMX policy templates
Oct. 20, 2023 Evgeny Sinelnikov:
- Update Policy templates for Firefox 118 and Firefox ESR 115.3
Oct 20, 2023, 06:00 AM
#332212 sent by Evgeny Sinelnikov
Firefox-specific ADMX policy templates
Oct. 20, 2023 Evgeny Sinelnikov:
- Update Policy templates for Firefox 114 and Firefox ESR 102.12
Oct 20, 2023, 03:08 AM
#332204 sent by Evgeny Sinelnikov
A library passing all socket communications through Unix sockets
Oct. 20, 2023 Evgeny Sinelnikov:
- Fixed LFS issues on 32bit platforms - Fixed issue with fnctl() on 32bit - Added openat64() to detect stale fds
Oct 18, 2023, 09:56 AM
#332020 sent by Evgeny Sinelnikov
The Samba4 CIFS and AD client and server suite
Oct. 17, 2023 Evgeny Sinelnikov:
- Update to security release of Samba 4.17 - Security fixes (Samba#15422, Samba#15424, Samba#15439, Samba#15473, Samba#15474): + CVE-2023-3961: Unsanitized pipe names allow SMB clients to connect as root to existing unix domain sockets on the file system. https://www.samba.org/samba/security/CVE-2023-3961.html + CVE-2023-4091: SMB client can truncate files to 0 bytes by opening files with OVERWRITE disposition when using the acl_xattr Samba VFS module with the smb.conf setting "acl_xattr:ignore system acls = yes" https://www.samba.org/samba/security/CVE-2023-4091.html + CVE-2023-4154: An RODC and a user with the GET_CHANGES right can view all attributes, including secrets and passwords. Additionally, the access check fails open on error conditions. https://www.samba.org/samba/security/CVE-2023-4154.html + CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the server block for a user-defined amount of time, denying service. https://www.samba.org/samba/security/CVE-2023-42669.html + CVE-2023-42670: Samba can be made to start multiple incompatible RPC listeners, disrupting service on the AD DC. https://www.samba.org/samba/security/CVE-2023-42670.html
Oct 18, 2023, 07:58 AM
#331153 sent by Evgeny Sinelnikov
The Samba4 CIFS and AD client and server suite
Oct. 7, 2023 Evgeny Sinelnikov:
- New build scheme with separate upstream, altlinux and sisyphus branches.
Oct 17, 2023, 07:40 PM
#331148 sent by Evgeny Sinelnikov
System Security Services Daemon
Oct. 6, 2023 Evgeny Sinelnikov:
- Update to latest 2.9 major release. - sss_simpleifp library removed due it deprecated. - "Files provider" removed due it deprecated, using "Proxy provider" with proxy_lib_name = files instead. - New passkey functionality, which will allow the use of FIDO2 compliant devices to authenticate a centrally managed user locally. - Default value of cache_first option was changed to true. - sssctl cert-show and cert-show cert-eval-rule can now be run as non-root user. - certmap: Handle type change of x400Address (due to CVE-2023-0286). - New option local_auth_policy is added to control which offline authentication methods will be enabled by SSSD. - SSSD can be configured not to perform a DNS search during DNS name resolution. This behavior is governed by the new dns_resolver_use_search_list in the domain section. Default value is true (follows the system settings).
Oct 6, 2023, 10:20 PM
#330225 sent by Evgeny Sinelnikov
Allows command execution as another user
Sept. 23, 2023 Evgeny Sinelnikov:
- Update to latest stable release with regressions fixes. - Fixed a bug introduced in sudo 1.9.14 that affects matching sudoers rules containing a Runas_Spec with an empty Runas user. - Fixed a problem with "stair-stepped" output when piping or redirecting the output of a sudo command that takes user input. - Fixed a crash introduced in version 1.9.14 when running a command with a NULL argv[0] if "log_subcmds" or "intercept" is enabled in sudoers. - Adapted the sudo Python plugin test output to match Python 3.12.
