[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for some samba issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jan 31 20:17:10 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
84e7ab56 by Salvatore Bonaccorso at 2022-01-31T21:16:36+01:00
Add Debian bug reference for some samba issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1764,7 +1764,7 @@ CVE-2022-0337
RESERVED
CVE-2022-0336 [Samba AD users with permission to write to an account can impersonate arbitrary services]
RESERVED
- - samba <unfixed>
+ - samba <unfixed> (bug #1004694)
[buster] - samba <no-dsa> (Minor issue; affects Samba as AD DC)
NOTE: https://www.samba.org/samba/security/CVE-2022-0336.html
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14950
@@ -13239,12 +13239,12 @@ CVE-2021-44143 (A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to
NOTE: https://www.openwall.com/lists/oss-security/2021/12/03/2
CVE-2021-44142 [Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution]
RESERVED
- - samba <unfixed>
+ - samba <unfixed> (bug #1004693)
NOTE: https://www.samba.org/samba/security/CVE-2021-44142.html
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14914
CVE-2021-44141 [Information leak via symlinks of existance of files or directories outside of the exported share]
RESERVED
- - samba <unfixed>
+ - samba <unfixed> (bug #1004692)
NOTE: https://www.samba.org/samba/security/CVE-2021-44141.html
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14911
CVE-2021-44140 (Remote attackers may delete arbitrary files in a system hosting a JSPW ...)
@@ -15870,7 +15870,7 @@ CVE-2021-43568 (The verify function in the Stark Bank Elixir ECDSA library (ecds
CVE-2021-43567
RESERVED
CVE-2021-43566 (All versions of Samba prior to 4.13.16 are vulnerable to a malicious c ...)
- - samba <unfixed>
+ - samba <unfixed> (bug #1004691)
[bullseye] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
[buster] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
NOTE: https://www.samba.org/samba/security/CVE-2021-43566.html
@@ -77114,7 +77114,7 @@ CVE-2021-20317 (A flaw was found in the Linux kernel. A corrupted timer tree cau
NOTE: https://git.kernel.org/linus/511885d7061eda3eb1faf3f57dcc936ff75863f1 (5.4-rc1)
CVE-2021-20316
RESERVED
- - samba <unfixed>
+ - samba <unfixed> (bug #1004690)
[bullseye] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
[buster] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
NOTE: https://www.samba.org/samba/security/CVE-2021-20316.html
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84e7ab56fd1edcf5965931cad83f43ad489627c9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84e7ab56fd1edcf5965931cad83f43ad489627c9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220131/e61a2be9/attachment.htm>
More information about the debian-security-tracker-commits
mailing list