diff options
| author | Patrick J Volkerding <volkerdi@slackware.com> | 2022-07-27 19:17:38 +0000 |
|---|---|---|
| committer | Eric Hameleers <alien@slackware.com> | 2022-07-28 07:00:16 +0200 |
| commit | f5b23a008bdf2abee1c6e082b9a74ca075cdb9ec (patch) | |
| tree | 3b1f8d944f1bff0b17d50d3f7f54e4ec138216d2 /ChangeLog.rss | |
| parent | dbcd8c770799465743aec47da508a7162c7e70db (diff) | |
| download | current-f5b23a008bdf2abee1c6e082b9a74ca075cdb9ec.tar.gz | |
Wed Jul 27 19:17:38 UTC 202220220727191738
l/tevent-0.13.0-x86_64-1.txz: Upgraded.
n/samba-4.16.4-x86_64-1.txz: Upgraded.
This update fixes the following security issues:
Samba AD users can bypass certain restrictions associated with changing
passwords.
Samba AD users can forge password change requests for any user.
Samba AD users can crash the server process with an LDAP add or modify
request.
Samba AD users can induce a use-after-free in the server process with an
LDAP add or modify request.
Server memory information leak via SMB1.
For more information, see:
https://www.samba.org/samba/security/CVE-2022-2031.html
https://www.samba.org/samba/security/CVE-2022-32744.html
https://www.samba.org/samba/security/CVE-2022-32745.html
https://www.samba.org/samba/security/CVE-2022-32746.html
https://www.samba.org/samba/security/CVE-2022-32742.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742
(* Security fix *)
Diffstat (limited to 'ChangeLog.rss')
| -rw-r--r-- | ChangeLog.rss | 37 |
1 files changed, 35 insertions, 2 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss index b851f14d..c633192e 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,10 +11,43 @@ <description>Tracking Slackware development in git.</description> <language>en-us</language> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> - <pubDate>Tue, 26 Jul 2022 19:27:53 GMT</pubDate> - <lastBuildDate>Wed, 27 Jul 2022 05:00:17 GMT</lastBuildDate> + <pubDate>Wed, 27 Jul 2022 19:17:38 GMT</pubDate> + <lastBuildDate>Thu, 28 Jul 2022 05:00:14 GMT</lastBuildDate> <generator>maintain_current_git.sh v 1.17</generator> <item> + <title>Wed, 27 Jul 2022 19:17:38 GMT</title> + <pubDate>Wed, 27 Jul 2022 19:17:38 GMT</pubDate> + <link>https://git.slackware.nl/current/tag/?h=20220727191738</link> + <guid isPermaLink="false">20220727191738</guid> + <description> + <![CDATA[<pre> +l/tevent-0.13.0-x86_64-1.txz: Upgraded. +n/samba-4.16.4-x86_64-1.txz: Upgraded. + This update fixes the following security issues: + Samba AD users can bypass certain restrictions associated with changing + passwords. + Samba AD users can forge password change requests for any user. + Samba AD users can crash the server process with an LDAP add or modify + request. + Samba AD users can induce a use-after-free in the server process with an + LDAP add or modify request. + Server memory information leak via SMB1. + For more information, see: + https://www.samba.org/samba/security/CVE-2022-2031.html + https://www.samba.org/samba/security/CVE-2022-32744.html + https://www.samba.org/samba/security/CVE-2022-32745.html + https://www.samba.org/samba/security/CVE-2022-32746.html + https://www.samba.org/samba/security/CVE-2022-32742.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742 + (* Security fix *) + </pre>]]> + </description> + </item> + <item> <title>Tue, 26 Jul 2022 19:27:53 GMT</title> <pubDate>Tue, 26 Jul 2022 19:27:53 GMT</pubDate> <link>https://git.slackware.nl/current/tag/?h=20220726192753</link> |