[Git][security-tracker-team/security-tracker][master] Track fixed version for samba via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Nov 9 21:14:27 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
63ea6a56 by Salvatore Bonaccorso at 2021-11-09T22:13:59+01:00
Track fixed version for samba via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2813,7 +2813,7 @@ CVE-2021-3895
CVE-2021-23192 [dcerpc requests don't check all fragments against the first auth_state]
RESERVED
{DSA-5003-1}
- - samba <unfixed>
+ - samba 2:4.13.14+dfsg-1
[buster] - samba <not-affected> (Vulnerable code introduced later)
[stretch] - samba <not-affected> (Vulnerable code introduced later)
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14875
@@ -10131,7 +10131,7 @@ CVE-2021-40146 (A Remote Code Execution (RCE) vulnerability was discovered in th
CVE-2021-3738 [crash in dsdb stack]
RESERVED
{DSA-5003-1}
- - samba <unfixed>
+ - samba 2:4.13.14+dfsg-1
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14468
NOTE: https://www.samba.org/samba/security/CVE-2021-3738.html
CVE-2021-3737 [client can enter an infinite loop on a 100 Continue response from the server]
@@ -76905,14 +76905,14 @@ CVE-2020-25723 (A reachable assertion issue was found in the USB EHCI emulation
CVE-2020-25722 [AD DC UPN vs samAccountName not checked]
RESERVED
{DSA-5003-1}
- - samba <unfixed>
+ - samba 2:4.13.14+dfsg-1
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14564
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
NOTE: https://www.samba.org/samba/security/CVE-2020-25722.html
CVE-2020-25721 [[Kerberos acceptors need easy access to stable AD identifiers (eg objectSid)]
RESERVED
{DSA-5003-1}
- - samba <unfixed>
+ - samba 2:4.13.14+dfsg-1
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14557
NOTE: https://www.samba.org/samba/security/CVE-2020-25721.html
@@ -76921,21 +76921,21 @@ CVE-2020-25720
CVE-2020-25719 [AD DC Username based races when no PAC is given]
RESERVED
{DSA-5003-1}
- - samba <unfixed>
+ - samba 2:4.13.14+dfsg-1
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14561
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
NOTE: https://www.samba.org/samba/security/CVE-2020-25719.html
CVE-2020-25718 [An RODC can issue (forge) administrator tickets to other servers]
RESERVED
{DSA-5003-1}
- - samba <unfixed>
+ - samba 2:4.13.14+dfsg-1
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14558
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
NOTE: https://www.samba.org/samba/security/CVE-2020-25718.html
CVE-2020-25717 [A user on the domain can become root on domain members]
RESERVED
{DSA-5003-1}
- - samba <unfixed>
+ - samba 2:4.13.14+dfsg-1
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14556
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
NOTE: https://www.samba.org/samba/security/CVE-2020-25717.html
@@ -328205,7 +328205,7 @@ CVE-2016-2125 (It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 alwa
CVE-2016-2124 [SMB1 client connections can be downgraded to plaintext authentication]
RESERVED
{DSA-5003-1}
- - samba <unfixed>
+ - samba 2:4.13.14+dfsg-1
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=12444
NOTE: https://www.samba.org/samba/security/CVE-2016-2124.html
CVE-2016-2123 (A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine n ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/63ea6a569fbf5d714d7de45f080e34d55ac0d1e9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/63ea6a569fbf5d714d7de45f080e34d55ac0d1e9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211109/3311b5ca/attachment.htm>
More information about the debian-security-tracker-commits
mailing list