[Git][security-tracker-team/security-tracker][master] samba issues fixed in unstable

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
47acf6aa by Salvatore Bonaccorso at 2018-11-27T10:15:02Z
samba issues fixed in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9589,7 +9589,7 @@ CVE-2018-16858
 	RESERVED
 CVE-2018-16857 [Bad password count in AD DC not always effective]
 	RESERVED
-	- samba <unfixed>
+	- samba 2:4.9.2+dfsg-2
 	[stretch] - samba <not-affected> (Vulnerable code not present)
 	[jessie] - samba <not-affected> (Vulnerable code not present)
 	NOTE: https://www.samba.org/samba/security/CVE-2018-16857.html
@@ -9610,20 +9610,20 @@ CVE-2018-16854 (A flaw was found in moodle before versions 3.6, 3.5.3, 3.4.6, 3.
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-63183
 CVE-2018-16853 [Samba AD DC S4U2Self Crash in experimental MIT Kerberos configuration]
 	RESERVED
-	- samba <unfixed> (unimportant)
+	- samba 2:4.9.2+dfsg-2 (unimportant)
 	[stretch] - samba <not-affected> (Vulnerable code not present)
 	[jessie] - samba <not-affected> (Vulnerable code not present)
 	NOTE: https://www.samba.org/samba/security/CVE-2018-16853.html
 	NOTE: Samba in Debian is built with the default Heimdal Kerberos build
 CVE-2018-16852 [NULL pointer de-reference in Samba AD DC DNS servers]
 	RESERVED
-	- samba <unfixed>
+	- samba 2:4.9.2+dfsg-2
 	[stretch] - samba <not-affected> (Vulnerable code not present)
 	[jessie] - samba <not-affected> (Vulnerable code not present)
 	NOTE: https://www.samba.org/samba/security/CVE-2018-16852.html
 CVE-2018-16851 [NULL pointer de-reference in Samba AD DC LDAP server]
 	RESERVED
-	- samba <unfixed>
+	- samba 2:4.9.2+dfsg-2
 	NOTE: https://www.samba.org/samba/security/CVE-2018-16851.html
 CVE-2018-16850 (postgresql before versions 11.1, 10.6 is vulnerable to a to SQL ...)
 	- postgresql-11 11.1-1
@@ -9675,7 +9675,7 @@ CVE-2018-16842 (Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-bas
 	NOTE: Fixed by: https://github.com/curl/curl/commit/d530e92f59ae9bb2d47066c3c460b25d2ffeb211
 CVE-2018-16841 [Double-free in Samba AD DC KDC with PKINIT]
 	RESERVED
-	- samba <unfixed>
+	- samba 2:4.9.2+dfsg-2
 	[jessie] - samba <not-affected> (Vulnerable code not present)
 	NOTE: https://www.samba.org/samba/security/CVE-2018-16841.html
 CVE-2018-16840 (A heap use-after-free flaw was found in curl versions from 7.59.0 ...)
@@ -15230,7 +15230,7 @@ CVE-2018-14630 (moodle before versions 3.5.2, 3.4.5, 3.3.8, 3.1.14 is vulnerable
 	- moodle <removed>
 CVE-2018-14629 [Unprivileged adding of CNAME record causing loop in AD Internal DNS server]
 	RESERVED
-	- samba <unfixed>
+	- samba 2:4.9.2+dfsg-2
 	NOTE: https://www.samba.org/samba/security/CVE-2018-14629.html
 CVE-2018-14628
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/47acf6aa3ac779b94db7008032bf99f2b049d2f9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/47acf6aa3ac779b94db7008032bf99f2b049d2f9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181127/717b7393/attachment.html>