[Pkg-samba-maint] [samba] 07/11: SECURITY: Samba 4.3.7 release

[Andrew Bartlett]

This is an automated email from the git hooks/post-receive script.

abartlet-guest pushed a commit to branch master
in repository samba.

commit 3d490e7fe58de7d801e3e93d7bb0a444b99d7f9a
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Wed Apr 6 14:28:15 2016 +1200

    SECURITY: Samba 4.3.7 release
    
    Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
 debian/changelog | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 443fafc..8f5bb5d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,18 @@
+samba (2:4.3.7+dfsg-1) UNRELEASED; urgency=medium
+
+  * New upstream release.
+   + Fixes (Patches by Stefan Metzmacher of SerNet and others on the Samba Team):
+    - CVE-2015-5370 (Multiple errors in DCE-RPC code)
+    - CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
+    - CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
+    - CVE-2016-2112 (LDAP client and server don't enforce integrity)
+    - CVE-2016-2113 (Missing TLS certificate validation)
+    - CVE-2016-2114 ("server signing = mandatory" not enforced)
+    - CVE-2016-2115 (SMB IPC traffic is not integrity protected)
+    - CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)
+
+ -- Andrew Bartlett <abartlet+debian at catalyst.net.nz>  Wed, 06 Apr 2016 14:25:42 +1200
+
 samba (2:4.3.6+dfsg-2) unstable; urgency=low
 
   [ Mathieu Parent ]

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-samba/samba.git