-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 19 Mar 2024 18:00:18 -0300 Source: samba Architecture: source Version: 2:4.13.13+dfsg-1~deb11u6 Distribution: bullseye-security Urgency: medium Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org> Changed-By: Santiago Ruano Rincón <santiago@freexian.com> Changes: samba (2:4.13.13+dfsg-1~deb11u6) bullseye-security; urgency=medium . * CVE-2022-2127: Out-of-bounds read in winbind AUTH_CRAP * CVE-2022-3437: Heimdal des/des3 heap-based buffer overflow * CVE-2023-4091: Client can truncate files even with read-only permissions * CVE-2023-34966: Spotlight mdssvc RPC Request Infinite Loop Denial-of-Service Vulnerability * CVE-2023-34967: Spotlight mdssvc RPC Request Type Confusion Denial-of-Service Vulnerability * CVE-2023-34968: Spotlight server-side Share Path Disclosure Checksums-Sha1: 77a0fbc3f6d111d21269984ddf28331261a835e8 3764 samba_4.13.13+dfsg-1~deb11u6.dsc cc02d6a311e34e6e5f9f0e5e74a1f2871f06b25f 552112 samba_4.13.13+dfsg-1~deb11u6.debian.tar.xz 22c44ccd8e9262dac1198fab394c855f57695d77 22427 samba_4.13.13+dfsg-1~deb11u6_amd64.buildinfo Checksums-Sha256: 72f74fee9adf0b7e552abb5c7b963c47bcb963531428e18e8baa7c3c21b83a66 3764 samba_4.13.13+dfsg-1~deb11u6.dsc 2c8ea1a78096eb431e2f458dd58054a1b428a42003e2088845e40dc2f553018e 552112 samba_4.13.13+dfsg-1~deb11u6.debian.tar.xz b80c608af011d0b72f2482b2fa2bc5e8f2b3872cc764b024aaa7ff7e62c4d8a8 22427 samba_4.13.13+dfsg-1~deb11u6_amd64.buildinfo Files: 51eb53c5c1e1f160e80cf2bb856251af 3764 net optional samba_4.13.13+dfsg-1~deb11u6.dsc bd5c01f0cda8f5f328026c07713f41fa 552112 net optional samba_4.13.13+dfsg-1~deb11u6.debian.tar.xz 3ded4e3bab5c8ba8bf8c9d7b114d0f64 22427 net optional samba_4.13.13+dfsg-1~deb11u6_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iHUEARYIAB0WIQRZVjztY8b+Ty43oH1itBCJKh26HQUCZf2f2wAKCRBitBCJKh26 Hcn9AQCkEYcTDpmaIbUd7eetfTtLnS2Lxj/TMFWy7Itqci/uwwEAgScTWr/BdJv3 swWBcfJLhh728rku4thflD99fNE8MAs= =5+Ur -----END PGP SIGNATURE-----