[SECURITY] [DSA 5477-1] samba security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 5477-1] samba security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Mon, 14 Aug 2023 18:38:41 +0000
Message-id: <[🔎] ZNp0sVQi+j5KQ8SB@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5477-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
August 14, 2023                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : samba
CVE ID         : CVE-2022-2127 CVE-2023-3347 CVE-2023-34966 CVE-2023-34967 
                 CVE-2023-34968
Debian Bug     : 1041043

Several vulnerabilities have been discovered in Samba, which could result
in information disclosure, denial of service or insufficient enforcement
of security-relevant config directives.

The version of Samba in the oldstable distribution (bullseye) cannot be
fully supported further: If you are using Samba as a domain controller
you should either upgrade to the stable distribution or if that's not
an immediate option consider to migrate to Samba from bullseye-backports
(which will be kept updated to the version in stable). Operating Samba
as a file/print server will continue to be supported, a separate DSA
will provide an update update along with documentation about the scope
of continued support.

For the stable distribution (bookworm), these problems have been fixed in
version 2:4.17.10+dfsg-0+deb12u1.

We recommend that you upgrade your samba packages.

For the detailed security status of samba please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/samba

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmTadJsACgkQEMKTtsN8
TjamWhAAr1DOVp9DBJATMyIq2Dqcv9O6x4ipPU/NE0oLG95m9b2kTgakUuj+wQLP
mVfbVi1n9IuRDWW16BH4b63gEx2Yvul4jDBJr42WzawBJVdnQhvNCUavmWgsdCiJ
jc8+bSAiYYN0p076G1AoIastRPoXGjX1tQ/b1iFHG8tC9qX6qCdJy7GFlPClQqYs
K0DdLLj1iz872rlL14zi4znHz3Gsf8d+TNmMVfMqG3aswHiYbrKd954c3/zv51zC
DSm85I6YSgi4+4oCLqJbjlfCFFV+68U5PW86XhPSjHBA6//cvFtIdxVjqisQtV6T
q+kPIMybAkdmG8Z+XLaPIOsBty957XMIYp0S84wTIX/MhlQ+Z6Jns5bU6yQJYN78
ZUqamCFGMEIPO7srQDUWEG77wOJ1Jvlj70sV7Zaz9XJkGlZamJsHMBE5rlg0glKr
gogApnCbiQgKwJcbYxjdM2CKPg8329J0Mt9HqQFxBQC0Ig005+7B+zZUMMpRdQni
HLRgZ4deBWAP3dowt/wSfcNgqOg2SyCKPm4nSllhkesXcJwUGPAktoRNhorxMqiN
dmOAvfYZu+HaPYKVnsdfsjUlI0Z0n+QTsaen48cAYNClNeLQySW3zpEkSqWkNJ/S
YCPU6KabOxeXFjl2LVUTy0FHdO4fnqZJo/egS0ydgkv0t8Iwja4=
=Roie
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 5476-1] gst-plugins-ugly1.0 security update
Next by Date: [SECURITY] [DSA 5478-1] openjdk-11 security update
Previous by thread: [SECURITY] [DSA 5476-1] gst-plugins-ugly1.0 security update
Next by thread: [SECURITY] [DSA 5478-1] openjdk-11 security update
Index(es):
- Date
- Thread