Format: 1.8 Date: Mon, 22 Nov 2021 10:09:59 -0500 Source: samba Binary: samba samba-libs samba-common samba-common-bin smbclient samba-testsuite registry-tools libparse-pidl-perl samba-dev python-samba samba-dsdb-modules samba-vfs-modules libsmbclient libsmbclient-dev winbind libpam-winbind libnss-winbind libwbclient0 libwbclient-dev ctdb Architecture: source Version: 2:4.7.6+dfsg~ubuntu-0ubuntu2.25 Distribution: bionic-security Urgency: medium Maintainer: Ubuntu Developers Changed-By: Marc Deslauriers Description: ctdb - clustered database to store temporary data libnss-winbind - Samba nameservice integration plugins libpam-winbind - Windows domain authentication integration plugin libparse-pidl-perl - IDL compiler written in Perl libsmbclient - shared library for communication with SMB/CIFS servers libsmbclient-dev - development files for libsmbclient libwbclient-dev - Samba winbind client library - development files libwbclient0 - Samba winbind client library python-samba - Python bindings for Samba registry-tools - tools for viewing and manipulating the Windows registry samba - SMB/CIFS file, print, and login server for Unix samba-common - common files used by both the Samba server and client samba-common-bin - Samba common files used by both the server and the client samba-dev - tools for extending Samba samba-dsdb-modules - Samba Directory Services Database samba-libs - Samba core libraries samba-testsuite - test suite from Samba samba-vfs-modules - Samba Virtual FileSystem plugins smbclient - command-line SMB/CIFS clients for Unix winbind - service to resolve user and group information from Windows NT ser Changes: samba (2:4.7.6+dfsg~ubuntu-0ubuntu2.25) bionic-security; urgency=medium . * SECURITY UPDATE: SMB1 client connections can be downgraded to plaintext authentication - debian/patches/CVE-2016-2124-*.patch: upstream commits to fix issue. - CVE-2016-2124 * SECURITY UPDATE: user in AD Domain could become root on domain members - debian/patches/CVE-2020-25717-*.patch: upstream commits to fix issue. - CVE-2020-25717 * SECURITY UPDATE: insufficient access and conformance checking of data stored - debian/patches/CVE-2020-25722-1.patch: restrict the setting of privileged attributes during LDAP add/modify in source4/dsdb/samdb/ldb_modules/samldb.c. - debian/patches/CVE-2020-25722-2.patch: ensure the structural objectclass cannot be changed in source4/dsdb/samdb/ldb_modules/objectclass.c. - CVE-2020-25722 * SECURITY UPDATE: null pointer deref in kerberos server - debian/patches/CVE-2021-3671.patch: validate sname in TGS-REQ in source4/heimdal/kdc/krb5tgs.c. - CVE-2021-3671 Checksums-Sha1: 7a70839a6773e583c1b82e203288a47f2f2b6e54 4294 samba_4.7.6+dfsg~ubuntu-0ubuntu2.25.dsc af8d9dce24c545259ef83d8fdfa5485abfc666ef 339708 samba_4.7.6+dfsg~ubuntu-0ubuntu2.25.debian.tar.xz cf8cff55e28a53dbc6c2d7f52dbe8409ef978ae5 12913 samba_4.7.6+dfsg~ubuntu-0ubuntu2.25_source.buildinfo Checksums-Sha256: 7334a87efc517996bdf0b5b0827923027aa15c4c36c3fd35ce3f850a1f157038 4294 samba_4.7.6+dfsg~ubuntu-0ubuntu2.25.dsc 24a1cfedeaad6a80053bb3261b23aad33a383ab46156d0705a95faf3abe074dd 339708 samba_4.7.6+dfsg~ubuntu-0ubuntu2.25.debian.tar.xz ac8a315bfbaa516f32f14fef1ac86ce0ccd8c850c174a829ae595cd20f02e510 12913 samba_4.7.6+dfsg~ubuntu-0ubuntu2.25_source.buildinfo Files: 1b79bcc2a0b0c98ec1f4a34b54da6a05 4294 net optional samba_4.7.6+dfsg~ubuntu-0ubuntu2.25.dsc acf111f124b14297cbd23f44f03b73c1 339708 net optional samba_4.7.6+dfsg~ubuntu-0ubuntu2.25.debian.tar.xz 7d428c25e68f4ac9cb1b88b81ccf7a67 12913 net optional samba_4.7.6+dfsg~ubuntu-0ubuntu2.25_source.buildinfo Original-Maintainer: Debian Samba Maintainers