[Pkg-samba-maint] [Git][samba-team/samba][debian_4.16] update changelog; upload version 4.16.10+dfsg-1 to unstable
Michael Tokarev (@mjt)
gitlab at salsa.debian.org
Wed Mar 29 17:13:07 BST 2023
Michael Tokarev pushed to branch debian_4.16 at Debian Samba Team / samba
Commits:
7e187769 by Michael Tokarev at 2023-03-29T19:11:59+03:00
update changelog; upload version 4.16.10+dfsg-1 to unstable
- - - - -
1 changed file:
- debian/changelog
Changes:
=====================================
debian/changelog
=====================================
@@ -1,3 +1,21 @@
+samba (2:4.16.10+dfsg-1) unstable; urgency=high
+
+ * upstream stable/security/bugfix release, fixing the following issues:
+ o CVE-2023-0922: The Samba AD DC administration tool, when operating
+ against a remote LDAP server, will by default send new or reset
+ passwords over a signed-only connection.
+ https://www.samba.org/samba/security/CVE-2023-0922.html
+ o CVE-2023-0614: Fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919
+ Confidential attribute disclosure via LDAP filters was insufficient and
+ an attacker may be able to obtain confidential BitLocker recovery keys
+ from a Samba AD DC. Installations with such secrets in their Samba AD
+ should assume they have been obtained and need replacing.
+ https://www.samba.org/samba/security/CVE-2023-0614.html
+ Closes: CVE-2023-0922 CVE-2023-0614
+ * update libldb symbols and versions
+
+ -- Michael Tokarev <mjt at tls.msk.ru> Wed, 29 Mar 2023 17:59:17 +0300
+
samba (2:4.16.9+dfsg-1) unstable; urgency=medium
* new upstream stable/security release, with the following changes:
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/commit/7e187769d4cbeeb64ee0e76a50aeb4ae81d6ef6b
--
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/commit/7e187769d4cbeeb64ee0e76a50aeb4ae81d6ef6b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-samba-maint/attachments/20230329/952dfc84/attachment-0001.htm>
More information about the Pkg-samba-maint
mailing list