[ubuntu/zesty-proposed] samba 2:4.4.5+dfsg-2ubuntu7 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Fri Jan 20 19:00:18 UTC 2017 

samba (2:4.4.5+dfsg-2ubuntu7) zesty; urgency=medium

  * SECURITY UPDATE: remote code execution via heap overflow in NDR parsing
    - debian/patches/CVE-2016-2123.patch: check lengths in
      librpc/ndr/ndr_dnsp.c.
    - CVE-2016-2123
  * SECURITY UPDATE: unconditional privilege delegation to Kerberos servers
    - debian/patches/CVE-2016-2125.patch: don't use GSS_C_DELEG_FLAG in
      source4/scripting/bin/nsupdate-gss, source3/librpc/crypto/gse.c,
      source4/auth/gensec/gensec_gssapi.c.
    - CVE-2016-2125
  * SECURITY UPDATE: privilege elevation in Kerberos PAC validation
    - debian/patches/CVE-2016-2126.patch: only allow known checksum types
      in auth/kerberos/kerberos_pac.c.
    - CVE-2016-2126

Date: Fri, 20 Jan 2017 12:32:25 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/samba/2:4.4.5+dfsg-2ubuntu7
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 20 Jan 2017 12:32:25 -0500
Source: samba
Binary: samba samba-libs samba-common samba-common-bin smbclient samba-testsuite registry-tools libparse-pidl-perl samba-dev python-samba samba-dsdb-modules samba-vfs-modules libsmbclient libsmbclient-dev winbind libpam-winbind libnss-winbind samba-dbg libwbclient0 libwbclient-dev ctdb
Architecture: source
Version: 2:4.4.5+dfsg-2ubuntu7
Distribution: zesty
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 ctdb       - clustered database to store temporary data
 libnss-winbind - Samba nameservice integration plugins
 libpam-winbind - Windows domain authentication integration plugin
 libparse-pidl-perl - IDL compiler written in Perl
 libsmbclient - shared library for communication with SMB/CIFS servers
 libsmbclient-dev - development files for libsmbclient
 libwbclient-dev - Samba winbind client library - development files
 libwbclient0 - Samba winbind client library
 python-samba - Python bindings for Samba
 registry-tools - tools for viewing and manipulating the Windows registry
 samba      - SMB/CIFS file, print, and login server for Unix
 samba-common - common files used by both the Samba server and client
 samba-common-bin - Samba common files used by both the server and the client
 samba-dbg  - Samba debugging symbols
 samba-dev  - tools for extending Samba
 samba-dsdb-modules - Samba Directory Services Database
 samba-libs - Samba core libraries
 samba-testsuite - test suite from Samba
 samba-vfs-modules - Samba Virtual FileSystem plugins
 smbclient  - command-line SMB/CIFS clients for Unix
 winbind    - service to resolve user and group information from Windows NT ser
Changes:
 samba (2:4.4.5+dfsg-2ubuntu7) zesty; urgency=medium
 .
   * SECURITY UPDATE: remote code execution via heap overflow in NDR parsing
     - debian/patches/CVE-2016-2123.patch: check lengths in
       librpc/ndr/ndr_dnsp.c.
     - CVE-2016-2123
   * SECURITY UPDATE: unconditional privilege delegation to Kerberos servers
     - debian/patches/CVE-2016-2125.patch: don't use GSS_C_DELEG_FLAG in
       source4/scripting/bin/nsupdate-gss, source3/librpc/crypto/gse.c,
       source4/auth/gensec/gensec_gssapi.c.
     - CVE-2016-2125
   * SECURITY UPDATE: privilege elevation in Kerberos PAC validation
     - debian/patches/CVE-2016-2126.patch: only allow known checksum types
       in auth/kerberos/kerberos_pac.c.
     - CVE-2016-2126
Checksums-Sha1:
 a8f63c5c7b58c854eebb03bc84c1ecd5c33b9386 4095 samba_4.4.5+dfsg-2ubuntu7.dsc
 d817649c5a12713d71c010d5ecbb2784d763f2e5 237476 samba_4.4.5+dfsg-2ubuntu7.debian.tar.xz
Checksums-Sha256:
 d99e9c7613c22a6c0c0a08c1d26ce4fbcb0dd9410630114e09856878a29d72db 4095 samba_4.4.5+dfsg-2ubuntu7.dsc
 b4dd0ced75ed68ac8c94ab09ebd6f94359866b56226e5e3349762167309ef510 237476 samba_4.4.5+dfsg-2ubuntu7.debian.tar.xz
Files:
 a1075cbba5eca8754894743900c74765 4095 net optional samba_4.4.5+dfsg-2ubuntu7.dsc
 4e83395dc896ee4cc17f830470d3c791 237476 net optional samba_4.4.5+dfsg-2ubuntu7.debian.tar.xz
Original-Maintainer: Debian Samba Maintainers <pkg-samba-maint at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJYglzdAAoJEGVp2FWnRL6TXrUP/3ii2Pmp8KJeB0hJOIkDAoro
S3tvqEOH1UWKLJ0GevXKKC5BPFO8cqMxMl0s0XSWH2hERhIqPYbZcJODi1qy9MZF
0V4w2kmTkmPGdVuQAMiK8GEnAytaNCg3ltb2XCtKRPib4OJyvdC/JsE43XZ4mAbB
gNxzxRVzv6Qwm2BMEFSWZR7M7pSU7UCbTiLY95XrSH/QiFbEpcwFjQ9zdyh37uAK
JXqnGI+A45E/jDs7oI5ydCbJ/GGZGcysB8k6RBSArPn775w6YM/6FaSRqT7GoOjp
5ZWLMAfg40mJ9eXyrMpO85Vkx+zM52VXBdPTe2ZLDSeRoZrLv9ceI8/JSZ1V3JpY
Dw+9P6UasvCnUKBNvPBu9WJyrfdBMXbWIuPIRFAnlfRP0wFsVpXxJnY1ijMssEvs
WgpZ7ALlZDcUSwkJVrITPqIjB2P2rqJVGyEf4iGJ3DIJQWQqjFSfAFyeBgSEvlcg
dqolpVcqT3IWKlC4Mcc2RZTX/mDDr0bc3S1RHrBlJn6xex/UUogvdVm+L9Pghu+O
kE2lbWwEr8m8XZDra7xqzQGjci37vZLVGsOa6oz+/SJg/EUT4d74X8+RK0J6KgQV
8gwJLMQ5QLahQE8kPCr5DO1bE+DMOSkxMyAZJ6CGvY7zg1TFyEoQAlGOOv2kyi2j
PqiND085sGGyVNAeQa1m
=tP6m
-----END PGP SIGNATURE-----

More information about the Zesty-changes mailing list