Publishing details
Changelog
samba (2:3.6.3-2ubuntu2.13) precise-security; urgency=medium
* SECURITY UPDATE: file-access restrictions bypass via symlink
- debian/patches/CVE-2015-5252.patch: validate matching component in
source3/smbd/vfs.c.
- CVE-2015-5252
* SECURITY UPDATE: man-in-the-middle attack via encrypted-to-unencrypted
downgrade
- debian/patches/CVE-2015-5296.patch: force signing in
source3/libsmb/clidfs.c, source3/libsmb/libsmb_server.c.
- CVE-2015-5296
* SECURITY UPDATE: snapshot access via shadow copy directory
- debian/patches/CVE-2015-5299.patch: fix missing access checks in
source3/modules/vfs_shadow_copy2.c.
- CVE-2015-5299
* SECURITY UPDATE: information leak via incorrect string length handling
- debian/patches/CVE-2015-5330.patch: fix string length handling in
lib/util/charset/charset.h, lib/util/charset/codepoints.c,
lib/util/charset/util_unistr.c, source3/lib/util_str.c.
- CVE-2015-5330
-- Marc Deslauriers <email address hidden> Mon, 04 Jan 2016 14:50:47 -0500
Builds
Package files