Пакет samba-common-client: Информация
Бинарный пакет: samba-common-client
Версия: 4.17.10-alt1
Архитектура: noarch
Собран: 25 июля 2023 г. 11:54
Исходный пакет: samba
Категория: Система/Настройка/Прочее
Сообщить об ошибке в пакетеДомашняя страница: http://www.samba.org/
О пакете: Files used by both Samba clients
Описание:
samba-common provides files necessary for both the client packages of Samba.
Сопровождающий: Evgeny Sinelnikov
Список участников:
Evgeny Sinelnikov
Michael Shigorin
Ivan A. Melnikov
Grigory Ustinov
Alexey Shabalin
Alexey Sheplyakov
Andrey Cherepanov
Igor Vlasenko
Vitaly Kuznetsov
Evgeny Sinelnikov
Michael Shigorin
Ivan A. Melnikov
Grigory Ustinov
Alexey Shabalin
Alexey Sheplyakov
Andrey Cherepanov
Igor Vlasenko
Vitaly Kuznetsov
Последнее изменение
23 июля 2023 г. Evgeny Sinelnikov 4.17.10-alt1
- Update to maintenance release of Samba 4.17: + Secure channel faulty since Windows 10/11 update 07/2023 (KB5028166). - Security fixes (Samba#15418): + CVE-2022-2127: When winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in winbind and possibly crash it. https://www.samba.org/samba/security/CVE-2022-2127.html + CVE-2023-3347: SMB2 packet signing is not enforced if an admin configured "server signing = required" or for SMB2 connections to Domain Controllers where SMB2 packet signing is mandatory. https://www.samba.org/samba/security/CVE-2023-3347.html + CVE-2023-34966: An infinite loop bug in Samba's mdssvc RPC service for Spotlight can be triggered by an unauthenticated attacker by issuing a malformed RPC request. https://www.samba.org/samba/security/CVE-2023-34966.html + CVE-2023-34967: Missing type validation in Samba's mdssvc RPC service for Spotlight can be used by an unauthenticated attacker to trigger a process crash in a shared RPC mdssvc worker process. https://www.samba.org/samba/security/CVE-2023-34967.html + CVE-2023-34968: As part of the Spotlight protocol Samba discloses the server- side absolute path of shares and files and directories in search results. https://www.samba.org/samba/security/CVE-2023-34968.html
10 июля 2023 г. Evgeny Sinelnikov 4.17.9-alt1
- Update to maintenance release of Samba 4.17: + smbd_scavenger crashes when service smbd is stopped (Samba#15275). + vfs_fruit might cause a failing open for delete (Samba#15378). + named crashes on DLZ zone update (Samba#14030). + winbind recurses into itself via rpcd_lsad (Samba#15361). + cli_list loops 100% CPU against pre-lanman2 servers (Samba#15382). + smbclient leaks fds with showacls (Samba#15391). + aes256 smb3 encryption algorithms are not allowed in smb3_sid_parse() (Samba#15374). + winbindd gets stuck on NT_STATUS_RPC_SEC_PKG_ERROR (Samba#15413). + smbget memory leak if failed to download files recursively (Samba#15403). - Add check with admx-lint for group policy templates validation.
21 мая 2023 г. Evgeny Sinelnikov 4.17.8-alt1
- Update to maintenance release of Samba 4.17: + log flood: smbd_calculate_access_mask_fsp: Access denied: message level should be lower (Samba#15302). + Floating point exception (FPE) via cli_pull_send at source3/libsmb/clireadwrite.c (Samba#15306). + Reduce flapping of ridalloc test (Samba#15329). + large_ldap test is unreliable (Samba#15351). + New filename parser doesn't check veto files smb.conf parameter (Samba#15143). + mdssvc may crash when initializing (Samba#15354). + Large directory optimization broken for non-lcomp path elements (Samba#15313). + streams_depot fails to create streams (Samba#15357). + shadow_copy2 and streams_depot don't play well together (Samba#15358). + wbinfo -u fails on ad dc with >1000 users (Samba#15366). + winbindd idmap child contacts the domain controller without a need (Samba#15317). + idmap_autorid may fail to map sids of trusted domains for the first time (Samba#15318). + idmap_hash doesn't use ID_TYPE_BOTH for reverse mappings (Samba#15319). + net ads search -P doesn't work against servers in other domains (Samba#15323). + DS ACEs might be inherited to unrelated object classes (Samba#15338). + Temporary smbXsrv_tcon_global.tdb can't be parsed (Samba#15353). + Setting veto files = /.*/ break listing directories (Samba#15360). + CVE-2020-25720 [SECURITY] Create Child permission should not allow full write to all attributes (additional changes) (Samba#14810). + Reduce flapping of ridalloc test (Samba#15329). + dsgetdcname: assumes local system uses IPv4 (Samba#15325).