[ubuntu/bionic-security] samba 2:4.7.6+dfsg~ubuntu-0ubuntu2.28 (Accepted)

[Marc Deslauriers]

samba (2:4.7.6+dfsg~ubuntu-0ubuntu2.28) bionic-security; urgency=medium

  * SECURITY UPDATE: code exec via out-of-bounds read/write in vfs_fruit
    - debian/patches/CVE-2021-44142-1.patch: add defines for icon lengths
      in source3/modules/vfs_fruit.c.
    - debian/patches/CVE-2021-44142-2.patch: add Netatalk xattr used by
      vfs_fruit to the list of private Samba xattrs in
      source3/smbd/trans2.c.
    - debian/patches/CVE-2021-44142-3.patch: harden ad_unpack_xattrs() in
      source3/modules/vfs_fruit.c.
    - debian/patches/CVE-2021-44142-4.patch: tweak buffer size check in
      source3/modules/vfs_fruit.c.
    - debian/patches/CVE-2021-44142-5.patch: add basic cmocka tests in
      selftest/knownfail.d/samba.unittests.adouble, selftest/tests.py,
      source3/lib/test_adouble.c, source3/wscript_build.
    - debian/patches/CVE-2021-44142-6.patch: harden parsing code in
      source3/modules/vfs_fruit.c.
    - CVE-2021-44142

Date: 2022-01-25 18:58:09.615401+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/samba/2:4.7.6+dfsg~ubuntu-0ubuntu2.28
-------------- next part --------------
Sorry, changesfile not available.