This bug was fixed in the package samba - 2:4.3.11+dfsg-0ubuntu0.14.04.4
---------------
samba (2:4.3.11+dfsg-0ubuntu0.14.04.4) trusty-security; urgency=medium
* SECURITY UPDATE: remote code execution via heap overflow in NDR parsing
- debian/patches/CVE-2016-2123.patch: check lengths in
librpc/ndr/ndr_dnsp.c.
- CVE-2016-2123
* SECURITY UPDATE: unconditional privilege delegation to Kerberos servers
- debian/patches/CVE-2016-2125.patch: don't use GSS_C_DELEG_FLAG in
source4/scripting/bin/nsupdate-gss, source3/librpc/crypto/gse.c,
source4/auth/gensec/gensec_gssapi.c.
- CVE-2016-2125
* SECURITY UPDATE: privilege elevation in Kerberos PAC validation
- debian/patches/CVE-2016-2126.patch: only allow known checksum types
in auth/kerberos/kerberos_pac.c.
- CVE-2016-2126
-- Marc Deslauriers <[email protected]> Mon, 12 Dec 2016
08:40:01 -0500
** Changed in: samba (Ubuntu Trusty)
Status: In Progress => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-2123
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-2125
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-2126
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1584485
Title:
Upgrading samba to latest security fixes together with winbind in
nsswitch.conf can harm entire OS
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1584485/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
