Summary: | <net-fs/samba-{4.16.10, 4.17.8, 4.18.3}: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | ole+gentoo, samba |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://lists.samba.org/archive/samba-announce/2023/000633.html | ||
Whiteboard: | B4 [stable+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 906104, 907829, 908275 | ||
Bug Blocks: |
Description
John Helmert III
![]() ![]() ![]() ![]() These CVEs appear to have been fixed in 4.18.1, released 29th March, see https://www.samba.org/samba/history/ However, more recent is 4.18.2 which was released Apr 19, 2023; release notes at https://www.samba.org/samba/history/samba-4.18.2.html In addition to bumping 4.17 (to 4.17.8) - https://bugs.gentoo.org/906104 and presumably 4.18 (to 4.18.2) and 4.16 (to 4.16.10) we may also want to drop 4.15 given it is marked as EOL per https://wiki.samba.org/index.php/Samba_Release_Planning The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=5bfe8198b2352fa0ac46dbc59d078650dc544a7e commit 5bfe8198b2352fa0ac46dbc59d078650dc544a7e Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-09-17 05:56:23 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-09-17 05:56:46 +0000 [ GLSA 202309-06 ] Samba: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/820566 Bug: https://bugs.gentoo.org/821688 Bug: https://bugs.gentoo.org/830983 Bug: https://bugs.gentoo.org/832433 Bug: https://bugs.gentoo.org/861512 Bug: https://bugs.gentoo.org/866225 Bug: https://bugs.gentoo.org/869122 Bug: https://bugs.gentoo.org/878273 Bug: https://bugs.gentoo.org/880437 Bug: https://bugs.gentoo.org/886153 Bug: https://bugs.gentoo.org/903621 Bug: https://bugs.gentoo.org/905320 Bug: https://bugs.gentoo.org/910334 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Sam James <sam@gentoo.org> glsa-202309-06.xml | 86 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 86 insertions(+) |