Overview

File _patchinfo of Package patchinfo.21723

<patchinfo incident="21723">
  <issue tracker="cve" id="2016-2124"/>
  <issue tracker="cve" id="2021-23192"/>
  <issue tracker="cve" id="2020-25717"/>
  <issue tracker="bnc" id="1014440">VUL-0: EMBARGOED: CVE-2016-2124: samba: don't fallback to non spnego authentication if we require kerberos</issue>
  <issue tracker="bnc" id="1192214">VUL-0: EMBARGOED: CVE-2021-23192: samba: dcerpc requests don't check all fragments against the first auth_state</issue>
  <issue tracker="bnc" id="1192284">VUL-0: EMBARGOED: CVE-2020-25717: samba: A user on the domain can become root on domain members</issue>
  <packager>npower</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for samba</summary>
  <description>This update for samba fixes the following issues:

- CVE-2016-2124: Fixed not to fallback to non spnego authentication if we require kerberos (bsc#1014440).
- CVE-2020-25717: Fixed privilege escalation inside an AD Domain where a user could become root on domain members (bsc#1192284).
- CVE-2021-23192: Fixed dcerpc requests to don't check all fragments against the first auth_state (bsc#1192214).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places