[ubuntu/trusty-security] samba 2:4.1.6+dfsg-1ubuntu2.14.04.13 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Tue Mar 8 13:40:15 UTC 2016


samba (2:4.1.6+dfsg-1ubuntu2.14.04.13) trusty-security; urgency=medium

  * SECURITY UPDATE: incorrect ACL get/set allowed on symlink path
    - debian/patches/CVE-2015-7560-pre1.patch: add vfs_stat_smb_basename()
      to source3/smbd/proto.h, source3/smbd/vfs.c.
    - debian/patches/CVE-2015-7560.patch: properly handle symlinks in
      source3/client/client.c, source3/libsmb/clifile.c,
      source3/libsmb/proto.h, source3/smbd/nttrans.c,
      source3/smbd/trans2.c, added tests to selftest/knownfail,
      source3/selftest/tests.py, source3/torture/torture.c.
    - CVE-2015-7560
  * SECURITY UPDATE: out-of-bounds read in internal DNS server
    - debian/patches/CVE-2016-0771.patch: fix dns handling in
      librpc/idl/dns.idl, librpc/idl/dnsp.idl, librpc/idl/dnsserver.idl,
      librpc/ndr/ndr_dns.c, librpc/ndr/ndr_dnsp.c, librpc/ndr/ndr_dnsp.h,
      librpc/wscript_build, source4/dns_server/dns_query.c,
      source4/dns_server/dns_update.c, source4/librpc/wscript_build,
      added tests to python/samba/tests/dns.py,
      python/samba/tests/get_opt.py, selftest/tests.py,
      source4/selftest/tests.py.
    - CVE-2016-0771

Date: 2016-03-03 17:49:14.180112+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/samba/2:4.1.6+dfsg-1ubuntu2.14.04.13
-------------- next part --------------
Sorry, changesfile not available.


More information about the Trusty-changes mailing list