scabrero/samba
SHA256
1
0
Fork 0
forked from pool/samba
Code Pull Requests Activity

Accepting request 389361 from home:jmcdough:branches:network:samba:STABLE

Browse Source 
Update to 4.4.2 for badlock

OBS-URL: https://build.opensuse.org/request/show/389361
OBS-URL: https://build.opensuse.org/package/show/network:samba:STABLE/samba?expand=0&rev=536
This commit is contained in:
James McDonough
2016-04-13 11:59:31 +00:00
committed by Git OBS Bridge
parent 47844ba399
commit 8e67baa938
7 changed files with 65 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
samba.changes
View File

@@ -1,3 +1,22 @@
-------------------------------------------------------------------
Sat Apr 9 21:36:02 UTC 2016 - jmcdonough@suse.com
- Update to 4.4.2
+ A man-in-the-middle can downgrade NTLMSSP authentication;
CVE-2016-2110; (bso#11688); (bsc#973031).
+ Domain controller netlogon member computer can be spoofed;
CVE-2016-2111; (bso#11749); (bsc#973032).
+ LDAP conenctions vulnerable to downgrade and MITM attack;
CVE-2016-2112; (bso#11644); (bsc#973033).
+ TLS certificate validation missing; CVE-2016-2113; (bso#11752);
(bsc#973034).
+ Named pipe IPC vulnerable to MITM attacks; CVE-2016-2115;
(bso#11756); (bsc#973036).
+ "Badlock" DCERPC impersonation of authenticated account possible;
CVE-2016-2118; (bso#11804); (bsc#971965).
+ DCERPC server and client vulnerable to DOS and MITM attacks;
CVE-2015-5370; (bso#11344); (bsc#936862).
-------------------------------------------------------------------
Tue Mar 22 17:36:01 UTC 2016 - lmuelle@suse.com