[ubuntu/xenial-proposed] samba 2:4.3.8+dfsg-0ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue Apr 12 17:42:40 UTC 2016 

samba (2:4.3.8+dfsg-0ubuntu1) xenial; urgency=medium

  * SECURITY UPDATE: Updated to 4.3.8 to fix multiple security issues
    - CVE-2015-5370: Multiple errors in DCE-RPC code
    - CVE-2016-2110: Man in the middle attacks possible with NTLMSSP
    - CVE-2016-2111: NETLOGON Spoofing Vulnerability
    - CVE-2016-2112: The LDAP client and server don't enforce integrity
      protection
    - CVE-2016-2113: Missing TLS certificate validation allows man in the
      middle attacks
    - CVE-2016-2114: "server signing = mandatory" not enforced
    - CVE-2016-2115: SMB client connections for IPC traffic are not
      integrity protected
    - CVE-2016-2118: SAMR and LSA man in the middle attacks possible
  * debian/patches/winbind_trusted_domains.patch: make sure domain members
    can talk to trusted domains DCs.

Date: Tue, 12 Apr 2016 07:26:29 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/samba/2:4.3.8+dfsg-0ubuntu1
-------------- next part --------------
Format: 1.8
Date: Tue, 12 Apr 2016 07:26:29 -0400
Source: samba
Binary: samba samba-libs samba-common samba-common-bin smbclient samba-testsuite registry-tools libparse-pidl-perl samba-dev python-samba samba-dsdb-modules samba-vfs-modules libsmbclient libsmbclient-dev winbind libpam-winbind libnss-winbind samba-dbg libwbclient0 libwbclient-dev ctdb
Architecture: source
Version: 2:4.3.8+dfsg-0ubuntu1
Distribution: xenial
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 ctdb       - clustered database to store temporary data
 libnss-winbind - Samba nameservice integration plugins
 libpam-winbind - Windows domain authentication integration plugin
 libparse-pidl-perl - IDL compiler written in Perl
 libsmbclient - shared library for communication with SMB/CIFS servers
 libsmbclient-dev - development files for libsmbclient
 libwbclient-dev - Samba winbind client library - development files
 libwbclient0 - Samba winbind client library
 python-samba - Python bindings for Samba
 registry-tools - tools for viewing and manipulating the Windows registry
 samba      - SMB/CIFS file, print, and login server for Unix
 samba-common - common files used by both the Samba server and client
 samba-common-bin - Samba common files used by both the server and the client
 samba-dbg  - Samba debugging symbols
 samba-dev  - tools for extending Samba
 samba-dsdb-modules - Samba Directory Services Database
 samba-libs - Samba core libraries
 samba-testsuite - test suite from Samba
 samba-vfs-modules - Samba Virtual FileSystem plugins
 smbclient  - command-line SMB/CIFS clients for Unix
 winbind    - service to resolve user and group information from Windows NT ser
Changes:
 samba (2:4.3.8+dfsg-0ubuntu1) xenial; urgency=medium
 .
   * SECURITY UPDATE: Updated to 4.3.8 to fix multiple security issues
     - CVE-2015-5370: Multiple errors in DCE-RPC code
     - CVE-2016-2110: Man in the middle attacks possible with NTLMSSP
     - CVE-2016-2111: NETLOGON Spoofing Vulnerability
     - CVE-2016-2112: The LDAP client and server don't enforce integrity
       protection
     - CVE-2016-2113: Missing TLS certificate validation allows man in the
       middle attacks
     - CVE-2016-2114: "server signing = mandatory" not enforced
     - CVE-2016-2115: SMB client connections for IPC traffic are not
       integrity protected
     - CVE-2016-2118: SAMR and LSA man in the middle attacks possible
   * debian/patches/winbind_trusted_domains.patch: make sure domain members
     can talk to trusted domains DCs.
Checksums-Sha1:
 205e33a5303af4a4802a135d0e9365a634ae2845 4068 samba_4.3.8+dfsg-0ubuntu1.dsc
 839cfcc87e261def73ef2e9ce09a565f399df443 14113072 samba_4.3.8+dfsg.orig.tar.xz
 4d924814a455c47a03747c0cf77b1695a5df0335 227580 samba_4.3.8+dfsg-0ubuntu1.debian.tar.xz
Checksums-Sha256:
 076e2b964fab0d28c73f6c8c24dbe79c3884233a80304bee76663e057d387131 4068 samba_4.3.8+dfsg-0ubuntu1.dsc
 e30ab1e6e061b403ff2ea1e10e9fdb3c9f5c789d68f988e843c1e22865c05680 14113072 samba_4.3.8+dfsg.orig.tar.xz
 e2eeef9f7803aa553c40b54ecf6bbc7cd9198de3f42dd93ef63580eb954eacd0 227580 samba_4.3.8+dfsg-0ubuntu1.debian.tar.xz
Files:
 079d89ba074dfbaaf2ed57151de9f092 4068 net optional samba_4.3.8+dfsg-0ubuntu1.dsc
 580c271c60c917d69a2d7cbb2a73f007 14113072 net optional samba_4.3.8+dfsg.orig.tar.xz
 1fefc830b8dccadd23b38b312a019449 227580 net optional samba_4.3.8+dfsg-0ubuntu1.debian.tar.xz
Original-Maintainer: Debian Samba Maintainers <pkg-samba-maint at lists.alioth.debian.org>

More information about the Xenial-changes mailing list