Package "libnss-winbind"

Name: libnss-winbind


Samba nameservice integration plugins

Latest version: 2:4.17.7+dfsg-1ubuntu2.3
Release: lunar (23.04)
Level: security
Repository: main
Head package: samba
Homepage: https://www.samba.org


Download "libnss-winbind"

Other versions of "libnss-winbind" in Lunar

Repository Area Version
base main 2:4.17.7+dfsg-1ubuntu1
updates main 2:4.17.7+dfsg-1ubuntu2.3


Version: 2:4.17.7+dfsg-1ubuntu2.3 2023-10-10 16:07:32 UTC

  samba (2:4.17.7+dfsg-1ubuntu2.3) lunar-security; urgency=medium

  * SECURITY UPDATE: SMB clients can truncate files with read-only
    - debian/patches/CVE-2023-4091-*.patch
    - CVE-2023-4091
  * SECURITY UPDATE: Samba AD DC password exposure to privileged users and
    - debian/patches/CVE-2023-4154-*.patch
    - CVE-2023-4154
  * SECURITY UPDATE: rpcecho development server allows Denial of Service
    via sleep() call on AD DC
    - debian/patches/CVE-2023-42669-*.patch
    - CVE-2023-42669
  * SECURITY UPDATE: Samba AD DC Busy RPC multiple listener DoS
    - debian/patches/CVE-2023-42670-*.patch
    - CVE-2023-42670

 -- Marc Deslauriers <email address hidden> Wed, 04 Oct 2023 08:18:32 -0400

Source diff to previous version

Version: 2:4.17.7+dfsg-1ubuntu1.1 2023-07-19 17:07:23 UTC

  samba (2:4.17.7+dfsg-1ubuntu1.1) lunar-security; urgency=medium

  * SECURITY UPDATE: Out-Of-Bounds read in winbind AUTH_CRAP
    - debian/patches/CVE-2022-2127-*.patch
    - CVE-2022-2127
  * SECURITY UPDATE: SMB2 packet signing not enforced
    - debian/patches/CVE-2023-3347-*.patch
    - CVE-2023-3347
  * SECURITY UPDATE: Spotlight mdssvc RPC Request Infinite Loop DoS
    - debian/patches/CVE-2023-34966-*.patch
    - CVE-2023-34966
  * SECURITY UPDATE: Spotlight mdssvc RPC Request Type Confusion DoS
    - debian/patches/CVE-2023-34967-*.patch
    - CVE-2023-34967
  * SECURITY UPDATE: Spotlight server-side Share Path Disclosure
    - debian/patches/CVE-2023-34968-*.patch
    - CVE-2023-34968

 -- Marc Deslauriers <email address hidden> Tue, 11 Jul 2023 07:54:30 -0400

CVE-2022-2127 RESERVED

About   -   Send Feedback to @ubuntu_updates