UbuntuUpdates.org

Package "ctdb"

Name: ctdb

Description:

clustered database to store temporary data

Latest version: 2:4.15.13+dfsg-0ubuntu1.4
Release: jammy (22.04)
Level: updates
Repository: universe
Head package: samba
Homepage: http://www.samba.org

Links


Download "ctdb"


Other versions of "ctdb" in Jammy

Repository Area Version
base universe 2:4.15.5~dfsg-0ubuntu5
security universe 2:4.15.13+dfsg-0ubuntu1.2

Changelog

Version: 2:4.15.13+dfsg-0ubuntu1.4 2023-09-07 14:07:02 UTC

  samba (2:4.15.13+dfsg-0ubuntu1.4) jammy; urgency=medium

  * d/p/issue-when-updating-old-passwd-containing-regex-metachars.patch:
    Add changes to fix uncaught exception when updating old password
    containing regex metacharacters by simplifying samba-tool password
    redaction (LP: #2002949).

 -- Michal Maloszewski <email address hidden> Fri, 18 Aug 2023 15:53:14 +0200

Source diff to previous version
2002949 samba-tool user password: uncaught exception when updating old password containing regular expression metacharacters

Version: 2:4.15.13+dfsg-0ubuntu1.3 2023-08-15 19:06:54 UTC

  samba (2:4.15.13+dfsg-0ubuntu1.3) jammy; urgency=medium

  * d/p/secure-channel-faulty-kb5028166.patch: fix domain membership
    after Windows KB5028166 update (LP: #2027716)
  * Cherry pick samba AD DC provisioning DEP8 test from later Ubuntu
    releases (LP: #1977746, LP: #2011745):
    - d/t/control, d/t/util, d/t/samba-ad-dc-provisioning-internal-dns:
      samba AD DC provisioning and domain join tests with internal DNS
      + d/t/control: adjust package dependencies
      + d/t/samba-ad-dc-provisioning-internal-dns: handle the case where
        libnss-winbind does not automatically add winbind to
        /etc/nsswitch.conf (that is done only in Lunar and later)
      + d/t/samba-ad-dc-provisioning-internal-dns: use case insensitive
        match when inspecting kerberos tickets, as the hostname may be
        capitalized

 -- Andreas Hasenack <email address hidden> Sun, 23 Jul 2023 17:09:59 -0300

Source diff to previous version
2027716 samba dc ntlm netlogin issue with windows 10/11 2023-07 cumulative update
1977746 Add DEP8 test for AD provisioning
2011745 Add server join DEP8 tests

Version: 2:4.15.13+dfsg-0ubuntu1.2 2023-07-19 17:07:20 UTC

  samba (2:4.15.13+dfsg-0ubuntu1.2) jammy-security; urgency=medium

  * SECURITY UPDATE: Out-Of-Bounds read in winbind AUTH_CRAP
    - debian/patches/CVE-2022-2127-*.patch
    - CVE-2022-2127
  * SECURITY UPDATE: Spotlight mdssvc RPC Request Infinite Loop DoS
    - debian/patches/CVE-2023-34966-*.patch
    - CVE-2023-34966
  * SECURITY UPDATE: Spotlight mdssvc RPC Request Type Confusion DoS
    - debian/patches/CVE-2023-34967-*.patch
    - CVE-2023-34967
  * SECURITY UPDATE: Spotlight server-side Share Path Disclosure
    - debian/patches/CVE-2023-34968-*.patch
    - CVE-2023-34968

 -- Marc Deslauriers <email address hidden> Tue, 11 Jul 2023 08:44:35 -0400

Source diff to previous version
CVE-2022-2127 RESERVED

Version: 2:4.15.13+dfsg-0ubuntu1.1 2023-04-03 17:07:05 UTC

  samba (2:4.15.13+dfsg-0ubuntu1.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Access controlled AD LDAP attributes can be discovered
    - debian/patches/CVE-2023-0614-*.patch: upstream patches to fix the
      issue (some of these aren't directly used in this package as they
      apply to the ldb library which is updated separately).
    - debian/control: bump ldb Build-Depends to security update version.
    - CVE-2023-0614
  * SECURITY UPDATE: admin tool samba-tool sends passwords in cleartext
    - debian/patches/CVE-2023-0922.patch: set default ldap client sasl
      wrapping to seal.
    - CVE-2023-0922

 -- Marc Deslauriers <email address hidden> Thu, 30 Mar 2023 09:25:19 -0400

Source diff to previous version
CVE-2023-0614 Access controlled AD LDAP attributes can be discovered
CVE-2023-0922 Samba AD DC admin tool samba-tool sends passwords in cleartext

Version: 2:4.15.13+dfsg-0ubuntu1 2023-01-24 15:07:44 UTC

  samba (2:4.15.13+dfsg-0ubuntu1) jammy-security; urgency=medium

  * Updated to upstream 4.15.13 to fix multiple security issues.
    - debian/patches/win-22H2-fix.patch: removed, included in new version.
    - CVE-2022-3437
    - CVE-2022-37966
    - CVE-2022-37967
    - CVE-2022-38023
    - CVE-2022-42898
    - CVE-2022-45141

 -- Marc Deslauriers <email address hidden> Tue, 10 Jan 2023 10:04:53 -0500

CVE-2022-3437 Buffer overflow in Heimdal unwrap_des3()
CVE-2022-37966 Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability.
CVE-2022-37967 Windows Kerberos Elevation of Privilege Vulnerability.
CVE-2022-38023 Netlogon RPC Elevation of Privilege Vulnerability.
CVE-2022-42898 PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC,



About   -   Send Feedback to @ubuntu_updates