[ubuntu/wily-security] samba 2:4.1.17+dfsg-4ubuntu3.3 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Mar 8 13:40:15 UTC 2016
samba (2:4.1.17+dfsg-4ubuntu3.3) wily-security; urgency=medium
* SECURITY UPDATE: incorrect ACL get/set allowed on symlink path
- debian/patches/CVE-2015-7560-pre1.patch: add vfs_stat_smb_basename()
to source3/smbd/proto.h, source3/smbd/vfs.c.
- debian/patches/CVE-2015-7560.patch: properly handle symlinks in
source3/client/client.c, source3/libsmb/clifile.c,
source3/libsmb/proto.h, source3/smbd/nttrans.c,
source3/smbd/trans2.c, added tests to selftest/knownfail,
source3/selftest/tests.py, source3/torture/torture.c.
- CVE-2015-7560
* SECURITY UPDATE: out-of-bounds read in internal DNS server
- debian/patches/CVE-2016-0771.patch: fix dns handling in
librpc/idl/dns.idl, librpc/idl/dnsp.idl, librpc/idl/dnsserver.idl,
librpc/ndr/ndr_dns.c, librpc/ndr/ndr_dnsp.c, librpc/ndr/ndr_dnsp.h,
librpc/wscript_build, source4/dns_server/dns_query.c,
source4/dns_server/dns_update.c, source4/librpc/wscript_build,
added tests to python/samba/tests/dns.py,
python/samba/tests/get_opt.py, selftest/tests.py,
source4/selftest/tests.py.
- CVE-2016-0771
Date: 2016-03-03 16:03:13.300943+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/samba/2:4.1.17+dfsg-4ubuntu3.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Wily-changes
mailing list