Sep 25, 2023, 08:55 AM
#330118 sent by Evgeny Sinelnikov
The Samba4 CIFS and AD client and server suite
Sept. 23, 2023 Evgeny Sinelnikov:
- Update to security release of Samba 4.17 - smbd fileserver fixes (Samba#15419, Samba#15420, Samba#15430, Samba#15432, Samba#15417, Samba#15346, Samba#15453, Samba#15435): + Weird filename can cause assert to fail in openat_pathref_fsp_nosymlink(). + reply_sesssetup_and_X() can dereference uninitialized tmp pointer. + Missing return in reply_exit_done(). + TREE_CONNECT without SETUP causes smbd to use uninitialized pointer. + Renaming results in NT_STATUS_SHARING_VIOLATION if previously attempted to remove the destination. + 2-3min delays at reconnect with smb2_validate_sequence_number: bad message_id 2. + File doesn't show when user doesn't have permission if aio_pthread is loaded. + Regression DFS not working with widelinks = true. - replication fixes (Samba#15401, Samba#15407) + Improve GetNChanges to address some (but not all "Azure AD Connect") syncronisation tool looping during the initial user sync phase. + Samba replication logs show (null) DN. - tools fixes (Samba#15384, Samba#15441, Samba#15451): + net ads lookup (with unspecified realm) fails + samba-tool ntacl get segfault if aio_pthread appended. + ctdb_killtcp fails to work with --enable-pcap and libpcap >= 1.9.1. - other protocol fixes (Samba#15446, Samba#9959, Samba#15463 Samba#15449, Samba#15342, Samba#15427): + DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED can't be parsed. + Windows client join fails if a second container CN=System exists somewhere. + macOS mdfind returns only 50 results. + mdssvc: Do an early talloc_free() in _mdssvc_open(). + Spotlight sometimes returns no results on latest macOS. + Spotlight results return wrong date in result list. - Compatibility fixes of spec (thx asheplyakov@): + added missing BR: alternatives. + added rpm-macros-alterinatives as a pre-requirement. + added missing build-requirements: flex, liblmdb-devel. + dropped obsolete build dependency on gtk+2. + samba-client: libldb-cmdline-samba4.so. - Disabled tracker backend in spotlight (obsolete with version less than 3.x). - Disabled glusterfs on armh due it not supported on this architecture.
Sep 15, 2023, 05:56 PM
#329661 sent by Evgeny Sinelnikov
alterator module for tcp/ip connections configuration
Sept. 15, 2023 Evgeny Sinelnikov:
- Fix systemd-networkd cache initialization
Aug 29, 2023, 03:21 AM
#327948 sent by Evgeny Sinelnikov
Glasgow Haskell Compilation system
Aug. 26, 2023 Evgeny Sinelnikov:
- Rebuild with ghc 8.10.7 (final second bootstrap)
Aug 28, 2023, 11:30 PM
#327893 sent by Evgeny Sinelnikov
Glasgow Haskell Compilation system
Aug. 26, 2023 Evgeny Sinelnikov:
- Fix build with new gcc versions: + Don't mark evacuate_large as inline - Fix build docs: use modern sphinx syntax for extlinks - Bootstrap again from version 8.6.4 to 8.10.7
Aug 11, 2023, 11:14 AM
#326924 sent by Evgeny Sinelnikov
Texts of various distribution licenses
Aug. 11, 2023 Evgeny Sinelnikov:
- Initial ALT_Product_License Common default license for products: + ALT Workstation + ALT Workstation K + ALT Education + ALT Virtualization Server
Aug 11, 2023, 04:29 AM
#326906 sent by Evgeny Sinelnikov
Scripts used to build mkimage-based images
July 6, 2023 Evgeny Sinelnikov:
- Fixed prepare-vm script dependency to gpasswd.
Aug 10, 2023, 12:04 PM
#326863 sent by Evgeny Sinelnikov
Texts of various distribution licenses
Aug. 10, 2023 Evgeny Sinelnikov:
- Update distro licenses installation process. - Update license for ALT Server distribution (ALT_Server_License). - Initial licenses for ALT SP (ALT_SP_License) and Simply Linux (ALT_Simply_License) distributions.
distribution checker for Sisyphus
July 7, 2023 Evgeny Sinelnikov:
- Fix check of mime type for images.
Jul 27, 2023, 03:23 AM