Bug#987308: marked as done (cifs-utils: CVE-2021-20208: cifs.upcall kerberos auth leak in container)

Thu, 06 May 2021 12:51:18 -0700 

Your message dated Thu, 06 May 2021 19:48:27 +0000
with message-id <[email protected]>
and subject line Bug#987308: fixed in cifs-utils 2:6.11-3
has caused the Debian Bug report #987308,
regarding cifs-utils: CVE-2021-20208: cifs.upcall kerberos auth leak in 
container
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
987308: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987308
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Source: cifs-utils
Version: 2:6.11-2
Severity: important
Tags: security upstream
Forwarded: https://bugzilla.samba.org/show_bug.cgi?id=14651
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>

Hi,

The following vulnerability was published for cifs-utils.

CVE-2021-20208[0]:
| A flaw was found in cifs-utils in versions before 6.13. A user when
| mounting a krb5 CIFS file system from within a container can use
| Kerberos credentials of the host. The highest threat from this
| vulnerability is to data confidentiality and integrity.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-20208
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20208
[1] https://bugzilla.samba.org/show_bug.cgi?id=14651
[2] https://lists.samba.org/archive/samba-technical/2021-April/136467.html
[3] 
https://git.samba.org/cifs-utils.git/?p=cifs-utils.git;a=commit;h=e461afd8cfa6d0781ae0c5c10e89b6ef1ca6da32

Regards,
Salvatore

--- End Message ---
--- Begin Message --- 
Source: cifs-utils
Source-Version: 2:6.11-3
Done: Mathieu Parent <[email protected]>

We believe that the bug you reported is fixed in the latest version of
cifs-utils, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mathieu Parent <[email protected]> (supplier of updated cifs-utils package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 06 May 2021 21:24:29 +0200
Source: cifs-utils
Architecture: source
Version: 2:6.11-3
Distribution: unstable
Urgency: high
Maintainer: Debian Samba Maintainers <[email protected]>
Changed-By: Mathieu Parent <[email protected]>
Closes: 987308
Changes:
 cifs-utils (2:6.11-3) unstable; urgency=high
 .
   * CVE-2021-20208: cifs.upcall kerberos auth leak in container
     (Closes: #987308)
Checksums-Sha1:
 d497aacb5042cd406c425b75eac1303ddf692346 2508 cifs-utils_6.11-3.dsc
 15b526091dc41f4030e6bb6d3c20e3512004d8f7 11676 cifs-utils_6.11-3.debian.tar.xz
 dd7115609bf3250af93422df09bbea442502d17b 6448 
cifs-utils_6.11-3_source.buildinfo
Checksums-Sha256:
 6620bbed9c20741bbf62ba7d040dcbf049821ba155c9d7fb6193ffbdcddf0902 2508 
cifs-utils_6.11-3.dsc
 a935b6d50692d3aea4fd58fbaf3aa4382b33f40b2deca2035404449401f0ae1f 11676 
cifs-utils_6.11-3.debian.tar.xz
 55b3943a89da9fa023769da7a3ac35269ac07a412598df388298e19c87096ce7 6448 
cifs-utils_6.11-3_source.buildinfo
Files:
 0ebc0f98c02b79f8af3be75ffe9a2c41 2508 otherosfs optional cifs-utils_6.11-3.dsc
 bcac4d80a962a056f49e1c51a7f5ca1d 11676 otherosfs optional 
cifs-utils_6.11-3.debian.tar.xz
 97de6c2f5ee80c65ac52ae6357a991ed 6448 otherosfs optional 
cifs-utils_6.11-3_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJHBAEBCgAxFiEEqqWLhC6ILPQU4Lqxp8cqHHgrjD8FAmCUReUTHHNhdGhpZXVA
ZGViaWFuLm9yZwAKCRCnxyoceCuMP/TwD/4kW1LvOx7W5gXfNSnWiQYOQjNpAMfw
P3G4xrak+XenvWJXO9H+OAusiauiEpUVM2A5gCZq9rGSIHVyrZyg0m+ovqUR1tPy
wEbLWluQKkayoq2Rv+p7Dv33iAtzHagbcNHWI5LjUf+fqskhUwRHPTO4JPqPQmQz
3TTVOes7vmCs+BJCeT92kTi/ulZ9tmpYrqYKFH/NqrizTvDf9+1TR70b7LotNIlj
qmzw7gcDXjkt08vXy/t+UWJUu1amsFpQAXU8xfA1vZ8Pycxb4UaHGLvGkOiYOCsp
ImplLJ0Ab2KektgrZ2OiLcE+lLAKlSWanaCKC2SVfb9RupLatyvEdthpcBscS4Zk
DVfckGabY8SU/9D8/CYg0VmYrS/6qODQIEpsHXrc6pmIVUOzCWCeXU0UYYdYRUZG
9wjCUetFbFaDg3Y31iYjhPjTRxOr5c5PBeGypESnQf7UFxEJuTJqxeytJf1m0JL4
XTdajvCT1FSh62kODsLZZlmDSOjlgkYAAinmWyB9eehvygjboAWTzqXVugU1X+iK
AlQIxmzi5kko7JrceKmYOer87+CiTzYF5quRVC/uCwmDEX6krnJIk5lGpnfsrYff
b+nNXO8jitlCrlqRkllXukYohDOahhvUuds1cu5hd1rxEBNNHwnJD9nKD3p2QG35
lZ+Su+8zMxXxTg==
=Cf9q
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to