[ubuntu/trusty-updates] samba 2:4.3.8+dfsg-0ubuntu0.14.04.2 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Apr 18 12:28:38 UTC 2016
samba (2:4.3.8+dfsg-0ubuntu0.14.04.2) trusty-security; urgency=medium
* SECURITY UPDATE: Updated to 4.3.8 to fix multiple security issues
- CVE-2015-5370: Multiple errors in DCE-RPC code
- CVE-2016-2110: Man in the middle attacks possible with NTLMSSP
- CVE-2016-2111: NETLOGON Spoofing Vulnerability
- CVE-2016-2112: The LDAP client and server don't enforce integrity
protection
- CVE-2016-2113: Missing TLS certificate validation allows man in the
middle attacks
- CVE-2016-2114: "server signing = mandatory" not enforced
- CVE-2016-2115: SMB client connections for IPC traffic are not
integrity protected
- CVE-2016-2118: SAMR and LSA man in the middle attacks possible
* Backported most packaging changes from (2:4.3.6+dfsg-1ubuntu1) in
Ubuntu 16.04 LTS, except for the following:
- Don't remove samba-doc package
- Don't remove libpam-smbpass package
- Don't remove libsmbsharemodes0 and libsmbsharemodes-dev packages
- Don't build with dh-systemd
- Don't build ctdb and cluster support
- Restore recommends for the separate libnss-winbind and libpam-winbind
- Use correct epoch for ldb
- Don't remove samba init script in postinst
* debian/patches/fix_pam_smbpass.patch: fix double free in pam_smbpass.
* debian/patches/winbind_trusted_domains.patch: make sure domain members
can talk to trusted domains DCs.
Date: 2016-04-12 12:17:14.143790+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/samba/2:4.3.8+dfsg-0ubuntu0.14.04.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list