Summary: | <net-fs/samba-4.11.13: Unauthenticated domain takeover via netlogon ("ZeroLogon") (CVE-2020-1472) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | samba |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.samba.org/samba/security/CVE-2020-1472.html | ||
Whiteboard: | C3 [glsa+ cve] | ||
Package list: |
net-fs/samba-4.11.13-r1
|
Runtime testing required: | --- |
Description
Sam James
![]() ![]() ![]() ![]() Please bump to 4.10.18, 4.11.13, and 4.12.7. 4.13.0_rc6 is also out, but 4.13 does not yet have keywords in Gentoo. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=308c7877323618ba61ca09ed8ea6683d66198ebd commit 308c7877323618ba61ca09ed8ea6683d66198ebd Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2020-09-23 07:31:23 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2020-09-23 08:01:44 +0000 net-fs/samba: Security bump to versions 4.11.13, 4.12.7 and 4.13.0 Bug: https://bugs.gentoo.org/743433 Package-Manager: Portage-3.0.8, Repoman-3.0.1 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> net-fs/samba/Manifest | 4 +- net-fs/samba/samba-4.11.13.ebuild | 321 +++++++++++++++++++++ net-fs/samba/samba-4.12.7.ebuild | 319 ++++++++++++++++++++ ...samba-4.13.0_rc5.ebuild => samba-4.13.0.ebuild} | 2 +- 4 files changed, 644 insertions(+), 2 deletions(-) arm stable ppc stable ppc64 stable sparc stable x86 stable arm64 done amd64 stable. Maintainer(s), please cleanup. Security, please vote. Unable to check for sanity:
> no match for package: net-fs/samba-4.11.13
Thanks. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e976d174e083ec5b3d31b26c3df6aafb55a5beb6 commit e976d174e083ec5b3d31b26c3df6aafb55a5beb6 Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2020-10-23 11:54:46 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2020-10-23 12:08:35 +0000 net-fs/samba: Security cleanup Bug: https://bugs.gentoo.org/743433 Package-Manager: Portage-3.0.8, Repoman-3.0.2 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> net-fs/samba/Manifest | 1 - net-fs/samba/samba-4.11.11-r1.ebuild | 321 ----------------------------------- net-fs/samba/samba-4.12.6-r1.ebuild | 319 ---------------------------------- 3 files changed, 641 deletions(-) New GLSA request filed. This issue was resolved and addressed in GLSA 202012-24 at https://security.gentoo.org/glsa/202012-24 by GLSA coordinator Thomas Deutschmann (whissi). |