summaryrefslogtreecommitdiff
path: root/ChangeLog.txt
diff options
context:
space:
mode:
authorPatrick J Volkerding <volkerdi@slackware.com>2022-07-27 19:17:38 +0000
committerEric Hameleers <alien@slackware.com>2022-07-28 07:00:16 +0200
commitf5b23a008bdf2abee1c6e082b9a74ca075cdb9ec (patch)
tree3b1f8d944f1bff0b17d50d3f7f54e4ec138216d2 /ChangeLog.txt
parentdbcd8c770799465743aec47da508a7162c7e70db (diff)
downloadcurrent-f5b23a008bdf2abee1c6e082b9a74ca075cdb9ec.tar.gz
Wed Jul 27 19:17:38 UTC 202220220727191738
l/tevent-0.13.0-x86_64-1.txz: Upgraded. n/samba-4.16.4-x86_64-1.txz: Upgraded. This update fixes the following security issues: Samba AD users can bypass certain restrictions associated with changing passwords. Samba AD users can forge password change requests for any user. Samba AD users can crash the server process with an LDAP add or modify request. Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request. Server memory information leak via SMB1. For more information, see: https://www.samba.org/samba/security/CVE-2022-2031.html https://www.samba.org/samba/security/CVE-2022-32744.html https://www.samba.org/samba/security/CVE-2022-32745.html https://www.samba.org/samba/security/CVE-2022-32746.html https://www.samba.org/samba/security/CVE-2022-32742.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742 (* Security fix *)
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r--ChangeLog.txt25
1 files changed, 25 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt
index e7090232..d780079c 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,28 @@
+Wed Jul 27 19:17:38 UTC 2022
+l/tevent-0.13.0-x86_64-1.txz: Upgraded.
+n/samba-4.16.4-x86_64-1.txz: Upgraded.
+ This update fixes the following security issues:
+ Samba AD users can bypass certain restrictions associated with changing
+ passwords.
+ Samba AD users can forge password change requests for any user.
+ Samba AD users can crash the server process with an LDAP add or modify
+ request.
+ Samba AD users can induce a use-after-free in the server process with an
+ LDAP add or modify request.
+ Server memory information leak via SMB1.
+ For more information, see:
+ https://www.samba.org/samba/security/CVE-2022-2031.html
+ https://www.samba.org/samba/security/CVE-2022-32744.html
+ https://www.samba.org/samba/security/CVE-2022-32745.html
+ https://www.samba.org/samba/security/CVE-2022-32746.html
+ https://www.samba.org/samba/security/CVE-2022-32742.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742
+ (* Security fix *)
++--------------------------+
Tue Jul 26 19:27:53 UTC 2022
a/etc-15.1-x86_64-1.txz: Upgraded.
Fixed install script to avoid a warning from chown that "." should be ":".