-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 19 Jul 2023 17:55:58 +0300 Source: samba Architecture: source Version: 2:4.18.5+dfsg-1 Distribution: unstable Urgency: medium Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org> Changed-By: Michael Tokarev <mjt@tls.msk.ru> Closes: 1041043 Changes: samba (2:4.18.5+dfsg-1) unstable; urgency=medium . * new upstream stable/security release 4.18.5, including: o CVE-2022-2127: When winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in winbind and possibly crash it. https://www.samba.org/samba/security/CVE-2022-2127.html o CVE-2023-3347: SMB2 packet signing is not enforced if an admin configured "server signing = required" or for SMB2 connections to Domain Controllers where SMB2 packet signing is mandatory. https://www.samba.org/samba/security/CVE-2023-3347.html o CVE-2023-34966: An infinite loop bug in Samba's mdssvc RPC service for Spotlight can be triggered by an unauthenticated attacker by issuing a malformed RPC request. https://www.samba.org/samba/security/CVE-2023-34966.html o CVE-2023-34967: Missing type validation in Samba's mdssvc RPC service for Spotlight can be used by an unauthenticated attacker to trigger a process crash in a shared RPC mdssvc worker process. https://www.samba.org/samba/security/CVE-2023-34967.html o CVE-2023-34968: As part of the Spotlight protocol Samba discloses the server-side absolute path of shares and files and directories in search results. https://www.samba.org/samba/security/CVE-2023-34968.html o BUG 15418: Secure channel faulty since Windows 10/11 update 07/2023. https://bugzilla.samba.org/show_bug.cgi?id=15418 (this has been patched in the previous upload; Closes: #1041043) Checksums-Sha1: ee66ccf12bc249ca6a868b9e505deefadf4f476f 4415 samba_4.18.5+dfsg-1.dsc ef2fa1002634cd313be83dec98d0e9e9fc378261 24393552 samba_4.18.5+dfsg.orig.tar.xz e23e9b440573a5b7fdcc2714de240dc0f781ed88 272716 samba_4.18.5+dfsg-1.debian.tar.xz 3f3aa2d0d096154947d90eeb2eb711e6e47b61a5 6348 samba_4.18.5+dfsg-1_source.buildinfo Checksums-Sha256: 43c0755ab310e398908785347c059699bd1e826a2cb03a2cc29850f8e7f643b9 4415 samba_4.18.5+dfsg-1.dsc c235c0ed7e8580c7e6fcf503acbd55122ad8e262ef2deacc34870c830fcb646a 24393552 samba_4.18.5+dfsg.orig.tar.xz 46c7ff524037394f44daae5671b44ec704ab01fe3c83cd7a67a098b7909b9fd9 272716 samba_4.18.5+dfsg-1.debian.tar.xz b7da409f85a79248d5c23faefa0679255b02fadefa2dd9dffd3b3e7706388fb8 6348 samba_4.18.5+dfsg-1_source.buildinfo Files: 5ef5065031d75bfeffb9bfa29cd5af14 4415 net optional samba_4.18.5+dfsg-1.dsc 4f0022d44fcf54e90c90b7528be76d88 24393552 net optional samba_4.18.5+dfsg.orig.tar.xz ec742285f3bef278651dc748bb01c7c2 272716 net optional samba_4.18.5+dfsg-1.debian.tar.xz f4d22994bfeba24da43fb10488ca410d 6348 net optional samba_4.18.5+dfsg-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQFDBAEBCgAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAmS3+ckPHG1qdEB0bHMu bXNrLnJ1AAoJEHAbT2saaT5ZOWMIAK5RaoKPiqiGPpsZCouPddPXl8j1ZAt2R7k7 8du+XjUi4qr+emqRL6+kQAmggrwh6vPBgkRz8lJd78GXts4pigLdXT1FvarXFhF8 S9DNo0JhoxX3tzp/j/gNtNqI2760sJqA13DFkK1JInxOfDtnWOk8wrQ6tzEc4wPD yJ79voZCDfiLfNl/a0h1dW3ecLsRiQIT3Bdrsdi8e3KBDsCrGqmjcLXSsdB+DDSO Y9bBqZBAUMrb4izIcjmCTeAeQplBXpCiJqdyKsxBTComw8pMajOZ7IhBwvcxdk9R 7SVyf0U/7QDbLkOF18CTM86awAdxhWbe5tBC2mscIJdaaVEHi/c= =iBYc -----END PGP SIGNATURE-----