Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package samba for openSUSE:Factory checked in at 2022-02-04 00:45:43 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/samba (Old) and /work/SRC/openSUSE:Factory/.samba.new.1898 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "samba" Fri Feb 4 00:45:43 2022 rev:277 rq:950370 version:4.15.5+git.328.f1f29505d84 Changes: -------- --- /work/SRC/openSUSE:Factory/samba/samba.changes 2022-01-26 21:26:49.498058392 +0100 +++ /work/SRC/openSUSE:Factory/.samba.new.1898/samba.changes 2022-02-04 00:45:49.485327958 +0100 @@ -1,0 +2,25 @@ +Mon Jan 31 14:23:44 UTC 2022 - Noel Power <[email protected]> + +- Update to 4.15.5 + * CVE-2021-44141: UNIX extensions in SMB1 disclose whether the + outside target of a symlink exists; (bso#14911); + (bsc#1193690). + * CVE-2021-44142: Out-of-Bound Read/Write on Samba vfs_fruit + module; (bso#14914); (bsc#1194859). + * CVE-2022-0336: Re-adding an SPN skips subsequent SPN + conflict checks; bso#14950); (bsc#1195048). + +------------------------------------------------------------------- +Wed Jan 26 12:00:35 UTC 2022 - Samuel Cabrero <[email protected]> + +- CVE-2021-44141: Information leak via symlinks of existance of + files or directories outside of the exported share; (bso#14911); + (bsc#1193690); +- CVE-2021-44142: Out-of-bounds heap read/write vulnerability + in VFS module vfs_fruit allows code execution; (bso#14914); + (bsc#1194859); +- CVE-2022-0336: Samba AD users with permission to write to an + account can impersonate arbitrary services; (bso#14950); + (bsc#1195048); + +------------------------------------------------------------------- Old: ---- samba-4.15.4+git.224.dea2f6dc836.tar.bz2 New: ---- samba-4.15.5+git.328.f1f29505d84.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ samba.spec ++++++ --- /var/tmp/diff_new_pack.JSfxli/_old 2022-02-04 00:45:50.589319907 +0100 +++ /var/tmp/diff_new_pack.JSfxli/_new 2022-02-04 00:45:50.593319878 +0100 @@ -208,7 +208,7 @@ %else %define build_make_smp_mflags %{?jobs:-j%jobs} %endif -Version: 4.15.4+git.224.dea2f6dc836 +Version: 4.15.5+git.328.f1f29505d84 Release: 0 URL: https://www.samba.org/ Obsoletes: samba-32bit < %{version} ++++++ samba-4.15.4+git.224.dea2f6dc836.tar.bz2 -> samba-4.15.5+git.328.f1f29505d84.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/samba/samba-4.15.4+git.224.dea2f6dc836.tar.bz2 /work/SRC/openSUSE:Factory/.samba.new.1898/samba-4.15.5+git.328.f1f29505d84.tar.bz2 differ: char 11, line 1
