[ubuntu/bionic-security] samba 2:4.7.6+dfsg~ubuntu-0ubuntu2.21 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Mon Nov 2 13:47:20 UTC 2020
samba (2:4.7.6+dfsg~ubuntu-0ubuntu2.21) bionic-security; urgency=medium
* SECURITY UPDATE: Missing handle permissions check in ChangeNotify
- debian/patches/CVE-2020-14318-*.patch: ensure change notifies can't
get set unless the directory handle is open for SEC_DIR_LIST in
source4/torture/smb2/notify.c, source3/smbd/notify.c.
- CVE-2020-14318
* SECURITY UPDATE: Unprivileged user can crash winbind
- debian/patches/CVE-2020-14323-*.patch: fix invalid lookupsids DoS in
source3/winbindd/winbindd_lookupsids.c,
source4/torture/winbind/struct_based.c.
- CVE-2020-14323
* SECURITY UPDATE: DNS server crash via invalid records
- debian/patches/CVE-2020-14383-*.patch: ensure variable initialization
with NULL and do not crash when additional data not found in
source4/rpc_server/dnsserver/dcerpc_dnsserver.c.
- CVE-2020-14383
Date: 2020-10-28 11:52:28.811766+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/samba/2:4.7.6+dfsg~ubuntu-0ubuntu2.21
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list