You are here
Home > Preporuke > Ranjivosti programskog paketa Samba – Badlock Bug

Ranjivosti programskog paketa Samba – Badlock Bug

by ncert - 0

——————————————————————————–
Fedora Update Notification
FEDORA-2016-48b3761baa
2016-04-14 00:52:48.149054
——————————————————————————–

Name : samba
Product : Fedora 22
Version : 4.2.11
Release : 0.fc22
URL : http://www.samba.org/
Summary : Server and Client software to interoperate with Windows machines
Description :
Samba is the standard Windows interoperability suite of programs for Linux and Unix.

——————————————————————————–
Update Information:

Security fix for CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112,
CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
——————————————————————————–
References:

[ 1 ] Bug #1309987 – CVE-2015-5370 samba: crash in dcesrv_auth_bind_ack due to missing error check
https://bugzilla.redhat.com/show_bug.cgi?id=1309987
[ 2 ] Bug #1311893 – CVE-2016-2110 samba: Man-in-the-middle attacks possible with NTLMSSP authentication
https://bugzilla.redhat.com/show_bug.cgi?id=1311893
[ 3 ] Bug #1311902 – CVE-2016-2111 samba: Spoofing vulnerability when domain controller is configured
https://bugzilla.redhat.com/show_bug.cgi?id=1311902
[ 4 ] Bug #1311903 – CVE-2016-2112 samba: Missing downgrade detection
https://bugzilla.redhat.com/show_bug.cgi?id=1311903
[ 5 ] Bug #1311910 – CVE-2016-2113 samba: Server certificates not validated at client side
https://bugzilla.redhat.com/show_bug.cgi?id=1311910
[ 6 ] Bug #1312082 – CVE-2016-2114 samba: Samba based active directory domain controller does not enforce smb signing
https://bugzilla.redhat.com/show_bug.cgi?id=1312082
[ 7 ] Bug #1312084 – CVE-2016-2115 samba: Smb signing not required by default when smb client connection is used for ipc usage
https://bugzilla.redhat.com/show_bug.cgi?id=1312084
[ 8 ] Bug #1317990 – CVE-2016-2118 samba: SAMR and LSA man in the middle attacks
https://bugzilla.redhat.com/show_bug.cgi?id=1317990
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update samba’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

——————————————————————————–
Fedora Update Notification
FEDORA-2016-be53260726
2016-04-13 16:54:31.873262
——————————————————————————–

Name : samba
Product : Fedora 23
Version : 4.3.8
Release : 0.fc23
URL : http://www.samba.org/
Summary : Server and Client software to interoperate with Windows machines
Description :
Samba is the standard Windows interoperability suite of programs for Linux and Unix.

——————————————————————————–
Update Information:

Security fix for CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112,
CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
——————————————————————————–
References:

[ 1 ] Bug #1309987 – CVE-2015-5370 samba: crash in dcesrv_auth_bind_ack due to missing error check
https://bugzilla.redhat.com/show_bug.cgi?id=1309987
[ 2 ] Bug #1311893 – CVE-2016-2110 samba: Man-in-the-middle attacks possible with NTLMSSP authentication
https://bugzilla.redhat.com/show_bug.cgi?id=1311893
[ 3 ] Bug #1311902 – CVE-2016-2111 samba: Spoofing vulnerability when domain controller is configured
https://bugzilla.redhat.com/show_bug.cgi?id=1311902
[ 4 ] Bug #1311903 – CVE-2016-2112 samba: Missing downgrade detection
https://bugzilla.redhat.com/show_bug.cgi?id=1311903
[ 5 ] Bug #1311910 – CVE-2016-2113 samba: Server certificates not validated at client side
https://bugzilla.redhat.com/show_bug.cgi?id=1311910
[ 6 ] Bug #1312082 – CVE-2016-2114 samba: Samba based active directory domain controller does not enforce smb signing
https://bugzilla.redhat.com/show_bug.cgi?id=1312082
[ 7 ] Bug #1312084 – CVE-2016-2115 samba: Smb signing not required by default when smb client connection is used for ipc usage
https://bugzilla.redhat.com/show_bug.cgi?id=1312084
[ 8 ] Bug #1317990 – CVE-2016-2118 samba: SAMR and LSA man in the middle attacks
https://bugzilla.redhat.com/show_bug.cgi?id=1317990
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update samba’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

ncert
Top
More in Preporuke
Nadogradnja za Adobe Flash Player

Adobe je izdao nadogradnju za otklanjanje višestrukih kritičnih ranjivosti programskog paketa Adobe Flash Player. Otkrivene ranjivosti posljedica su narušavanja integriteta...

Close