Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d83fa984 by Salvatore Bonaccorso at 2020-11-18T22:50:12+01:00
Track unstable upload for samba (adressing some CVEs)
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -34779,7 +34779,7 @@ CVE-2020-14384 (A flaw was found in JBossWeb in
versions before 7.5.31.Final-red
CVE-2020-14383 [An authenticated user can crash the DCE/RPC DNS with easily
crafted records]
RESERVED
[experimental] - samba 2:4.13.2+dfsg-1
- - samba <unfixed> (bug #973398)
+ - samba 2:4.13.2+dfsg-2 (bug #973398)
[buster] - samba <no-dsa> (Minor issue)
NOTE: https://www.samba.org/samba/security/CVE-2020-14383.html
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14472
@@ -35052,7 +35052,7 @@ CVE-2020-14324 (A high severity vulnerability was found
in all active versions o
NOT-FOR-US: Red Hat CloudForm
CVE-2020-14323 (A null pointer dereference flaw was found in samba's Winbind
service i ...)
[experimental] - samba 2:4.13.2+dfsg-1
- - samba <unfixed> (bug #973399)
+ - samba 2:4.13.2+dfsg-2 (bug #973399)
[buster] - samba <no-dsa> (Minor issue)
NOTE: https://www.samba.org/samba/security/CVE-2020-14323.html
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14436
@@ -35067,7 +35067,7 @@ CVE-2020-14319 (It was found that the AMQ Online
console is vulnerable to a Cros
CVE-2020-14318 [Missing handle permissions check in SMB1/2/3 ChangeNotify]
RESERVED
[experimental] - samba 2:4.13.2+dfsg-1
- - samba <unfixed> (bug #973400)
+ - samba 2:4.13.2+dfsg-2 (bug #973400)
[buster] - samba <no-dsa> (Minor issue)
NOTE: https://www.samba.org/samba/security/CVE-2020-14318.html
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14434
@@ -72159,7 +72159,7 @@ CVE-2020-1473 (A remote code execution vulnerability
exists when the Windows Jet
NOT-FOR-US: Microsoft
CVE-2020-1472 (An elevation of privilege vulnerability exists when an attacker
establ ...)
[experimental] - samba 2:4.13.2+dfsg-1
- - samba <unfixed> (bug #971048)
+ - samba 2:4.13.2+dfsg-2 (bug #971048)
[buster] - samba <no-dsa> (Has already safe defaults; can be fixed
along in point release)
NOTE:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472
NOTE: Originally a Microsoft only CVE but it was found that the
ZeroLogon attack
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d83fa984b529c4b94cc4494dfaa6021ce73eb807
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d83fa984b529c4b94cc4494dfaa6021ce73eb807
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
