[Pkg-samba-maint] [Git][samba-team/samba][master] Deleted 1 commit: update changelog; upload version 4.17.7+dfsg-1 to unstable

Michael Tokarev (@mjt) gitlab at salsa.debian.org
Wed Mar 29 16:11:34 BST 2023 


Michael Tokarev pushed to branch master at Debian Samba Team / samba


WARNING: The push did not contain any new commits, but force pushed to delete the commits and changes below.


Deleted commits:
3516a129 by Michael Tokarev at 2023-03-29T18:03:52+03:00
update changelog; upload version 4.17.7+dfsg-1 to unstable

- - - - -


1 changed file:

- debian/changelog


Changes:

=====================================
debian/changelog
=====================================
@@ -1,3 +1,24 @@
+samba (2:4.17.7+dfsg-1) unstable; urgency=high
+
+  * upstream stable/security/bugfix release, fixing the following issues:
+    o CVE-2023-0225: An incomplete access check on dnsHostName allows
+      authenticated but otherwise unprivileged users to delete this
+      attribute from any object in the directory.
+      https://www.samba.org/samba/security/CVE-2023-0225.html
+    o CVE-2023-0922: The Samba AD DC administration tool, when operating
+      against a remote LDAP server, will by default send new or reset
+      passwords over a signed-only connection.
+      https://www.samba.org/samba/security/CVE-2023-0922.html
+    o CVE-2023-0614: Fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919
+      Confidential attribute disclosure via LDAP filters was insufficient and
+      an attacker may be able to obtain confidential BitLocker recovery keys
+      from a Samba AD DC.  Installations with such secrets in their Samba AD
+      should assume they have been obtained and need replacing.
+      https://www.samba.org/samba/security/CVE-2023-0614.html
+    Closes: CVE-2023-0225 CVE-2023-0922 CVE-2023-0614
+
+ -- Michael Tokarev <mjt at tls.msk.ru>  Wed, 29 Mar 2023 17:59:17 +0300
+
 samba (2:4.17.6+dfsg-1) unstable; urgency=medium
 
   * new upstream stable/bugfix release 4.17.6:



View it on GitLab: https://salsa.debian.org/samba-team/samba/-/commit/3516a1297a52b6d9e1ca27796ec332d619aafa64

-- 
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/commit/3516a1297a52b6d9e1ca27796ec332d619aafa64
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-samba-maint/attachments/20230329/d8d35177/attachment-0001.htm>

More information about the Pkg-samba-maint mailing list