-
autofs (5.1.1-1ubuntu2.1) wily-proposed; urgency=medium
[ Malcolm Scott ]
* d/p/fix-lookup-ldap-crash.patch:
- Fix crash on startup due to uninitialized config. LP: #1503034
[ Michael Terry ]
* d/p/fix-lookup-ldap-crash.patch:
- Adjust above patch to be slightly more generic
-- Brian Murray <email address hidden> Wed, 27 Jan 2016 11:07:01 -0800
-
autofs (5.1.1-1ubuntu2) wily; urgency=low
* Add LDFLAGS to avoid issues with accessing global variables in
shared libraries (LP: #1470687, LP: #1472115).
-- Stefan Bader <email address hidden> Tue, 07 Jul 2015 16:28:53 +0200
-
autofs (5.1.1-1ubuntu1) wily; urgency=low
* Merge from Debian unstable. Remaining changes:
- autofs.upstart script
- debian/rules: build with sssldir path
- d/p/fix-ssslib-search.patch - parts replaced by fix-sssldir.patch
- d/p/16group_buffer_size.patch
* Dropped patches:
- CVE-2014-8169-add-a-prefix-to-program-map-stdvars.patch
- CVE-2014-8169-add-config-option-to-force-use-of-program-map-stdvars.patch
- lp1386869-fix-cant-automount-when--host-exist
autofs (5.1.1-1) unstable; urgency=low
* New upstream release [April 2015].
* Install new "/etc/autofs.conf".
* Patchworks: dropped obsolete patches; marked forwarded patches as such.
* Removed old "14avoid_sock_cloexec.patch" with obsolete workaround for
old kernels.
* Upload to unstable.
autofs (5.1.0-1) experimental; urgency=low
[ Timo Aaltonen <email address hidden> ]
* Add support for sssd backend (Closes: #762843).
- control: Add sssd-common to build-depends.
- rules, fix-sssldir.diff: Check the multiarch lib path when searching
for libsss_autofs.so
[ Salvatore Bonaccorso <email address hidden> ]
* Scan for upstream tarballs in various formats.
The previous watch files only looked for bz2 compressed upstream
tarballs. Upstream switched to tar.xz and tar.gz only since 5.0.9.
Adjust the watch file to catch new upstream versions. (Closes: #779438)
[ Dmitry Smirnov <email address hidden> ]
* Standards-Version to 3.9.6.
* New upstream release [June 2014] (Closes: #779441, #741064, #743939).
* Refreshed patches.
* Dropped obsolete "default-autofs-remove-USE_MISC_DEVICE.patch".
* Install native systemd service using "dh-systemd".
autofs (5.0.8-2) unstable; urgency=medium
[ Salvatore Bonaccorso <email address hidden> ]
* Add patches for CVE-2014-8169 (Closes: #779591).
When a program map uses an interpreted languages like python it is
possible to load and execute arbitray code from a user home directory.
This is because the standard environment variables are used to locate
and load modules when using these languages. To avoid that, a prefix to
these environment names is added so that they aren't used for this
purpose. The prefix used is "AUTOFS_" and is not configurable.
Additionally a configuration option to force the use of program map
standard environment variables is added (FORCE_STANDARD_PROGRAM_MAP_ENV).
[ Dmitry Smirnov <email address hidden> ]
* Refreshed other patches as needed.
-- Chris J Arges <email address hidden> Mon, 06 Jul 2015 14:59:51 -0500
-
autofs (5.0.8-1ubuntu3.1) vivid; urgency=medium
* Fix mount issues when using '-host' in conf file. (LP: #1386869)
-- Seyeong Kim <email address hidden> Tue, 28 Apr 2015 11:53:54 -0500
-
autofs (5.0.8-1ubuntu3) vivid; urgency=medium
* SECURITY UPDATE: privilege escalation via interpreter load path
- debian/patches/CVE-2014-8169-*.patch: add a prefix to program map
stdvars and a config option to override it in include/mounts.h,
lib/mounts.c, modules/lookup_program.c, modules/parse_sun.c,
include/defaults.h, lib/defaults.c, modules/lookup_program.c,
samples/autofs.conf.default.in, document changes in
man/autofs.5, man/auto.master.5.in.
- CVE-2014-8169
-- Marc Deslauriers <email address hidden> Fri, 20 Mar 2015 16:04:47 -0400