Debian
samba package

samba 2:4.18.1+dfsg-1~exp1 source package in Debian

Changelog

samba (2:4.18.1+dfsg-1~exp1) experimental; urgency=high

  * upstream stable/security/bugfix release, fixing the following issues:
    o CVE-2023-0225: An incomplete access check on dnsHostName allows
      authenticated but otherwise unprivileged users to delete this
      attribute from any object in the directory.
      https://www.samba.org/samba/security/CVE-2023-0225.html
    o CVE-2023-0922: The Samba AD DC administration tool, when operating
      against a remote LDAP server, will by default send new or reset
      passwords over a signed-only connection.
      https://www.samba.org/samba/security/CVE-2023-0922.html
    o CVE-2023-0614: Fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919
      Confidential attribute disclosure via LDAP filters was insufficient and
      an attacker may be able to obtain confidential BitLocker recovery keys
      from a Samba AD DC.  Installations with such secrets in their Samba AD
      should assume they have been obtained and need replacing.
      https://www.samba.org/samba/security/CVE-2023-0614.html
    Closes: CVE-2023-0225 CVE-2023-0922 CVE-2023-0614
  * update libldb symbols and versions

 -- Michael Tokarev <email address hidden>  Wed, 29 Mar 2023 17:59:17 +0300

Upload details

Uploaded by:
Debian Samba Maintainers
Uploaded to:
Experimental
Original maintainer:
Debian Samba Maintainers
Architectures:
any all
Section:
net
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
samba_4.18.1+dfsg-1~exp1.dsc 4.3 KiB 5cbd70153db1a498eeae609bb305fe4f6314c8e9f0aa1f295aa4de313efbf744
samba_4.18.1+dfsg.orig.tar.xz 23.5 MiB cc856d6f07a1bbe428994b429a1ff9e5beebfd4f6717481084e3b19b79f4fd5e
samba_4.18.1+dfsg-1~exp1.debian.tar.xz 263.3 KiB 239b15e9e46ae1f6d326f3da2a266cc26fa71cb32614ca8d02e8fa00a0c5375d

No changes file available.

Binary packages built by this source