[Git][security-tracker-team/security-tracker][master] Update status for samba in buster
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Nov 12 21:19:18 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1b010b14 by Salvatore Bonaccorso at 2021-11-12T22:18:49+01:00
Update status for samba in buster
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10351,6 +10351,7 @@ CVE-2021-3738 [crash in dsdb stack]
RESERVED
{DSA-5003-1}
- samba 2:4.13.14+dfsg-1
+ [buster] - samba <no-dsa> (Minor issue; affects Samba as AD DC)
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14468
NOTE: https://www.samba.org/samba/security/CVE-2021-3738.html
CVE-2021-3737 [client can enter an infinite loop on a 100 Continue response from the server]
@@ -77191,6 +77192,7 @@ CVE-2020-25722 [AD DC UPN vs samAccountName not checked]
RESERVED
{DSA-5003-1}
- samba 2:4.13.14+dfsg-1
+ [buster] - samba <ignored> (Intrusive backport; affects Samba as AD DC)
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14564
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
NOTE: https://www.samba.org/samba/security/CVE-2020-25722.html
@@ -77198,6 +77200,7 @@ CVE-2020-25721 [[Kerberos acceptors need easy access to stable AD identifiers (e
RESERVED
{DSA-5003-1}
- samba 2:4.13.14+dfsg-1
+ [buster] - samba <ignored> (Intrusive backport; affects Samba as AD DC)
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14557
NOTE: https://www.samba.org/samba/security/CVE-2020-25721.html
@@ -77207,6 +77210,7 @@ CVE-2020-25719 [AD DC Username based races when no PAC is given]
RESERVED
{DSA-5003-1}
- samba 2:4.13.14+dfsg-1
+ [buster] - samba <ignored> (Intrusive backport; affects Samba as AD DC)
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14561
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
NOTE: https://www.samba.org/samba/security/CVE-2020-25719.html
@@ -77214,6 +77218,7 @@ CVE-2020-25718 [An RODC can issue (forge) administrator tickets to other servers
RESERVED
{DSA-5003-1}
- samba 2:4.13.14+dfsg-1
+ [buster] - samba <ignored> (Intrusive backport; affects Samba as AD DC)
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14558
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
NOTE: https://www.samba.org/samba/security/CVE-2020-25718.html
@@ -77221,6 +77226,7 @@ CVE-2020-25717 [A user on the domain can become root on domain members]
RESERVED
{DSA-5003-1}
- samba 2:4.13.14+dfsg-1
+ [buster] - samba <ignored> (Intrusive backport; backport only 'min domain uid' parameter)
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14556
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
NOTE: https://www.samba.org/samba/security/CVE-2020-25717.html
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b010b140170b64dfbf8264e1cacc1d54e59b7b0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b010b140170b64dfbf8264e1cacc1d54e59b7b0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211112/9b5f0efe/attachment.htm>
More information about the debian-security-tracker-commits
mailing list