Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
patchinfo.27033
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.27033
<patchinfo incident="27033"> <issue tracker="bnc" id="1201492">VUL-0: CVE-2022-32745: samba, ldb: AD users can crash the server process with an LDAP add or modify request</issue> <issue tracker="bnc" id="1205126">VUL-0: CVE-2022-42898: krb5: samba: heimdal: Samba buffer overflow vulnerabilities on 32-bit systems</issue> <issue tracker="bnc" id="1201490">VUL-0: CVE-2022-32746: samba,ldb: Use-after-free occurring in database audit logging module</issue> <issue tracker="bnc" id="1201689">bind9.16 and samba-ad-dc-4.15.7 using bind as backed systemd issue</issue> <issue tracker="bnc" id="1201493">VUL-0: CVE-2022-32744: samba, ldb: AD users can forge password change requests for any user</issue> <issue tracker="bnc" id="1201496">VUL-0: CVE-2022-32742: samba: Server memory information leak via SMB1</issue> <issue tracker="bnc" id="1200102">SLES 15 SP3 - smbd dumps core randomly - ref:_00D1igLOd._5005q5zV47:ref</issue> <issue tracker="bnc" id="1204254">VUL-0: CVE-2022-3437: samba: Buffer overflow in Heimdal unwrap_des3()</issue> <issue tracker="bnc" id="1201495">VUL-0: CVE-2022-2031: samba, ldb: AD users can bypass certain restrictions associated with changing passwords</issue> <issue tracker="cve" id="2022-32744"/> <issue tracker="cve" id="2022-32742"/> <issue tracker="cve" id="2022-2031"/> <issue tracker="cve" id="2022-32746"/> <issue tracker="cve" id="2022-42898"/> <issue tracker="cve" id="2022-3437"/> <issue tracker="cve" id="2022-32745"/> <packager>scabrero</packager> <rating>important</rating> <category>security</category> <summary>Security update for samba</summary> <description>This update for samba fixes the following issues: Version update to 4.15.12. Security issues fixed: - CVE-2022-2031: Fixed AD users that could have bypassed certain restrictions associated with changing passwords (bsc#1201495). - CVE-2022-32742: Fixed SMB1 code that does not correctly verify SMB1write, SMB1write_and_close, SMB1write_and_unlock lengths (bsc#1201496). - CVE-2022-32744: Fixed AD users that could have forged password change requests for any user (bsc#1201493). - CVE-2022-32745: Fixed AD users that could have crashed the server process with an LDAP add or modify request (bsc#1201492). - CVE-2022-32746: Fixed a use-after-free occurring in database audit logging (bsc#1201490). - CVE-2022-3437: Fixed buffer overflow in Heimdal unwrap_des3() (bsc#1204254). - CVE-2022-42898: Fixed Samba buffer overflow vulnerabilities on 32-bit systems (bsc#1205126). Bug fixes: - Install a systemd drop-in file for named service to allow read/write access to the DLZ directory (bsc#1201689). - Possible use after free of connection_struct when iterating smbd_server_connection->connections (bsc#1200102). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor