Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
47acf6aa by Salvatore Bonaccorso at 2018-11-27T10:15:02Z
samba issues fixed in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9589,7 +9589,7 @@ CVE-2018-16858
RESERVED
CVE-2018-16857 [Bad password count in AD DC not always effective]
RESERVED
- - samba <unfixed>
+ - samba 2:4.9.2+dfsg-2
[stretch] - samba <not-affected> (Vulnerable code not present)
[jessie] - samba <not-affected> (Vulnerable code not present)
NOTE: https://www.samba.org/samba/security/CVE-2018-16857.html
@@ -9610,20 +9610,20 @@ CVE-2018-16854 (A flaw was found in moodle before
versions 3.6, 3.5.3, 3.4.6, 3.
NOTE:
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-63183
CVE-2018-16853 [Samba AD DC S4U2Self Crash in experimental MIT Kerberos
configuration]
RESERVED
- - samba <unfixed> (unimportant)
+ - samba 2:4.9.2+dfsg-2 (unimportant)
[stretch] - samba <not-affected> (Vulnerable code not present)
[jessie] - samba <not-affected> (Vulnerable code not present)
NOTE: https://www.samba.org/samba/security/CVE-2018-16853.html
NOTE: Samba in Debian is built with the default Heimdal Kerberos build
CVE-2018-16852 [NULL pointer de-reference in Samba AD DC DNS servers]
RESERVED
- - samba <unfixed>
+ - samba 2:4.9.2+dfsg-2
[stretch] - samba <not-affected> (Vulnerable code not present)
[jessie] - samba <not-affected> (Vulnerable code not present)
NOTE: https://www.samba.org/samba/security/CVE-2018-16852.html
CVE-2018-16851 [NULL pointer de-reference in Samba AD DC LDAP server]
RESERVED
- - samba <unfixed>
+ - samba 2:4.9.2+dfsg-2
NOTE: https://www.samba.org/samba/security/CVE-2018-16851.html
CVE-2018-16850 (postgresql before versions 11.1, 10.6 is vulnerable to a to
SQL ...)
- postgresql-11 11.1-1
@@ -9675,7 +9675,7 @@ CVE-2018-16842 (Curl versions 7.14.1 through 7.61.1 are
vulnerable to a heap-bas
NOTE: Fixed by:
https://github.com/curl/curl/commit/d530e92f59ae9bb2d47066c3c460b25d2ffeb211
CVE-2018-16841 [Double-free in Samba AD DC KDC with PKINIT]
RESERVED
- - samba <unfixed>
+ - samba 2:4.9.2+dfsg-2
[jessie] - samba <not-affected> (Vulnerable code not present)
NOTE: https://www.samba.org/samba/security/CVE-2018-16841.html
CVE-2018-16840 (A heap use-after-free flaw was found in curl versions from
7.59.0 ...)
@@ -15230,7 +15230,7 @@ CVE-2018-14630 (moodle before versions 3.5.2, 3.4.5,
3.3.8, 3.1.14 is vulnerable
- moodle <removed>
CVE-2018-14629 [Unprivileged adding of CNAME record causing loop in AD
Internal DNS server]
RESERVED
- - samba <unfixed>
+ - samba 2:4.9.2+dfsg-2
NOTE: https://www.samba.org/samba/security/CVE-2018-14629.html
CVE-2018-14628
RESERVED
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/47acf6aa3ac779b94db7008032bf99f2b049d2f9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/47acf6aa3ac779b94db7008032bf99f2b049d2f9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
