[Git][security-tracker-team/security-tracker][master] Fixes for samba previously in experimental landed in unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Apr 8 05:22:49 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3655f091 by Salvatore Bonaccorso at 2022-04-08T06:22:00+02:00
Fixes for samba previously in experimental landed in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14091,7 +14091,7 @@ CVE-2022-0337
CVE-2022-0336 [Samba AD users with permission to write to an account can impersonate arbitrary services]
RESERVED
[experimental] - samba 2:4.16.0+dfsg-1
- - samba <unfixed> (bug #1004694)
+ - samba 2:4.16.0+dfsg-2 (bug #1004694)
[bullseye] - samba 2:4.13.13+dfsg-1~deb11u3
[buster] - samba <no-dsa> (Minor issue; affects Samba as AD DC)
NOTE: https://www.samba.org/samba/security/CVE-2022-0336.html
@@ -26112,7 +26112,7 @@ CVE-2021-44143 (A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to
CVE-2021-44142 (The Samba vfs_fruit module uses extended file attributes (EA, xattr) t ...)
{DSA-5071-1}
[experimental] - samba 2:4.16.0+dfsg-1
- - samba <unfixed> (bug #1004693)
+ - samba 2:4.16.0+dfsg-2 (bug #1004693)
NOTE: https://www.samba.org/samba/security/CVE-2021-44142.html
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14914
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-244/
@@ -26120,7 +26120,7 @@ CVE-2021-44142 (The Samba vfs_fruit module uses extended file attributes (EA, xa
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-246/
CVE-2021-44141 (All versions of Samba prior to 4.15.5 are vulnerable to a malicious cl ...)
[experimental] - samba 2:4.16.0+dfsg-1
- - samba <unfixed> (bug #1004692)
+ - samba 2:4.16.0+dfsg-2 (bug #1004692)
[bullseye] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
[buster] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
NOTE: https://www.samba.org/samba/security/CVE-2021-44141.html
@@ -28851,7 +28851,7 @@ CVE-2021-43567
RESERVED
CVE-2021-43566 (All versions of Samba prior to 4.13.16 are vulnerable to a malicious c ...)
[experimental] - samba 2:4.16.0+dfsg-1
- - samba <unfixed> (bug #1004691)
+ - samba 2:4.16.0+dfsg-2 (bug #1004691)
[bullseye] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
[buster] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
NOTE: https://www.samba.org/samba/security/CVE-2021-43566.html
@@ -90393,7 +90393,7 @@ CVE-2021-20317 (A flaw was found in the Linux kernel. A corrupted timer tree cau
CVE-2021-20316
RESERVED
[experimental] - samba 2:4.16.0+dfsg-1
- - samba <unfixed> (bug #1004690)
+ - samba 2:4.16.0+dfsg-2 (bug #1004690)
[bullseye] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
[buster] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
NOTE: https://www.samba.org/samba/security/CVE-2021-20316.html
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3655f0914b372133148e110140fe52fab81b5e65
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3655f0914b372133148e110140fe52fab81b5e65
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220408/363c6027/attachment.htm>
More information about the debian-security-tracker-commits
mailing list