-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3514-1 security@xxxxxxxxxx https://www.debian.org/security/ Salvatore Bonaccorso March 12, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : samba CVE ID : CVE-2015-7560 CVE-2016-0771 Debian Bug : 812429 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2015-7560 Jeremy Allison of Google, Inc. and the Samba Team discovered that Samba incorrectly handles getting and setting ACLs on a symlink path. An authenticated malicious client can use SMB1 UNIX extensions to create a symlink to a file or directory, and then use non-UNIX SMB1 calls to overwrite the contents of the ACL on the file or directory linked to. CVE-2016-0771 Garming Sam and Douglas Bagnall of Catalyst IT discovered that Samba is vulnerable to an out-of-bounds read issue during DNS TXT record handling, if Samba is deployed as an AD DC and chosen to run the internal DNS server. A remote attacker can exploit this flaw to cause a denial of service (Samba crash), or potentially, to allow leakage of memory from the server in the form of a DNS TXT reply. Additionally this update includes a fix for a regression introduced due to the upstream fix for CVE-2015-5252 in DSA-3433-1 in setups where the share path is '/'. For the oldstable distribution (wheezy), these problems have been fixed in version 2:3.6.6-6+deb7u7. The oldstable distribution (wheezy) is not affected by CVE-2016-0771. For the stable distribution (jessie), these problems have been fixed in version 2:4.1.17+dfsg-2+deb8u2. For the unstable distribution (sid), these problems have been fixed in version 2:4.3.6+dfsg-1. We recommend that you upgrade your samba packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJW48PXAAoJEAVMuPMTQ89EvU8P/37E3b5xZG1Gz02LYgppRPHA ZDxFMnVN/jyEqMXBxfY625C3enoz9w3LXa7lsIhgFxbbP76iGRbWKOS8z9hFd60A xDp0v8ysEaBlgjEyvviwrP/IoCNFp7yAVChk5GCR+F27Uf/h5MZv4tAIkeIyGmgc 34XNs0p9WqS4KK0qVYSM8uTXk3nMv0IVWqZGUYMFjr3/yaY3BJ8kld2p1jugOXBI 7avURCGBSzg53LtVGfDgtHIsHbACrmFgKBeuke6iSRCVzk9mpDDjrmkPGNpo8Czs 0i0IhLMR8QCgpRMeo6oPg430uGUcFQD70GVWa1FeodYoo+4g7zS3YfrT7JV47vGh WQKMtdib6/MfzcnZDXeCvaSGPUxjpR15oYbkHcHHh+/urlmA14RbeDUPSiUf24KD bWRUgs4dsoiQtmBao/P1iE461ZMK2jikI0IaLP6yBKSy8Xqahk5BeyVpRnAVcD/t F3rSjEWgukygmgZ5O0zUwLW7StkGCJIZkbfqAni2r1Zd0eZcwD9cnBiE1FP3Jniz 5z+FDNBBpcErKWjVEAHt7rKK+1s+I+RvxDPbzeQHRfZQ4SLKyEegj+w317L8OvRq 7/kJpDBwg45Pk6yaRpVIkieCeqH+IgzT4QuxJhCS9S6xVNHTBZd3iwOnJjBSN8kJ co5XGqr61KEP8R7ECNh5 =BTxT -----END PGP SIGNATURE-----
