Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5477-1] samba security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5477-1] samba security update


Chronologisch Thread  
    < Chronologisch >       < Thread >
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5477-1] samba security update
  • Date: Mon, 14 Aug 2023 18:38:41 +0000
  • Authentication-results: mail.piratenpartei.de; dkim=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
  • List-archive: https://lists.debian.org/msgid-search/ZNp0sVQi+j5KQ8SB AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=5u7XZ/ow7jbqBk7pHhm2UxQDrJeYpCOY9Waeq+vaVHU=; b=Nv mT5X83IJgLq/TmOtOPH5PF39T6z+2h72h2O45Xe/42tB+09PvwyRQzWG+J3byTlLA8tGWkCUfdpzi Y6l7cH90PeNs7qYH8r/piGkf/g1TWsvbVNJ3hYWAJySGnNDpBkzsdyzPccxESxUa2vzn6Kr7fSeBS wTAVC7nIr4n0Y6vjxKjsFB8IiZ0N0Ik8cAn24f5ruXbtel8l/S05VIRPKSP5Yc/ZI16/5KjYRFUB5 QHY7w3tfB1Pb55XrR/IVqrhPBZVRjQVkDDz6/5gnXs1FWRg19owxvsOBvwKc5tvd6QAszuLwgGRxW XAFCIBRfMR5L76F4VbVGL+y7+lNK93cw==;
  • Old-return-path: <jmm AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Mon, 14 Aug 2023 18:39:02 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <lH0mS18bK2.A.5PF.GTn2kB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5477-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
August 14, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : samba
CVE ID : CVE-2022-2127 CVE-2023-3347 CVE-2023-34966 CVE-2023-34967
CVE-2023-34968
Debian Bug : 1041043

Several vulnerabilities have been discovered in Samba, which could result
in information disclosure, denial of service or insufficient enforcement
of security-relevant config directives.

The version of Samba in the oldstable distribution (bullseye) cannot be
fully supported further: If you are using Samba as a domain controller
you should either upgrade to the stable distribution or if that's not
an immediate option consider to migrate to Samba from bullseye-backports
(which will be kept updated to the version in stable). Operating Samba
as a file/print server will continue to be supported, a separate DSA
will provide an update update along with documentation about the scope
of continued support.

For the stable distribution (bookworm), these problems have been fixed in
version 2:4.17.10+dfsg-0+deb12u1.

We recommend that you upgrade your samba packages.

For the detailed security status of samba please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/samba

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmTadJsACgkQEMKTtsN8
TjamWhAAr1DOVp9DBJATMyIq2Dqcv9O6x4ipPU/NE0oLG95m9b2kTgakUuj+wQLP
mVfbVi1n9IuRDWW16BH4b63gEx2Yvul4jDBJr42WzawBJVdnQhvNCUavmWgsdCiJ
jc8+bSAiYYN0p076G1AoIastRPoXGjX1tQ/b1iFHG8tC9qX6qCdJy7GFlPClQqYs
K0DdLLj1iz872rlL14zi4znHz3Gsf8d+TNmMVfMqG3aswHiYbrKd954c3/zv51zC
DSm85I6YSgi4+4oCLqJbjlfCFFV+68U5PW86XhPSjHBA6//cvFtIdxVjqisQtV6T
q+kPIMybAkdmG8Z+XLaPIOsBty957XMIYp0S84wTIX/MhlQ+Z6Jns5bU6yQJYN78
ZUqamCFGMEIPO7srQDUWEG77wOJ1Jvlj70sV7Zaz9XJkGlZamJsHMBE5rlg0glKr
gogApnCbiQgKwJcbYxjdM2CKPg8329J0Mt9HqQFxBQC0Ig005+7B+zZUMMpRdQni
HLRgZ4deBWAP3dowt/wSfcNgqOg2SyCKPm4nSllhkesXcJwUGPAktoRNhorxMqiN
dmOAvfYZu+HaPYKVnsdfsjUlI0Z0n+QTsaen48cAYNClNeLQySW3zpEkSqWkNJ/S
YCPU6KabOxeXFjl2LVUTy0FHdO4fnqZJo/egS0ydgkv0t8Iwja4=
=Roie
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 5477-1] samba security update, Moritz Muehlenhoff, 14.08.2023

Archiv bereitgestellt durch MHonArc 2.6.24.

Seitenanfang