Summary: | <net-fs/samba-{4.14.9,4.15.1}: Kerberos security feature bypass (CVE-2020-17049) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | samba |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17049 | ||
Whiteboard: | B4 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 820695 | ||
Bug Blocks: |
Description
John Helmert III
2021-10-28 02:06:09 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cb0840131262148d5088478b43c607758e10e22c commit cb0840131262148d5088478b43c607758e10e22c Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2021-10-28 08:13:59 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2021-10-28 08:22:22 +0000 net-fs/samba: Security bumps to version 4.14.9 and 4.15.1 Bug: https://bugs.gentoo.org/820566 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> net-fs/samba/Manifest | 2 + net-fs/samba/samba-4.14.9.ebuild | 339 +++++++++++++++++++++++++++++++++++++++ net-fs/samba/samba-4.15.1.ebuild | 336 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 677 insertions(+) (In reply to John Helmert III from comment #0) > [...] > Doesn't seem to be a recent release for 4.13, is it affected? Now need 4.13.13: https://www.samba.org/samba/history/samba-4.13.13.html If we're depending on the 4.14 stablereq, I'll assume we're dropping 4.13 in favor of newer branches then? (In reply to John Helmert III from comment #4) > If we're depending on the 4.14 stablereq, I'll assume we're dropping 4.13 in > favor of newer branches then? Yes The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1877182404b65b802baa3b0e493bed2ad4a8f024 commit 1877182404b65b802baa3b0e493bed2ad4a8f024 Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2021-11-05 12:13:00 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2021-11-05 12:15:18 +0000 net-fs/samba: Security cleanup Bug: https://bugs.gentoo.org/820566 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> net-fs/samba/Manifest | 3 - net-fs/samba/samba-4.13.12.ebuild | 335 ----------------------------------- net-fs/samba/samba-4.13.9-r3.ebuild | 335 ----------------------------------- net-fs/samba/samba-4.14.8.ebuild | 339 ------------------------------------ 4 files changed, 1012 deletions(-) GLSA request filed The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=5bfe8198b2352fa0ac46dbc59d078650dc544a7e commit 5bfe8198b2352fa0ac46dbc59d078650dc544a7e Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-09-17 05:56:23 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-09-17 05:56:46 +0000 [ GLSA 202309-06 ] Samba: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/820566 Bug: https://bugs.gentoo.org/821688 Bug: https://bugs.gentoo.org/830983 Bug: https://bugs.gentoo.org/832433 Bug: https://bugs.gentoo.org/861512 Bug: https://bugs.gentoo.org/866225 Bug: https://bugs.gentoo.org/869122 Bug: https://bugs.gentoo.org/878273 Bug: https://bugs.gentoo.org/880437 Bug: https://bugs.gentoo.org/886153 Bug: https://bugs.gentoo.org/903621 Bug: https://bugs.gentoo.org/905320 Bug: https://bugs.gentoo.org/910334 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Sam James <sam@gentoo.org> glsa-202309-06.xml | 86 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 86 insertions(+) |