4.16.10-alt1 built April 14, 2023 Evgeny Sinelnikov in task #317735
March 29, 2023 Evgeny Sinelnikov
- Update to security release of Samba 4.16 with update libldb to 2.5.3:
+ ldb wildcard matching makes excessive allocations (Samba#15331).
- Security fixes (Samba#15270, Samba#15315):
+ CVE-2023-0922: The Samba AD DC administration tool, when operating against a
remote LDAP server, will by default send new or reset
passwords over a signed-only connection.
https://www.samba.org/samba/security/CVE-2023-0922.html
+ CVE-2023-0614: The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919
Confidential attribute disclosure via LDAP filters was
insufficient and an attacker may be able to obtain
confidential BitLocker recovery keys from a Samba AD DC.
Installations with such secrets in their Samba AD should
assume they have been obtained and need replacing.
https://www.samba.org/samba/security/CVE-2023-0614.html
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ALT Linux | 10 | src | samba | < 4.16.10-alt1 | samba-4.16.10-alt1.src.rpm |
ALT Linux | 10 | noarch | admx-samba | < 4.16.10-alt1 | admx-samba-4.16.10-alt1.noarch.rpm |
ALT Linux | 10 | noarch | samba-common | < 4.16.10-alt1 | samba-common-4.16.10-alt1.noarch.rpm |
ALT Linux | 10 | noarch | samba-common-client | < 4.16.10-alt1 | samba-common-client-4.16.10-alt1.noarch.rpm |
ALT Linux | 10 | noarch | samba-dc-common | < 4.16.10-alt1 | samba-dc-common-4.16.10-alt1.noarch.rpm |
ALT Linux | 10 | noarch | samba-doc | < 4.16.10-alt1 | samba-doc-4.16.10-alt1.noarch.rpm |
ALT Linux | 10 | noarch | samba-pidl | < 4.16.10-alt1 | samba-pidl-4.16.10-alt1.noarch.rpm |
ALT Linux | 10 | noarch | task-samba-dc | < 4.16.10-alt1 | task-samba-dc-4.16.10-alt1.noarch.rpm |
ALT Linux | 10 | noarch | task-samba-dc-mitkrb5 | < 4.16.10-alt1 | task-samba-dc-mitkrb5-4.16.10-alt1.noarch.rpm |
ALT Linux | 10 | x86_64 | libldb-modules-dc | < 4.16.10-alt1 | libldb-modules-dc-4.16.10-alt1.x86_64.rpm |