[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1110-1] samba security update

Package        : samba
Version        : 2:3.6.6-6+deb7u14
CVE ID         : CVE-2017-12150 CVE-2017-12163


    Stefan Metzmacher discovered multiple code paths where SMB signing
    was not enforced.


    Yihan Lian and Zhibin Hu discovered that insufficient range checks
    in the processing of SMB1 write requests could result in disclosure
    of server memory.

For Debian 7 "Wheezy", these problems have been fixed in version

We recommend that you upgrade your samba packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Attachment: signature.asc
Description: PGP signature

Reply to: