Summary: | <net-fs/samba-4.19.2: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Krzysztof Olędzki <ole+gentoo> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | UNCONFIRMED --- | ||
Severity: | major | CC: | hydrapolic, samba |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.samba.org/samba/history/samba-4.19.2.html | ||
See Also: |
https://bugzilla.samba.org/show_bug.cgi?id=15491 https://bugzilla.samba.org/show_bug.cgi?id=15464 https://bugs.gentoo.org/show_bug.cgi?id=915556 |
||
Whiteboard: | C3 [stable?] | ||
Package list: | Runtime testing required: | --- |
Description
Krzysztof Olędzki
2023-10-16 20:58:01 UTC
CVE-2023-5568: https://bugzilla.samba.org/show_bug.cgi?id=15491 Looking at https://bugzilla.samba.org/show_bug.cgi?id=15491, we probably don't need a GLSA, but both samba-4.19.0-r1.ebuild and samba-4.19.1.ebuild should be dropped once samba-4.19.2.ebuild gets added. Especially that another important change in this release is fixing https://bugzilla.samba.org/show_bug.cgi?id=15464: libnss_winbind memory corruption. For samba-4.18 it was fixed in samba-4.18.8 which was released a week ago, but for samba-4.19 this is the first usable version for systems using libnss_winbind. I really think you should consider proxy maintaining this given you're on top of what needs to be done. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=75c0e03f350aa2025ba1b08171fcad66522614b8 commit 75c0e03f350aa2025ba1b08171fcad66522614b8 Author: Ben Kohler <bkohler@gentoo.org> AuthorDate: 2023-10-18 12:24:44 +0000 Commit: Ben Kohler <bkohler@gentoo.org> CommitDate: 2023-10-18 12:25:33 +0000 net-fs/samba: add 4.19.2 Bug: https://bugs.gentoo.org/915867 Signed-off-by: Ben Kohler <bkohler@gentoo.org> net-fs/samba/Manifest | 1 + net-fs/samba/samba-4.19.2.ebuild | 382 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 383 insertions(+) |