• [SECURITY] [DSA 5477-1] samba security update

    From Moritz Muehlenhoff@21:1/5 to All on Mon Aug 14 20:40:01 2023
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5477-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 14, 2023 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : samba
    CVE ID : CVE-2022-2127 CVE-2023-3347 CVE-2023-34966 CVE-2023-34967
    Debian Bug : 1041043

    Several vulnerabilities have been discovered in Samba, which could result
    in information disclosure, denial of service or insufficient enforcement
    of security-relevant config directives.

    The version of Samba in the oldstable distribution (bullseye) cannot be
    fully supported further: If you are using Samba as a domain controller
    you should either upgrade to the stable distribution or if that's not
    an immediate option consider to migrate to Samba from bullseye-backports
    (which will be kept updated to the version in stable). Operating Samba
    as a file/print server will continue to be supported, a separate DSA
    will provide an update update along with documentation about the scope
    of continued support.

    For the stable distribution (bookworm), these problems have been fixed in version 2:4.17.10+dfsg-0+deb12u1.

    We recommend that you upgrade your samba packages.

    For the detailed security status of samba please refer to
    its security tracker page at:

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmTadJsACgkQEMKTtsN8 TjamWhAAr1DOVp9DBJATMyIq2Dqcv9O6x4ipPU/NE0oLG95m9b2kTgakUuj+wQLP mVfbVi1n9IuRDWW16BH4b63gEx2Yvul4jDBJr42WzawBJVdnQhvNCUavmWgsdCiJ jc8+bSAiYYN0p076G1AoIastRPoXGjX1tQ/b1iFHG8tC9qX6qCdJy7GFlPClQqYs K0DdLLj1iz872rlL14zi4znHz3Gsf8d+TNmMVfMqG3aswHiYbrKd954c3/zv51zC DSm85I6YSgi4+4oCLqJbjlfCFFV+68U5PW86XhPSjHBA6//cvFtIdxVjqisQtV6T q+kPIMybAkdmG8Z+XLaPIOsBty957XMIYp0S84wTIX/MhlQ+Z6Jns5bU6yQJYN78 ZUqamCFGMEIPO7srQDUWEG77wOJ1Jvlj70sV7Zaz9XJkGlZamJsHMBE5rlg0glKr gogApnCbiQgKwJcbYxjdM2CKPg8329J0Mt9HqQFxBQC0Ig005+7B+zZUMMpRdQni HLRgZ4deBWAP3dowt/wSfcNgqOg2SyCKPm4nSllhkesXcJwUGPAktoRNhorxMqiN dmOAvfYZu+HaPYKVnsdfsjUlI0Z0n+QTsaen48cAYNClNeLQySW3zpEkSqWkNJ/S YCPU6KabOxeXFjl2LVUTy0FHdO4fnqZJo/egS0ydgkv0t8Iwja4=
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)