UbuntuUpdates.org

Package "samba"

Name: samba

Description:

SMB/CIFS file, print, and login server for Unix

Latest version: 2:4.6.7+dfsg-1ubuntu3.2
Release: artful (17.10)
Level: updates
Repository: main
Homepage: http://www.samba.org

Links

Save this URL for the latest version of "samba": https://www.ubuntuupdates.org/samba


Download "samba"


Other versions of "samba" in Artful

Repository Area Version
base universe 2:4.6.7+dfsg-1ubuntu3
base main 2:4.6.7+dfsg-1ubuntu3
security main 2:4.6.7+dfsg-1ubuntu3.2
security universe 2:4.6.7+dfsg-1ubuntu3.2
updates universe 2:4.6.7+dfsg-1ubuntu3.2

Packages in group

Deleted packages are displayed in grey.

libnss-winbind libpam-winbind libparse-pidl-perl libsmbclient libsmbclient-dev
libwbclient-dev libwbclient0 python-samba samba-common samba-common-bin
samba-dev samba-dsdb-modules samba-libs samba-vfs-modules smbclient
winbind

Changelog

Version: 2:4.6.7+dfsg-1ubuntu3.2 2018-03-14 02:06:45 UTC

  samba (2:4.6.7+dfsg-1ubuntu3.2) artful-security; urgency=medium

  * SECURITY UPDATE: Denial of Service Attack on external print server
    - debian/patches/CVE-2018-1050.patch: protect against null pointer
      derefs in source3/rpc_server/spoolss/srv_spoolss_nt.c.
    - CVE-2018-1050
  * SECURITY UPDATE: Authenticated users can change other users password
    - debian/patches/CVE-2018-1057-*.patch: fix password changing logic.
    - CVE-2018-1057

 -- Marc Deslauriers <email address hidden> Tue, 06 Mar 2018 16:43:27 +0100

Source diff to previous version
CVE-2018-1050 All versions of Samba from 4.0.0 onwards are vulnerable to a denial of ...
CVE-2018-1057 On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 ...

Version: 2:4.6.7+dfsg-1ubuntu3.1 2017-11-21 16:07:06 UTC

  samba (2:4.6.7+dfsg-1ubuntu3.1) artful-security; urgency=medium

  * SECURITY UPDATE: Use-after-free vulnerability
    - debian/patches/CVE-2017-14746.patch: fix use-after-free crash bug in
      source3/smbd/process.c, source3/smbd/reply.c.
    - CVE-2017-14746
  * SECURITY UPDATE: Server heap memory information leak
    - debian/patches/CVE-2017-15275.patch: zero out unused grown area in
      source3/smbd/srvstr.c.
    - CVE-2017-15275

 -- Marc Deslauriers <email address hidden> Wed, 15 Nov 2017 15:36:05 -0500

CVE-2017-14746 Use-after-free vulnerability
CVE-2017-15275 Server heap memory information leak



About   -   Send Feedback to @ubuntu_updates