[Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-3670/{samba,ldb}

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Apr 30 08:21:21 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5e6a9f5d by Salvatore Bonaccorso at 2022-04-30T09:20:33+02:00
Update status for CVE-2021-3670/{samba,ldb}

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -50011,11 +50011,21 @@ CVE-2021-3671 (A null pointer de-reference was found in the way samba kerberos s
 	NOTE: Fixed by (Samba): https://gitlab.com/samba-team/samba/-/commit/0cb4b939f192376bf5e33637863a91a20f74c5a5
 CVE-2021-3670 [MaxQueryDuration not honoured in Samba AD DC LDAP]
 	RESERVED
-	- samba <unfixed>
+	- ldb 2:2.2.3-1
+	[buster] - ldb <no-dsa> (Minor issue)
+	- samba 2:4.16.0+dfsg-2
+	[bullseye] - samba <no-dsa> (Minor issue)
 	[buster] - samba <ignored> (Minor issue; affects Samba as AD DC; cf DSA 5015-1)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2077533
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14694
+	NOTE: https://gitlab.com/samba-team/samba/-/commit/dcfcafdbf756e12d9077ad7920eea25478c29f81
 	NOTE: https://gitlab.com/samba-team/samba/-/commit/86fe9d48883f87c928bf31ccbd275db420386803
+	NOTE: https://gitlab.com/samba-team/samba/-/commit/e1ab0c43629686d1d2c0b0b2bcdc90057a792049
+	NOTE: ldb: https://gitlab.com/samba-team/samba/-/commit/1d5b155619bc532c46932965b215bd73a920e56f
+	NOTE: https://gitlab.com/samba-team/samba/-/commit/2b3af3b560c9617a233c131376c870fce146c002
+	NOTE: https://gitlab.com/samba-team/samba/-/commit/5f0590362c5c0c5ee20503a67467f9be2d50e73b
+	NOTE: https://gitlab.com/samba-team/samba/-/commit/3507e96b3dcf0c0b8eff7b2c08ffccaf0812a393
+	NOTE: Fixed in ldb 2.5.0, 2.4.2 and 2.3.3
 CVE-2021-37714 (jsoup is a Java library for working with HTML. Those using jsoup versi ...)
 	- jsoup 1.14.2-1 (bug #992590)
 	[bullseye] - jsoup <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e6a9f5debf53a3a71988a73d981528424df2b9e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e6a9f5debf53a3a71988a73d981528424df2b9e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220430/74b4f553/attachment.htm>

More information about the debian-security-tracker-commits mailing list