[ubuntu/trusty-updates] samba 2:4.3.11+dfsg-0ubuntu0.14.04.19 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Tue Nov 27 13:28:19 UTC 2018
samba (2:4.3.11+dfsg-0ubuntu0.14.04.19) trusty-security; urgency=medium
* SECURITY UPDATE: Unprivileged adding of CNAME record causing loop in AD
Internal DNS server
- debian/patches/CVE-2018-14629.patch: add CNAME loop prevention using
counter in source4/dns_server/dns_query.c.
- CVE-2018-14629
* SECURITY UPDATE: Double-free in Samba AD DC KDC with PKINIT
- debian/patches/CVE-2018-16841.patch: fix segfault on PKINIT with
mis-matching principal in source4/kdc/db-glue.c.
- CVE-2018-16841
* SECURITY UPDATE: NULL pointer de-reference in Samba AD DC LDAP server
- debian/patches/CVE-2018-16851.patch: check ret before manipulating
blob in source4/ldap_server/ldap_server.c.
- CVE-2018-16851
samba (2:4.3.11+dfsg-0ubuntu0.14.04.18) trusty; urgency=medium
* d/samba.nmbd.init, d/samba.samba-ad-dc.init, d/samba.smbd.init,
d/winbind.init avoid issues due to init scripts misdetecting
services (LP: #1792400)
- use --pidfile on --start to not block on same binaries running in
containers
- use --exec on --stop to not cause unintended processes to be acted on,
if the old process terminated without being able to remove the pid-file.
Date: 2018-11-19 14:17:13.394016+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.14.04.19
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list