CLSA-2026-1778766810 samba: Fix of CVE-2023-0922

CVE-2023-0922: set default ldap client sasl wrapping to seal - Refresh samba-pubkeyAA99442FB680B620.gpg expiry extended to 2027-12-12...

CLSA-2026-1778176200 samba: Fix of CVE-2017-15275

CVE-2017-15275: Fix server heap memory information leak by zeroing unused area when messagepushstring grows the talloc buffer...

samba: Fix of CVE-2020-25717

CVE-2020-25717: Adapt CVE's patch to Centos 6 based systems where regular user id starts from 500, so change the default value of the new config parameters added: "min domain uid" to 500...

CVE-2020-1472 affecting package samba for versions less than 4.18.3-1

CVE-2020-1472 affecting package samba for versions less than 4.18.3-1. An upgraded version of the package is available that resolves this issue...

CLSA-2022-1668547929 samba: Fix of CVE-2022-32742

CVE-2022-32742: Fix server memory information leak via SMB1...

USN-5142-3 samba regression

USN-5142-1 fixed vulnerabilities in Samba. Some of the upstream changes introduced a regression in Kerberos authentication in certain environments. Please see the following upstream bug for more information: https://bugzilla.samba.org/showbug.cgi?id=14922 This update fixes the problem. Original...

Zerologon Attacks Against Microsoft DCs Snowball in a Week

A spike in exploitation attempts against the Microsoft vulnerability CVE-2020-1472, known as the Zerologon bug, continues to plague businesses. That’s according to researchers from Cisco Talos, who warned that cybercriminals are redoubling their efforts to trigger the elevation-of-privilege bug i...

Zerologon Patches Roll Out Beyond Microsoft

UPDATE The “perfect” Windows vulnerability known as the Zerologon bug is getting a patch assist from two non-Microsoft sources, as they strive to fill in the gaps that the official fix doesn’t address. They roll out as Microsoft announced that it is tracking active exploitation in the wild. “We...

SUSE-SU-2017:1216-1 Security update for samba

This update for samba fixes the following issues: Security issue fixed: - CVE-2017-2619: symlink race permits opening files outside share directory bsc1027147. For SUSE Linux Enterprise 11 SP4 this is a re-issue of the update, a regression in the fix has been addressed bsc1036283, bso12721...

SUSE-SU-2016:2570-1 Security update for samba

This update for samba provides the following fix: Following security issue was fixed: - CVE-2016-2119: Prevent client-side SMB2 signing downgrade. bsc986869 Also the following bugs were fixed: - Fix possible ctdb crash when opening sockets with htonsIPPROTORAW. bsc969522 - Honor smb.conf socket...

openSUSE Security Update : samba (openSUSE-2016-1111)

This update for samba provides the following fixes : - CVE-2016-2119: Prevent client-side SMB2 signing downgrade. bsc986869 - Fix possible ctdb crash when opening sockets with htonsIPPROTORAW. bsc969522 - Honor smb.conf socket options in winbind. bsc975131 - Fix ntlm-auth segmentation fault with...

Oracle Linux 6 / 7 : samba / and / samba4 (ELSA-2016-0612)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-0612 advisory. ipa 4.2.0-15.0.1.6.1 - Drop redhat-access-plugin-ipa requires for OL7 Blank out header-logo.png product-name.png Replace login-screen-logo.png...