Пакет samba-common: Информация
Default inline alert: Версия в репозитории: 4.19.6-alt1
Бинарный пакет: samba-common
Версия: 4.17.12-alt3
Архитектура: noarch
Собран: 6 декабря 2023 г. 22:26 в задании #332201
Исходный пакет: samba
Категория: Система/Серверы
Сообщить об ошибке в пакетеЗагрузка: samba-common-4.17.12-alt3.noarch.rpm
Домашняя страница: http://www.samba.org/
О пакете: Files used by both Samba servers
Описание:
samba-common provides files necessary for both the server packages of Samba.
Сопровождающий: Evgeny Sinelnikov
Список участников:
Evgeny Sinelnikov
Michael Shigorin
Ivan A. Melnikov
Grigory Ustinov
Alexey Shabalin
Alexey Sheplyakov
Andrey Cherepanov
Igor Vlasenko
Vitaly Kuznetsov
Evgeny Sinelnikov
Michael Shigorin
Ivan A. Melnikov
Grigory Ustinov
Alexey Shabalin
Alexey Sheplyakov
Andrey Cherepanov
Igor Vlasenko
Vitaly Kuznetsov
Последнее изменение
5 декабря 2023 г. Evgeny Sinelnikov 4.17.12-alt3
- Security update of Samba 4.17 with fixes of the Samba CVE for Deleted Object tombstones visible in AD LDAP to normal users (CVE-2018-14628). - Security fixes: + CVE-2018-14628: Wrong ntSecurityDescriptor values for "CN=Deleted Objects" allow read of object tombstones over LDAP (Administrator action required!) https://www.samba.org/samba/security/CVE-2018-14628.html
22 октября 2023 г. Evgeny Sinelnikov 4.17.12-alt2
- Revert services type from forking to notify.
17 октября 2023 г. Evgeny Sinelnikov 4.17.12-alt1
- Update to security release of Samba 4.17 - Security fixes (Samba#15422, Samba#15424, Samba#15439, Samba#15473, Samba#15474): + CVE-2023-3961: Unsanitized pipe names allow SMB clients to connect as root to existing unix domain sockets on the file system. https://www.samba.org/samba/security/CVE-2023-3961.html + CVE-2023-4091: SMB client can truncate files to 0 bytes by opening files with OVERWRITE disposition when using the acl_xattr Samba VFS module with the smb.conf setting "acl_xattr:ignore system acls = yes" https://www.samba.org/samba/security/CVE-2023-4091.html + CVE-2023-4154: An RODC and a user with the GET_CHANGES right can view all attributes, including secrets and passwords. Additionally, the access check fails open on error conditions. https://www.samba.org/samba/security/CVE-2023-4154.html + CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the server block for a user-defined amount of time, denying service. https://www.samba.org/samba/security/CVE-2023-42669.html + CVE-2023-42670: Samba can be made to start multiple incompatible RPC listeners, disrupting service on the AD DC. https://www.samba.org/samba/security/CVE-2023-42670.html