Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3655f091 by Salvatore Bonaccorso at 2022-04-08T06:22:00+02:00
Fixes for samba previously in experimental landed in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14091,7 +14091,7 @@ CVE-2022-0337
CVE-2022-0336 [Samba AD users with permission to write to an account can
impersonate arbitrary services]
RESERVED
[experimental] - samba 2:4.16.0+dfsg-1
- - samba <unfixed> (bug #1004694)
+ - samba 2:4.16.0+dfsg-2 (bug #1004694)
[bullseye] - samba 2:4.13.13+dfsg-1~deb11u3
[buster] - samba <no-dsa> (Minor issue; affects Samba as AD DC)
NOTE: https://www.samba.org/samba/security/CVE-2022-0336.html
@@ -26112,7 +26112,7 @@ CVE-2021-44143 (A flaw was found in mbsync in isync
1.4.0 through 1.4.3. Due to
CVE-2021-44142 (The Samba vfs_fruit module uses extended file attributes (EA,
xattr) t ...)
{DSA-5071-1}
[experimental] - samba 2:4.16.0+dfsg-1
- - samba <unfixed> (bug #1004693)
+ - samba 2:4.16.0+dfsg-2 (bug #1004693)
NOTE: https://www.samba.org/samba/security/CVE-2021-44142.html
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14914
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-244/
@@ -26120,7 +26120,7 @@ CVE-2021-44142 (The Samba vfs_fruit module uses
extended file attributes (EA, xa
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-246/
CVE-2021-44141 (All versions of Samba prior to 4.15.5 are vulnerable to a
malicious cl ...)
[experimental] - samba 2:4.16.0+dfsg-1
- - samba <unfixed> (bug #1004692)
+ - samba 2:4.16.0+dfsg-2 (bug #1004692)
[bullseye] - samba <ignored> (Minor issue; no backport to older
versions, mitigations exists)
[buster] - samba <ignored> (Minor issue; no backport to older versions,
mitigations exists)
NOTE: https://www.samba.org/samba/security/CVE-2021-44141.html
@@ -28851,7 +28851,7 @@ CVE-2021-43567
RESERVED
CVE-2021-43566 (All versions of Samba prior to 4.13.16 are vulnerable to a
malicious c ...)
[experimental] - samba 2:4.16.0+dfsg-1
- - samba <unfixed> (bug #1004691)
+ - samba 2:4.16.0+dfsg-2 (bug #1004691)
[bullseye] - samba <ignored> (Minor issue; no backport to older
versions, mitigations exists)
[buster] - samba <ignored> (Minor issue; no backport to older versions,
mitigations exists)
NOTE: https://www.samba.org/samba/security/CVE-2021-43566.html
@@ -90393,7 +90393,7 @@ CVE-2021-20317 (A flaw was found in the Linux kernel. A
corrupted timer tree cau
CVE-2021-20316
RESERVED
[experimental] - samba 2:4.16.0+dfsg-1
- - samba <unfixed> (bug #1004690)
+ - samba 2:4.16.0+dfsg-2 (bug #1004690)
[bullseye] - samba <ignored> (Minor issue; no backport to older
versions, mitigations exists)
[buster] - samba <ignored> (Minor issue; no backport to older versions,
mitigations exists)
NOTE: https://www.samba.org/samba/security/CVE-2021-20316.html
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3655f0914b372133148e110140fe52fab81b5e65
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3655f0914b372133148e110140fe52fab81b5e65
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
