[Git][security-tracker-team/security-tracker][master] Track unstable upload for samba (adressing some CVEs)

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d83fa984 by Salvatore Bonaccorso at 2020-11-18T22:50:12+01:00
Track unstable upload for samba (adressing some CVEs)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -34779,7 +34779,7 @@ CVE-2020-14384 (A flaw was found in JBossWeb in versions before 7.5.31.Final-red
 CVE-2020-14383 [An authenticated user can crash the DCE/RPC DNS with easily crafted records]
 	RESERVED
 	[experimental] - samba 2:4.13.2+dfsg-1
-	- samba <unfixed> (bug #973398)
+	- samba 2:4.13.2+dfsg-2 (bug #973398)
 	[buster] - samba <no-dsa> (Minor issue)
 	NOTE: https://www.samba.org/samba/security/CVE-2020-14383.html
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14472
@@ -35052,7 +35052,7 @@ CVE-2020-14324 (A high severity vulnerability was found in all active versions o
 	NOT-FOR-US: Red Hat CloudForm
 CVE-2020-14323 (A null pointer dereference flaw was found in samba's Winbind service i ...)
 	[experimental] - samba 2:4.13.2+dfsg-1
-	- samba <unfixed> (bug #973399)
+	- samba 2:4.13.2+dfsg-2 (bug #973399)
 	[buster] - samba <no-dsa> (Minor issue)
 	NOTE: https://www.samba.org/samba/security/CVE-2020-14323.html
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14436
@@ -35067,7 +35067,7 @@ CVE-2020-14319 (It was found that the AMQ Online console is vulnerable to a Cros
 CVE-2020-14318 [Missing handle permissions check in SMB1/2/3 ChangeNotify]
 	RESERVED
 	[experimental] - samba 2:4.13.2+dfsg-1
-	- samba <unfixed> (bug #973400)
+	- samba 2:4.13.2+dfsg-2 (bug #973400)
 	[buster] - samba <no-dsa> (Minor issue)
 	NOTE: https://www.samba.org/samba/security/CVE-2020-14318.html
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14434
@@ -72159,7 +72159,7 @@ CVE-2020-1473 (A remote code execution vulnerability exists when the Windows Jet
 	NOT-FOR-US: Microsoft
 CVE-2020-1472 (An elevation of privilege vulnerability exists when an attacker establ ...)
 	[experimental] - samba 2:4.13.2+dfsg-1
-	- samba <unfixed> (bug #971048)
+	- samba 2:4.13.2+dfsg-2 (bug #971048)
 	[buster] - samba <no-dsa> (Has already safe defaults; can be fixed along in point release)
 	NOTE: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472
 	NOTE: Originally a Microsoft only CVE but it was found that the ZeroLogon attack



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d83fa984b529c4b94cc4494dfaa6021ce73eb807

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d83fa984b529c4b94cc4494dfaa6021ce73eb807
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201118/69220ded/attachment.html>