Question #709563 on samba in Ubuntu changed:
https://answers.launchpad.net/ubuntu/+source/samba/+question/709563
Status: Open => Answered
Manfred Hampl proposed the following answer:
That CVE was already tackled during development and before publishing of Ubuntu
jammy.
It seems to me that version 4.13.17~dfsg-0ubuntu1 was the first one that solved
the problem, and already at publishing date of Ubuntu jammy, samba was provided
in a higher version (2:4.15.5~dfsg-0ubuntu5) which is not vulnerable to
CVE-2021-44142.
My understanding of the CVE listings in Ubuntu is, that the first
version that is not vulnerable to the CVE is shown on that page, and
later updates done on the software, are not shown any more.
In any case, I conclude from combining the information in
https://ubuntu.com/security/CVE-2021-44142 and in
https://launchpad.net/ubuntu/+source/samba that any version of samba in
Ubuntu jammy from the official repositories does not exhibit the problem
in that CVE.
Remark: It may be a bit confusing that sometimes the epoch number "2:"
is shown as part of the version numbers, and sometimes it is missing.
--
You received this question notification because your team Ubuntu
Server/Client Support Team is an answer contact for samba in Ubuntu.
--
Mailing list: https://launchpad.net/~enterprise-support
Post to : [email protected]
Unsubscribe : https://launchpad.net/~enterprise-support
More help : https://help.launchpad.net/ListHelp
