Accepted samba 2:4.17.10+dfsg-0+deb12u1 (source) into proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 19 Jul 2023 17:55:58 +0300
Source: samba
Architecture: source
Version: 2:4.17.10+dfsg-0+deb12u1
Distribution: bookworm-security
Urgency: medium
Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Closes: 1041043
Changes:
samba (2:4.17.10+dfsg-0+deb12u1) bookworm-security; urgency=medium
.
* new upstream stable/security release 4.17.10, including:
o CVE-2022-2127: When winbind is used for NTLM authentication,
a maliciously crafted request can trigger an out-of-bounds read
in winbind and possibly crash it.
https://www.samba.org/samba/security/CVE-2022-2127.html
o CVE-2023-3347: SMB2 packet signing is not enforced if an admin
configured "server signing = required" or for SMB2 connections to
Domain Controllers where SMB2 packet signing is mandatory.
https://www.samba.org/samba/security/CVE-2023-3347.html
o CVE-2023-34966: An infinite loop bug in Samba's mdssvc RPC service
for Spotlight can be triggered by an unauthenticated attacker by
issuing a malformed RPC request.
https://www.samba.org/samba/security/CVE-2023-34966.html
o CVE-2023-34967: Missing type validation in Samba's mdssvc RPC service
for Spotlight can be used by an unauthenticated attacker to trigger
a process crash in a shared RPC mdssvc worker process.
https://www.samba.org/samba/security/CVE-2023-34967.html
o CVE-2023-34968: As part of the Spotlight protocol Samba discloses
the server-side absolute path of shares and files and directories
in search results.
https://www.samba.org/samba/security/CVE-2023-34968.html
o BUG 15418: Secure channel faulty since Windows 10/11 update 07/2023.
https://bugzilla.samba.org/show_bug.cgi?id=15418
(this has been patched in the previous upload; Closes: #1041043)
Checksums-Sha1:
0c4f92a3408fb816863a239df3c3cdda27089ae9 4454 samba_4.17.10+dfsg-0+deb12u1.dsc
d02a6567d4cab387d3d3107ba65dbc5bbf3c3cca 18206276 samba_4.17.10+dfsg.orig.tar.xz
01a5edeabcc2d20e764499693eb84e3cfaf41c64 271772 samba_4.17.10+dfsg-0+deb12u1.debian.tar.xz
a0ad79e8fead1344ef4fd4fc507b61f4fd17698e 6384 samba_4.17.10+dfsg-0+deb12u1_source.buildinfo
Checksums-Sha256:
e9490e4a8aee1d17c5e71a46809d89f2a5a0bdd1fe21893d86d28bf3652cb982 4454 samba_4.17.10+dfsg-0+deb12u1.dsc
79cdf385091b96aa53fac0cbd5946ba0f0f051ed323f71e69990a25019e1fc94 18206276 samba_4.17.10+dfsg.orig.tar.xz
ebcbac3e7a3045ac06a1d18f22b7f529aa502f377d30685df119aca954ac2f0a 271772 samba_4.17.10+dfsg-0+deb12u1.debian.tar.xz
b58a38f380a70f5c8803a2725e6470f2253837beba189256d192e0c55e2cf62e 6384 samba_4.17.10+dfsg-0+deb12u1_source.buildinfo
Files:
5c36bd1df04a72c068f1f6625d3bb6b1 4454 net optional samba_4.17.10+dfsg-0+deb12u1.dsc
e01fdb78ab4887d2001e1b3d0545a7de 18206276 net optional samba_4.17.10+dfsg.orig.tar.xz
8c4a830743ff198634f1981914984d8c 271772 net optional samba_4.17.10+dfsg-0+deb12u1.debian.tar.xz
45be04c34016238c434ccc9ee3f008f7 6384 net optional samba_4.17.10+dfsg-0+deb12u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQFDBAEBCgAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAmS3/ioPHG1qdEB0bHMu
bXNrLnJ1AAoJEHAbT2saaT5ZX84H/jd3fmepwqzUoQZLL//tX6SVvEm7XGdIgnPC
9aFwsIbH/kBFtGe2/tpAFN6UawwWqiXynKsbBe8rlpOgclDKmauUENVsZZVgIHZH
5ZkTguzO4D4dgi9OWqx+mAjdyWopHyVVIjXGvpF+6sI31eVlkeXRfwfYykl4pIK4
fXOVZbIdS83L/1RUzs6PZdzSCfIOmzCizA+F2X8K+/+d9z8EANk0BbNER92OS82C
Dr53Rz6JmwQRzSAiDRRwj/xucGXczDcTurE7pLazOntslfXC+Ty7XdLY9x79uH+t
toTWaRSErpzBezv1h/8+jkPJhfmEfKI20jITuSWt8T+ojSi5QF4=
=hXEQ
-----END PGP SIGNATURE-----
Reply to: