[ubuntu/saucy-security] samba 2:3.6.18-1ubuntu3.1 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Wed Dec 11 13:00:51 UTC 2013


samba (2:3.6.18-1ubuntu3.1) saucy-security; urgency=low

  * SECURITY UPDATE: file restrictions bypass via alternate data streams
    - debian/patches/CVE-2013-4475.patch: properly check base file access
      in source3/smbd/open.c.
    - CVE-2013-4475
  * SECURITY UPDATE: pam_winbind access restriction bypass via invalid
    group names
    - debian/patches/CVE-2012-6150.patch: ensure valid groups in
      nsswitch/pam_winbind.c.
    - CVE-2012-6150
  * SECURITY UPDATE: arbitrary code execution via incorrect DCE-RPC
    fragment length field checking
    - debian/patches/CVE-2013-4408.patch: apply massive upstream fix to
      lib/async_req/async_sock.c, libcli/util/tstream.c,
      librpc/idl/dcerpc.idl, librpc/rpc/dcerpc_util.c,
      librpc/rpc/rpc_common.h, nsswitch/libwbclient/wbc_sid.c,
      nsswitch/wbinfo.c, source3/lib/netapi/{group,localgroup,user}.c,
      source3/lib/util_tsock.c, source3/libnet/libnet_join.c,
      source3/librpc/rpc/dcerpc_helpers.c,
      source3/rpc_client/{cli_lsarpc,cli_pipe}.c,
      source3/rpc_server/netlogon/srv_netlog_nt.c,
      source3/rpcclient/{cmd_lsarpc,cmd_samr}.c, source3/smbd/lanman.c,
      source3/utils/net_rpc.c, source3/utils/net_rpc_join.c,
      source3/winbindd/{wb_lookupsids,winbindd_msrpc,winbindd_rpc}.c,
      source4/libcli/util/clilsa.c, source4/libnet/{groupinfo,groupman,
      libnet_join,libnet_lookup,libnet_passwd,userinfo,userman}.c,
      source4/librpc/rpc/{dcerpc,dcerpc_smb,dcerpc_smb2,dcerpc_sock}.c,
      source4/winbind/wb_async_helpers.c.
    - CVE-2013-4408

Date: 2013-12-09 18:26:13.934817+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/saucy/+source/samba/2:3.6.18-1ubuntu3.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Saucy-changes mailing list