[Git][security-tracker-team/security-tracker][master] Fixes for samba previously in experimental landed in unstable

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Apr 8 05:22:49 BST 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3655f091 by Salvatore Bonaccorso at 2022-04-08T06:22:00+02:00
Fixes for samba previously in experimental landed in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14091,7 +14091,7 @@ CVE-2022-0337
 CVE-2022-0336 [Samba AD users with permission to write to an account can impersonate arbitrary services]
 	RESERVED
 	[experimental] - samba 2:4.16.0+dfsg-1
-	- samba <unfixed> (bug #1004694)
+	- samba 2:4.16.0+dfsg-2 (bug #1004694)
 	[bullseye] - samba 2:4.13.13+dfsg-1~deb11u3
 	[buster] - samba <no-dsa> (Minor issue; affects Samba as AD DC)
 	NOTE: https://www.samba.org/samba/security/CVE-2022-0336.html
@@ -26112,7 +26112,7 @@ CVE-2021-44143 (A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to
 CVE-2021-44142 (The Samba vfs_fruit module uses extended file attributes (EA, xattr) t ...)
 	{DSA-5071-1}
 	[experimental] - samba 2:4.16.0+dfsg-1
-	- samba <unfixed> (bug #1004693)
+	- samba 2:4.16.0+dfsg-2 (bug #1004693)
 	NOTE: https://www.samba.org/samba/security/CVE-2021-44142.html
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14914
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-244/
@@ -26120,7 +26120,7 @@ CVE-2021-44142 (The Samba vfs_fruit module uses extended file attributes (EA, xa
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-246/
 CVE-2021-44141 (All versions of Samba prior to 4.15.5 are vulnerable to a malicious cl ...)
 	[experimental] - samba 2:4.16.0+dfsg-1
-	- samba <unfixed> (bug #1004692)
+	- samba 2:4.16.0+dfsg-2 (bug #1004692)
 	[bullseye] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
 	[buster] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
 	NOTE: https://www.samba.org/samba/security/CVE-2021-44141.html
@@ -28851,7 +28851,7 @@ CVE-2021-43567
 	RESERVED
 CVE-2021-43566 (All versions of Samba prior to 4.13.16 are vulnerable to a malicious c ...)
 	[experimental] - samba 2:4.16.0+dfsg-1
-	- samba <unfixed> (bug #1004691)
+	- samba 2:4.16.0+dfsg-2 (bug #1004691)
 	[bullseye] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
 	[buster] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
 	NOTE: https://www.samba.org/samba/security/CVE-2021-43566.html
@@ -90393,7 +90393,7 @@ CVE-2021-20317 (A flaw was found in the Linux kernel. A corrupted timer tree cau
 CVE-2021-20316
 	RESERVED
 	[experimental] - samba 2:4.16.0+dfsg-1
-	- samba <unfixed> (bug #1004690)
+	- samba 2:4.16.0+dfsg-2 (bug #1004690)
 	[bullseye] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
 	[buster] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
 	NOTE: https://www.samba.org/samba/security/CVE-2021-20316.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3655f0914b372133148e110140fe52fab81b5e65

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3655f0914b372133148e110140fe52fab81b5e65
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220408/363c6027/attachment.htm>


More information about the debian-security-tracker-commits mailing list