Download
| Alert*
|
oval:org.secpod.oval:def:89002858
libsmbldap0 is installed oval:org.secpod.oval:def:89044733 This update for samba fixes the following issues: Security issues fixed: - CVE-2017-2619: Symlink race permits opening files outside share directory . Bugfixes: - Force usage of ncurses6-config thru NCURSES_CONFIG env var . - Add missing ldb module directory . - Don"t package man pages for VFS modul ... oval:org.secpod.oval:def:89044215 This update for samba fixes the following issues: - CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids . - Adjust smbcacls "--propagate-inheritance" feature to align with upstream . oval:org.secpod.oval:def:89044622 This update for samba fixes the following issues: Security issues fixed: - CVE-2017-14746: Use-after-free vulnerability . - CVE-2017-15275: Server heap memory information leak . Bug fixes: - Update "winbind expand groups" doc in smb.conf man page . oval:org.secpod.oval:def:89044302 This update for samba fixes the following issues: - CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids . - Avoid free"ing our own pointer in memcache when memcache_trim attempts to reduce cache size . - Adjust smbcacls "--propagate-inheritance" feature to align with upstream . oval:org.secpod.oval:def:89003023 This update for samba fixes the following issues: - CVE-2020-10745: Fixed an issue which parsing and packing of NBT and DNS packets containing dots could potentially have consumed excessive CPU . oval:org.secpod.oval:def:89003002 This update for samba fixes the following issues: - CVE-2020-10745: Fixed an issue which parsing and packing of NBT and DNS packets containing dots could potentially have consumed excessive CPU . oval:org.secpod.oval:def:89044748 This update for samba fixes several issues. These security issues were fixed: - CVE-2017-12163: Prevent client short SMB1 write from writing server memory to file, leaking information from the server to the client - CVE-2017-12150: Always enforce smb signing when it is configured - CVE-2017-12151: ... oval:org.secpod.oval:def:89002996 This update for samba fixes the following issues: - CVE-2019-14907: Fixed a Server-side crash after charset conversion failure during NTLMSSP processing . oval:org.secpod.oval:def:89048152 This update for samba fixes the following issues: - CVE-2021-20251: Fixed an issue where the bad password count would not be properly incremented, which could allow attackers to brute force a user"s password . - CVE-2022-38023: Disabled weak ciphers by default in the Netlogon Secure channel . - CVE- ... oval:org.secpod.oval:def:89044942 This update for samba fixes the following issue: - An unprivileged user with access to the samba server could cause smbd to load a specially crafted shared library, which then had the ability to execute arbitrary code on the server as "root". [CVE-2017-7494, bso#12780, bsc#1038231] oval:org.secpod.oval:def:89045776 This update for samba fixes the following issues: - CVE-2016-2124: Fixed not to fallback to non spnego authentication if we require kerberos . - CVE-2020-25717: Fixed privilege escalation inside an AD Domain where a user could become root on domain members . oval:org.secpod.oval:def:89045791 This update for samba fixes the following issues: - CVE-2016-2124: Fixed not to fallback to non spnego authentication if we require kerberos . - CVE-2020-25717: Fixed privilege escalation inside an AD Domain where a user could become root on domain members . oval:org.secpod.oval:def:89044999 This update provides Samba 4.6.7, which fixes the following issues: - CVE-2017-11103: Metadata were being taken from the unauthenticated plaintext rather than the authenticated and encrypted KDC response. - Fix cephwrap_chdir. - Fix ctdb logs to /var/log/log.ctdb instead of /var/log/ctdb. - Fix ... oval:org.secpod.oval:def:89045288 This update for samba fixes the following issues: Security issues fixed: - CVE-2016-2125: Don"t send delegated credentials to all servers. - CVE-2016-2126: Denial of service due to a client triggered crash in the winbindd parent process. - CVE-2016-2123: Heap-based Buffer Overflow Remote Code Execut ... oval:org.secpod.oval:def:89049127 This update for samba fixes the following issues: * CVE-2022-2127: Fixed issue where lm_resp_len was not checked properly in winbindd_pam_auth_crap_send . Bugfixes: * Fixed trust relationship failure . oval:org.secpod.oval:def:89048151 This update for samba fixes the following issues: - CVE-2021-20251: Fixed an issue where the bad password count would not be properly incremented, which could allow attackers to brute force a user"s password . - CVE-2022-38023: Disabled weak ciphers by default in the Netlogon Secure channel . - CVE- ... oval:org.secpod.oval:def:89002966 This update for samba fixes the following issues: - CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records . - CVE-2020-14323: Unprivileged user can crash winbind . - CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify . oval:org.secpod.oval:def:89002934 This update for samba fixes the following issues: - CVE-2020-14323: Unprivileged user can crash winbind . - CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify . oval:org.secpod.oval:def:89002994 This update for samba fixes the following issues: - ZeroLogon: An elevation of privilege was possible with some configurations when an attacker established a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol . - Fixed an issue where multiple ho ... oval:org.secpod.oval:def:89002853 This update for samba fixes the following issues: - ZeroLogon: An elevation of privilege was possible with some configurations when an attacker established a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol . |
