[Git][security-tracker-team/security-tracker][master] samba issues fixed in unstable
Salvatore Bonaccorso
carnil at debian.org
Tue Nov 27 10:15:38 GMT 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
47acf6aa by Salvatore Bonaccorso at 2018-11-27T10:15:02Z
samba issues fixed in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9589,7 +9589,7 @@ CVE-2018-16858
RESERVED
CVE-2018-16857 [Bad password count in AD DC not always effective]
RESERVED
- - samba <unfixed>
+ - samba 2:4.9.2+dfsg-2
[stretch] - samba <not-affected> (Vulnerable code not present)
[jessie] - samba <not-affected> (Vulnerable code not present)
NOTE: https://www.samba.org/samba/security/CVE-2018-16857.html
@@ -9610,20 +9610,20 @@ CVE-2018-16854 (A flaw was found in moodle before versions 3.6, 3.5.3, 3.4.6, 3.
NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-63183
CVE-2018-16853 [Samba AD DC S4U2Self Crash in experimental MIT Kerberos configuration]
RESERVED
- - samba <unfixed> (unimportant)
+ - samba 2:4.9.2+dfsg-2 (unimportant)
[stretch] - samba <not-affected> (Vulnerable code not present)
[jessie] - samba <not-affected> (Vulnerable code not present)
NOTE: https://www.samba.org/samba/security/CVE-2018-16853.html
NOTE: Samba in Debian is built with the default Heimdal Kerberos build
CVE-2018-16852 [NULL pointer de-reference in Samba AD DC DNS servers]
RESERVED
- - samba <unfixed>
+ - samba 2:4.9.2+dfsg-2
[stretch] - samba <not-affected> (Vulnerable code not present)
[jessie] - samba <not-affected> (Vulnerable code not present)
NOTE: https://www.samba.org/samba/security/CVE-2018-16852.html
CVE-2018-16851 [NULL pointer de-reference in Samba AD DC LDAP server]
RESERVED
- - samba <unfixed>
+ - samba 2:4.9.2+dfsg-2
NOTE: https://www.samba.org/samba/security/CVE-2018-16851.html
CVE-2018-16850 (postgresql before versions 11.1, 10.6 is vulnerable to a to SQL ...)
- postgresql-11 11.1-1
@@ -9675,7 +9675,7 @@ CVE-2018-16842 (Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-bas
NOTE: Fixed by: https://github.com/curl/curl/commit/d530e92f59ae9bb2d47066c3c460b25d2ffeb211
CVE-2018-16841 [Double-free in Samba AD DC KDC with PKINIT]
RESERVED
- - samba <unfixed>
+ - samba 2:4.9.2+dfsg-2
[jessie] - samba <not-affected> (Vulnerable code not present)
NOTE: https://www.samba.org/samba/security/CVE-2018-16841.html
CVE-2018-16840 (A heap use-after-free flaw was found in curl versions from 7.59.0 ...)
@@ -15230,7 +15230,7 @@ CVE-2018-14630 (moodle before versions 3.5.2, 3.4.5, 3.3.8, 3.1.14 is vulnerable
- moodle <removed>
CVE-2018-14629 [Unprivileged adding of CNAME record causing loop in AD Internal DNS server]
RESERVED
- - samba <unfixed>
+ - samba 2:4.9.2+dfsg-2
NOTE: https://www.samba.org/samba/security/CVE-2018-14629.html
CVE-2018-14628
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/47acf6aa3ac779b94db7008032bf99f2b049d2f9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/47acf6aa3ac779b94db7008032bf99f2b049d2f9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181127/717b7393/attachment.html>
More information about the debian-security-tracker-commits
mailing list