[Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-3670/{samba,ldb}

Sat, 30 Apr 2022 00:21:30 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5e6a9f5d by Salvatore Bonaccorso at 2022-04-30T09:20:33+02:00
Update status for CVE-2021-3670/{samba,ldb}

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -50011,11 +50011,21 @@ CVE-2021-3671 (A null pointer de-reference was found 
in the way samba kerberos s
        NOTE: Fixed by (Samba): 
https://gitlab.com/samba-team/samba/-/commit/0cb4b939f192376bf5e33637863a91a20f74c5a5
 CVE-2021-3670 [MaxQueryDuration not honoured in Samba AD DC LDAP]
        RESERVED
-       - samba <unfixed>
+       - ldb 2:2.2.3-1
+       [buster] - ldb <no-dsa> (Minor issue)
+       - samba 2:4.16.0+dfsg-2
+       [bullseye] - samba <no-dsa> (Minor issue)
        [buster] - samba <ignored> (Minor issue; affects Samba as AD DC; cf DSA 
5015-1)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2077533
        NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14694
+       NOTE: 
https://gitlab.com/samba-team/samba/-/commit/dcfcafdbf756e12d9077ad7920eea25478c29f81
        NOTE: 
https://gitlab.com/samba-team/samba/-/commit/86fe9d48883f87c928bf31ccbd275db420386803
+       NOTE: 
https://gitlab.com/samba-team/samba/-/commit/e1ab0c43629686d1d2c0b0b2bcdc90057a792049
+       NOTE: ldb: 
https://gitlab.com/samba-team/samba/-/commit/1d5b155619bc532c46932965b215bd73a920e56f
+       NOTE: 
https://gitlab.com/samba-team/samba/-/commit/2b3af3b560c9617a233c131376c870fce146c002
+       NOTE: 
https://gitlab.com/samba-team/samba/-/commit/5f0590362c5c0c5ee20503a67467f9be2d50e73b
+       NOTE: 
https://gitlab.com/samba-team/samba/-/commit/3507e96b3dcf0c0b8eff7b2c08ffccaf0812a393
+       NOTE: Fixed in ldb 2.5.0, 2.4.2 and 2.3.3
 CVE-2021-37714 (jsoup is a Java library for working with HTML. Those using 
jsoup versi ...)
        - jsoup 1.14.2-1 (bug #992590)
        [bullseye] - jsoup <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e6a9f5debf53a3a71988a73d981528424df2b9e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e6a9f5debf53a3a71988a73d981528424df2b9e
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to