4.15.9-alt1 built Aug. 15, 2022 Evgeny Sinelnikov in task #302667
July 31, 2022 Evgeny Sinelnikov
- Update to security release of Samba 4.15
- Security fixes:
+ CVE-2022-2031: Samba AD users can bypass certain restrictions associated
with changing passwords (Samba#15047).
+ CVE-2022-32744: Samba AD users can forge password change requests for any
user (Samba#15074).
+ CVE-2022-32745: Samba AD users can crash the server process with an LDAP add
or modify request (Samba#15008).
+ CVE-2022-32746: Samba AD users can induce a use-after-free in the server
process with an LDAP add or modify request (Samba#15009).
+ CVE-2022-32742: Server memory information leak via SMB1 (Samba#15085).