Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:13.1:Update
patchinfo.4627
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.4627
<patchinfo> <category>security</category> <rating>important</rating> <packager>mkubecek</packager> <summary>Security update for samba</summary> <description>This update fixes these security vulnerabilities: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks (bsc#936862). - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication (bsc#973031). - CVE-2016-2111: Domain controller netlogon member computer could have been spoofed (bsc#973032). - CVE-2016-2112: LDAP conenctions were vulnerable to downgrade and MITM attack (bsc#973033). - CVE-2016-2113: TLS certificate validation were missing (bsc#973034). - CVE-2016-2114: "server signing = mandatory" not enforced (bsc#973035). - CVE-2016-2115: Named pipe IPC were vulnerable to MITM attacks (bsc#973036). - CVE-2016-2118: "Badlock" DCERPC impersonation of authenticated account were possible (bsc#971965). The openSUSE 13.1 update also upgrades to samba 4.2.4 as 4.1.x versions are no longer supported by upstream. As a side effect, libpdb0 package was replaced by libsamba-passdb0. </description> <issue tracker="cve" id="2015-5370"/> <issue tracker="cve" id="2016-2110"/> <issue tracker="cve" id="2016-2111"/> <issue tracker="cve" id="2016-2112"/> <issue tracker="cve" id="2016-2113"/> <issue tracker="cve" id="2016-2114"/> <issue tracker="cve" id="2016-2115"/> <issue tracker="cve" id="2016-2118"/> <issue tracker="bnc" id="936862"/> <issue tracker="bnc" id="971965"/> <issue tracker="bnc" id="973031"/> <issue tracker="bnc" id="973032"/> <issue tracker="bnc" id="973033"/> <issue tracker="bnc" id="973034"/> <issue tracker="bnc" id="973035"/> <issue tracker="bnc" id="973036"/> <issue tracker="bso" id="11344"/> <issue tracker="bso" id="11644"/> <issue tracker="bso" id="11688"/> <issue tracker="bso" id="11749"/> <issue tracker="bso" id="11752"/> <issue tracker="bso" id="11756"/> <issue tracker="bso" id="11804"/> <issue tracker="cve" id="2012-6150"/> <issue tracker="cve" id="2013-4408"/> <issue tracker="cve" id="2013-4496"/> <issue tracker="cve" id="2015-0240"/> <issue tracker="cve" id="2015-5252"/> <issue tracker="cve" id="2015-5296"/> <issue tracker="cve" id="2015-5299"/> <issue tracker="cve" id="2015-5330"/> <issue tracker="cve" id="2015-7560"/> <issue tracker="bnc" id="844720"/> <issue tracker="bnc" id="849224"/> <issue tracker="bnc" id="853347"/> <issue tracker="bnc" id="917376"/> <issue tracker="bnc" id="958582"/> <issue tracker="bnc" id="958583"/> <issue tracker="bnc" id="958584"/> <issue tracker="bnc" id="958586"/> <issue tracker="bnc" id="968222"/> <issue tracker="bso" id="11077"/> <issue tracker="bso" id="11395"/> <issue tracker="bso" id="11529"/> <issue tracker="bso" id="11536"/> <issue tracker="bso" id="11599"/> <issue tracker="bso" id="11648"/> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor