Пакет samba-common-tools: Информация

  • Default inline alert: Версия в репозитории: 4.19.6-alt1

Бинарный пакет: samba-common-tools
Версия: 4.16.9-alt1
Архитектура: x86_64
Собран:  2 марта 2023 г. 3:43 в задании #315490
Исходный пакет: samba
Категория: Система/Серверы
Сообщить об ошибке в пакете
Gear: https://git.altlinux.org/gears/s/samba.git?a=tree;hb=ea88a1f2dfc…
Загрузка: samba-common-tools-4.16.9-alt1.x86_64.rpm
Лог сборки: https://git.altlinux.org/tasks/315490/build/100/x86_64/log
Домашняя страница: http://www.samba.org/
Лицензия: GPLv3+ and LGPLv3+
О пакете: Tools for Samba servers and clients
Описание: 
The samba-common-tools package contains tools for Samba servers and
SMB/CIFS clients.
Сопровождающий: Evgeny Sinelnikov
Список участников:
Evgeny Sinelnikov
Ivan A. Melnikov
Michael Shigorin
Grigory Ustinov
Alexey Shabalin
Alexey Sheplyakov
Andrey Cherepanov
Igor Vlasenko
Vitaly Kuznetsov

Последнее изменение

20 февраля 2023 г. Evgeny Sinelnikov 4.16.9-alt1
- Update to maintenance release of Samba 4.16
- Security fixes:
  + CVE-2022-38023: Samba should refuse RC4 (aka md5) based SChannel on
    NETLOGON (Samba#15240).
- Major fixes:
  + smbc_getxattr() return value is incorrect (Samba#14808).
  + samba-tool gpo listall fails IPv6 only - finddcs() fails to find DC when
    there is only an AAAA record for the DC in DNS (Samba#15226).
  + smbd crashes if an FSCTL request is done on a stream handle (Samba#15236).
  + auth3_generate_session_info_pac leaks wbcAuthUserInfo (Samba#15286).
  + Leak in wbcCtxPingDc2 (Samba#15164).
  + irpc_destructor may crash during shutdown (Samba#15280).
- Share enumeration (netshareenum) fixes:
  + %U for include directive doesn't work for share listing (Samba#15243).
  + Shares missing from netshareenum response in samba 4.17.4 (Samba#15266).
  + Access based share enum does not work in Samba 4.16+ (Samba#15265).
  + Crash during share enumeration (Samba#15267).
15 декабря 2022 г. Evgeny Sinelnikov 4.16.8-alt1
- Update to maintenance release of Samba 4.16 with fixes of the Samba CVE for
  the Windows Kerberos Elevation of Privilege Vulnerability disclosed by
  Microsoft on Nov 8 2022 (CVE-2022-37967, CVE-2022-37966).
- Security fixes:
  + CVE-2022-37966: A Samba Active Directory DC will issue weak rc4-hmac
                    session keys for use between modern clients and servers
                    despite all modern Kerberos implementations supporting
                    the aes256-cts-hmac-sha1-96 cipher.
                    On Samba Active Directory DCs and members
                    'kerberos encryption types = legacy' would force
                    rc4-hmac as a client even if the server supports
                    aes128-cts-hmac-sha1-96 and/or aes256-cts-hmac-sha1-96
                    (Samba#13135, Samba#15219, Samba#15237).
                     https://www.samba.org/samba/security/CVE-2022-37966.html

  + CVE-2022-37967: A service account with the special constrained
                    delegation permission could forge a more powerful
                    ticket than the one it was presented with (Samba#15231).
                     https://www.samba.org/samba/security/CVE-2022-37967.html

  + CVE-2022-38023: The "RC4" protection of the NetLogon Secure channel uses the
                    same algorithms as rc4-hmac cryptography in Kerberos,
                    and so must also be assumed to be weak (Samba#15240).
                     https://www.samba.org/samba/security/CVE-2022-38023.html
12 декабря 2022 г. Evgeny Sinelnikov 4.16.7-alt5
- Update text of summary for role-usershares and smb-conf-usershares.
- Update default usershare prefix allow and deny lists:
  + usershare prefix deny list = /etc /dev /sys /proc
  + usershare prefix allow list = /home /srv /mnt /media /var
- Add new controls for samba-usershares:
  + smb-conf-usershare-allow-list
  + smb-conf-usershare-deny-list
  + smb-conf-usershare-owner-only
  + smb-conf-usershare-allow-guests
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Версия: v24.5.0
Наверх