[Git][security-tracker-team/security-tracker][master] samba fixed in experimental
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Apr 5 14:51:06 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4dd638d1 by Moritz Muehlenhoff at 2022-04-05T15:50:37+02:00
samba fixed in experimental
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13963,6 +13963,7 @@ CVE-2022-0337
RESERVED
CVE-2022-0336 [Samba AD users with permission to write to an account can impersonate arbitrary services]
RESERVED
+ [experimental] - samba 2:4.16.0+dfsg-1
- samba <unfixed> (bug #1004694)
[bullseye] - samba 2:4.13.13+dfsg-1~deb11u3
[buster] - samba <no-dsa> (Minor issue; affects Samba as AD DC)
@@ -25980,6 +25981,7 @@ CVE-2021-44143 (A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to
NOTE: https://www.openwall.com/lists/oss-security/2021/12/03/2
CVE-2021-44142 (The Samba vfs_fruit module uses extended file attributes (EA, xattr) t ...)
{DSA-5071-1}
+ [experimental] - samba 2:4.16.0+dfsg-1
- samba <unfixed> (bug #1004693)
NOTE: https://www.samba.org/samba/security/CVE-2021-44142.html
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14914
@@ -25987,6 +25989,7 @@ CVE-2021-44142 (The Samba vfs_fruit module uses extended file attributes (EA, xa
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-245/
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-246/
CVE-2021-44141 (All versions of Samba prior to 4.15.5 are vulnerable to a malicious cl ...)
+ [experimental] - samba 2:4.16.0+dfsg-1
- samba <unfixed> (bug #1004692)
[bullseye] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
[buster] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
@@ -28716,6 +28719,7 @@ CVE-2021-43568 (The verify function in the Stark Bank Elixir ECDSA library (ecds
CVE-2021-43567
RESERVED
CVE-2021-43566 (All versions of Samba prior to 4.13.16 are vulnerable to a malicious c ...)
+ [experimental] - samba 2:4.16.0+dfsg-1
- samba <unfixed> (bug #1004691)
[bullseye] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
[buster] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
@@ -90244,6 +90248,7 @@ CVE-2021-20317 (A flaw was found in the Linux kernel. A corrupted timer tree cau
NOTE: https://git.kernel.org/linus/511885d7061eda3eb1faf3f57dcc936ff75863f1 (5.4-rc1)
CVE-2021-20316
RESERVED
+ [experimental] - samba 2:4.16.0+dfsg-1
- samba <unfixed> (bug #1004690)
[bullseye] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
[buster] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4dd638d1be0ffb16682dbfff3bb4f8d4c3081308
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4dd638d1be0ffb16682dbfff3bb4f8d4c3081308
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220405/050175f5/attachment.htm>
More information about the debian-security-tracker-commits
mailing list