[Git][security-tracker-team/security-tracker][master] Add samba upstream bug references

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jan 31 14:08:31 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
32dd4a4b by Salvatore Bonaccorso at 2022-01-31T15:08:06+01:00
Add samba upstream bug references

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1715,6 +1715,7 @@ CVE-2022-0336 [Samba AD users with permission to write to an account can imperso
 	- samba <unfixed>
 	[buster] - samba <no-dsa> (Minor issue; affects Samba as AD DC)
 	NOTE: https://www.samba.org/samba/security/CVE-2022-0336.html
+	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14950
 CVE-2022-23834
 	RESERVED
 CVE-2022-23833
@@ -13170,9 +13171,11 @@ CVE-2021-44143 (A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to
 CVE-2021-44142 [Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution]
 	- samba <unfixed>
 	NOTE: https://www.samba.org/samba/security/CVE-2021-44142.html
+	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14914
 CVE-2021-44141 [Information leak via symlinks of existance of files or directories outside of the exported share]
 	- samba <unfixed>
 	NOTE: https://www.samba.org/samba/security/CVE-2021-44141.html
+	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14911
 CVE-2021-44140 (Remote attackers may delete arbitrary files in a system hosting a JSPW ...)
 	- jspwiki <removed>
 CVE-2021-44139



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32dd4a4b9891bba37636026e21983c187106c94f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32dd4a4b9891bba37636026e21983c187106c94f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220131/2a076d47/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list