-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 27 Jul 2022 18:35:53 +0300 Source: samba Architecture: source Version: 2:4.16.4+dfsg-1 Distribution: unstable Urgency: high Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org> Changed-By: Michael Tokarev <mjt@tls.msk.ru> Closes: 1016449 Changes: samba (2:4.16.4+dfsg-1) unstable; urgency=high . * new upstream security release fixing: o CVE-2022-2031: Samba AD users can bypass certain restrictions associated with changing passwords. https://www.samba.org/samba/security/CVE-2022-2031.html o CVE-2022-32742: Server memory information leak via SMB1. https://www.samba.org/samba/security/CVE-2022-32742.html o CVE-2022-32744: Samba AD users can forge password change requests for any user. https://www.samba.org/samba/security/CVE-2022-32744.html o CVE-2022-32745: Samba AD users can crash the server process with an LDAP add or modify request. https://www.samba.org/samba/security/CVE-2022-32745.html o CVE-2022-32746: Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request. https://www.samba.org/samba/security/CVE-2022-32746.html * Closes: #1016449, CVE-2022-2031 CVE-2022-32742, CVE-2022-32744, CVE-2022-32745, CVE-2022-32746 Checksums-Sha1: 84e188fad338254fd99a0c9ed6d4bf63435a496a 4225 samba_4.16.4+dfsg-1.dsc 1543cb87bd5cd7209fba1d27950424c4a14214f5 18140660 samba_4.16.4+dfsg.orig.tar.xz e02cbb4ae5077fef8b61cdf7acf7be151f336490 263820 samba_4.16.4+dfsg-1.debian.tar.xz 228dd257829ee5a8f5c408e130e1cd424ca8a6fe 6046 samba_4.16.4+dfsg-1_source.buildinfo Checksums-Sha256: 7cc53dad0dc3158a656fa2e80cefd17390b96d59d359006225217e0474b1f138 4225 samba_4.16.4+dfsg-1.dsc cdcd5f83461e9c3fed267951935dbafd4836466e07ce1b89d46b40011e099838 18140660 samba_4.16.4+dfsg.orig.tar.xz 43257d4cc8ad34b2743b00d1a94781ddf22005da2b5b2b09f447a700b84b5f92 263820 samba_4.16.4+dfsg-1.debian.tar.xz d1ad89c9a7eb5e87c891d4eee720a15eab7a670be9a1998d77de96c2b1c2d491 6046 samba_4.16.4+dfsg-1_source.buildinfo Files: 06ebc8ad4eeea8fa084ed26745d59222 4225 net optional samba_4.16.4+dfsg-1.dsc b6e17479be8cb800ee96209953a2d4fb 18140660 net optional samba_4.16.4+dfsg.orig.tar.xz 0330ebd136b3d2eb3451fdf8125d6bdc 263820 net optional samba_4.16.4+dfsg-1.debian.tar.xz 44cc20eb15a13edde72b12815533e7c4 6046 net optional samba_4.16.4+dfsg-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAmLnv7IPHG1qdEB0bHMu bXNrLnJ1AAoJEHAbT2saaT5ZSUYH/RzVBrMcUOqyvOs5a8Kt7uAQsVCm0o+H9Tec Ljd6uvVITG9yUdGZ/7Q5kR+yYX7zVZPZd0RRzJ/5E0IBfPcXv9KoUze9E8aa5Y4j zf+yEgATlkAxsgHzkKMEcZbpXfCngmSxSxzhUUUHS4UxKF5pjhVjFyYNLNlWrWhZ U5hZE+GhmVx9h9dERtYZIB+d5CCC1qL9c0cfqH1nNvSQbxQOBlhCK+86ehYFDAZN gDiSlUnxkXCpBVC6uR5ibnN1dMUY9815PIe2wnEDMCceS5WLtduVVUPwlxM1d5W2 YlZ0sFJqLHc3RWWDl+cndUc8WO+xEvuZULslYKiFINFmCW619Zc= =XSi2 -----END PGP SIGNATURE-----
