[ubuntu/precise-security] samba 2:3.6.25-0ubuntu0.12.04.2 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Mon Apr 18 11:51:58 UTC 2016 

samba (2:3.6.25-0ubuntu0.12.04.2) precise-security; urgency=medium

  * SECURITY UPDATE: fix multiple security issues
    - debian/patches/CVE-preparation-v3-6.patch: code changes required
      for security patches.
    - debian/patches/CVE-2016-2110-v3-6.patch: Man in the middle attacks
      possible with NTLMSSP.
    - debian/patches/CVE-2016-2111-v3-6.patch: NETLOGON Spoofing
      Vulnerability.
    - debian/patches/CVE-2016-2112-v3-6.patch: The LDAP client and server
      don't enforce integrity protection.
    - debian/patches/CVE-2016-2115-v3-6.patch: SMB client connections for
      IPC traffic are not integrity protected.
    - debian/patches/CVE-2016-2118-v3-6.patch: SAMR and LSA man in the
      middle attacks possible.
    - debian/patches/CVE-2015-5370-v3-6.patch: Multiple errors in DCE-RPC
      code
    - Thanks to Andreas Schneider, Ralph Böhme, Stefan Metzmacher,
      Günther Deschner and Aurélien Aptel for the patch backports to
      Samba 3.6!
  * Updated to upstream 3.6.25
    - Removed upstreamed patches: initialize_password_db-null-deref,
      fix-samba.ldip-syntax.patch, CVE-2012-1182-1.patch,
      CVE-2012-1182-2.patch, CVE-2012-2111.patch,
      lp_970679_fix-large-groups.patch,
      net-rpc-share-allowedusers-with-2008r2.patch,
      lp_967410_fix-cups-printer-not-added-to-registry.patch,
      lp_1016895_setgroups_3.5.patch, winbind-kerberos-refresh.patch,
      CVE-2013-0454.patch,
      lp_1003296_fix-login-with-expiring-user-passwords.patch,
      CVE-2013-4124.patch, CVE-2013-4475.patch, CVE-2012-6150.patch,
      CVE-2013-4408.patch, CVE-2013-4496.patch, CVE-2014-0244.patch,
      CVE-2014-3493.patch, CVE-2015-0240.patch,
      security-CVE-2013-0213.patch, security-CVE-2013-0214.patch.
    - debian/rules: don't build external libtevent
    - debian/rules: add idl_full to dh_auto_build

Date: 2016-04-12 12:09:12.653017+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/samba/2:3.6.25-0ubuntu0.12.04.2
-------------- next part --------------
Sorry, changesfile not available.

More information about the Precise-changes mailing list