[ubuntu/precise-updates] samba 2:3.6.3-2ubuntu2.13 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Tue Jan 5 19:28:28 UTC 2016
samba (2:3.6.3-2ubuntu2.13) precise-security; urgency=medium
* SECURITY UPDATE: file-access restrictions bypass via symlink
- debian/patches/CVE-2015-5252.patch: validate matching component in
source3/smbd/vfs.c.
- CVE-2015-5252
* SECURITY UPDATE: man-in-the-middle attack via encrypted-to-unencrypted
downgrade
- debian/patches/CVE-2015-5296.patch: force signing in
source3/libsmb/clidfs.c, source3/libsmb/libsmb_server.c.
- CVE-2015-5296
* SECURITY UPDATE: snapshot access via shadow copy directory
- debian/patches/CVE-2015-5299.patch: fix missing access checks in
source3/modules/vfs_shadow_copy2.c.
- CVE-2015-5299
* SECURITY UPDATE: information leak via incorrect string length handling
- debian/patches/CVE-2015-5330.patch: fix string length handling in
lib/util/charset/charset.h, lib/util/charset/codepoints.c,
lib/util/charset/util_unistr.c, source3/lib/util_str.c.
- CVE-2015-5330
Date: 2016-01-04 20:53:13.881345+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/samba/2:3.6.3-2ubuntu2.13
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list