samba (2:4.3.11+dfsg-0ubuntu0.16.04.24) xenial-security; urgency=medium
* SECURITY UPDATE: Samba AD DC zone-named record Denial of Service in DNS
management server
- debian/patches/CVE-2019-14861-1.patch: confirm sort behaviour in
dcesrv_DnssrvEnumRecords.
- debian/patches/CVE-2019-14861-2.patch: remove special case for @ in
dns_build_tree().
- debian/patches/CVE-2019-14861-3.patch: avoid crash in ldb_qsort() via
dcesrv_DnssrvEnumRecords.
- debian/patches/CVE-2019-14861-4.patch: test to demonstrate the bug.
- CVE-2019-14861
* SECURITY UPDATE: DelegationNotAllowed not being enforced in protocol
transition on Samba AD DC
- debian/patches/CVE-2019-14870-1.patch: add user-sensitive command to
set not-delegated flag.
- debian/patches/CVE-2019-14870-2.patch: heimdal: add S4U test for
delegation_not_allowed.
- debian/patches/CVE-2019-14870-3.patch: heimdal: enforce
delegation_not_allowed in S4U2Self.
- debian/patches/CVE-2019-14870-4.patch: mit-kdc: enforce
delegation_not_allowed flag.
- CVE-2019-14870
Date: 2019-11-29 18:43:13.553810+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
Signed-By: Ubuntu Archive Robot
<cjwatson+ubuntu-archive-ro...@chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.24
Sorry, changesfile not available.
--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes
