The branch, master has been updated
       via  8767547 NEWS[4.6.6]: Samba 4.6.6, 4.5.12 and 4.4.15 Available for 
Download
       via  de78c05 history/security.html: use https:// links to cve.mitre.org
      from  2d24171 Add Samba 4.5.11.

https://git.samba.org/?p=samba-web.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 87675472f69ecd525a3616a54981ca9247741a09
Author: Stefan Metzmacher <me...@samba.org>
Date:   Wed Jul 12 11:23:34 2017 +0200

    NEWS[4.6.6]: Samba 4.6.6, 4.5.12 and 4.4.15 Available for Download
    
    Signed-off-by: Stefan Metzmacher <me...@samba.org>

commit de78c05447ee7291ae4b8be60680005ce1b087af
Author: Stefan Metzmacher <me...@samba.org>
Date:   Wed Jul 12 12:46:23 2017 +0200

    history/security.html: use https:// links to cve.mitre.org
    
    metze

-----------------------------------------------------------------------

Summary of changes:
 history/header_history.html                     |   3 +
 history/samba-4.4.15.html                       |  52 +++++++
 history/samba-4.5.12.html                       |  52 +++++++
 history/samba-4.6.6.html                        |  52 +++++++
 history/security.html                           | 185 +++++++++++++-----------
 posted_news/20170712-101055.4.6.6.body.html     |  24 +++
 posted_news/20170712-101055.4.6.6.headline.html |   3 +
 security/CVE-2017-11103.html                    |  89 ++++++++++++
 8 files changed, 374 insertions(+), 86 deletions(-)
 create mode 100644 history/samba-4.4.15.html
 create mode 100644 history/samba-4.5.12.html
 create mode 100644 history/samba-4.6.6.html
 create mode 100644 posted_news/20170712-101055.4.6.6.body.html
 create mode 100644 posted_news/20170712-101055.4.6.6.headline.html
 create mode 100644 security/CVE-2017-11103.html


Changeset truncated at 500 lines:

diff --git a/history/header_history.html b/history/header_history.html
index b6d7d22..03f4f1b 100755
--- a/history/header_history.html
+++ b/history/header_history.html
@@ -9,12 +9,14 @@
                <li><a href="/samba/history/">Release Notes</a>
                <li class="navSub">
                        <ul>
+                       <li><a href="samba-4.6.5.html">samba-4.6.6</a></li>
                        <li><a href="samba-4.6.5.html">samba-4.6.5</a></li>
                        <li><a href="samba-4.6.4.html">samba-4.6.4</a></li>
                        <li><a href="samba-4.6.3.html">samba-4.6.3</a></li>
                        <li><a href="samba-4.6.2.html">samba-4.6.2</a></li>
                        <li><a href="samba-4.6.1.html">samba-4.6.1</a></li>
                        <li><a href="samba-4.6.0.html">samba-4.6.0</a></li>
+                       <li><a href="samba-4.5.11.html">samba-4.5.12</a></li>
                        <li><a href="samba-4.5.11.html">samba-4.5.11</a></li>
                        <li><a href="samba-4.5.10.html">samba-4.5.10</a></li>
                        <li><a href="samba-4.5.9.html">samba-4.5.9</a></li>
@@ -27,6 +29,7 @@
                        <li><a href="samba-4.5.2.html">samba-4.5.2</a></li>
                        <li><a href="samba-4.5.1.html">samba-4.5.1</a></li>
                        <li><a href="samba-4.5.0.html">samba-4.5.0</a></li>
+                       <li><a href="samba-4.4.14.html">samba-4.4.15</a></li>
                        <li><a href="samba-4.4.14.html">samba-4.4.14</a></li>
                        <li><a href="samba-4.4.13.html">samba-4.4.13</a></li>
                        <li><a href="samba-4.4.12.html">samba-4.4.12</a></li>
diff --git a/history/samba-4.4.15.html b/history/samba-4.4.15.html
new file mode 100644
index 0000000..131d15e
--- /dev/null
+++ b/history/samba-4.4.15.html
@@ -0,0 +1,52 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
+<html xmlns="http://www.w3.org/1999/xhtml";>
+<head>
+<title>Samba 4.4.15 - Release Notes</title>
+</head>
+<body>
+<H2>Samba 4.4.15 Available for Download</H2>
+<p>
+<a 
href="https://download.samba.org/pub/samba/stable/samba-4.4.15.tar.gz";>Samba 
4.4.15 (gzipped)</a><br>
+<a 
href="https://download.samba.org/pub/samba/stable/samba-4.4.15.tar.asc";>Signature</a>
+</p>
+<p>
+<a 
href="https://download.samba.org/pub/samba/patches/samba-4.4.14-4.4.15.diffs.gz";>Patch
 (gzipped) against Samba 4.4.14</a><br>
+<a 
href="https://download.samba.org/pub/samba/patches/samba-4.4.14-4.4.15.diffs.asc";>Signature</a>
+</p>
+<p>
+<pre>
+                   ==============================
+                   Release Notes for Samba 4.4.15
+                            July 12, 2017
+                   ==============================
+
+
+This is a security release in order to address the following defect:
+
+o  CVE-2017-11103 (Orpheus&apos; Lyre mutual authentication validation bypass)
+
+=======
+Details
+=======
+
+o  CVE-2017-11103 (Heimdal):
+   All versions of Samba from 4.0.0 onwards using embedded Heimdal
+   Kerberos are vulnerable to a man-in-the-middle attack impersonating
+   a trusted server, who may gain elevated access to the domain by
+   returning malicious replication or authorization data.
+
+   Samba binaries built against MIT Kerberos are not vulnerable.
+
+
+Changes since 4.4.14:
+---------------------
+
+o  Jeffrey Altman &lt;jalt...@secure-endpoints.com&gt;
+   * BUG 12894: CVE-2017-11103: Orpheus&apos; Lyre KDC-REP service name 
validation
+
+
+</pre>
+</p>
+</body>
+</html>
diff --git a/history/samba-4.5.12.html b/history/samba-4.5.12.html
new file mode 100644
index 0000000..8791ad1
--- /dev/null
+++ b/history/samba-4.5.12.html
@@ -0,0 +1,52 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
+<html xmlns="http://www.w3.org/1999/xhtml";>
+<head>
+<title>Samba 4.5.12 - Release Notes</title>
+</head>
+<body>
+<H2>Samba 4.5.12 Available for Download</H2>
+<p>
+<a 
href="https://download.samba.org/pub/samba/stable/samba-4.5.12.tar.gz";>Samba 
4.5.12 (gzipped)</a><br>
+<a 
href="https://download.samba.org/pub/samba/stable/samba-4.5.12.tar.asc";>Signature</a>
+</p>
+<p>
+<a 
href="https://download.samba.org/pub/samba/patches/samba-4.5.11-4.5.12.diffs.gz";>Patch
 (gzipped) against Samba 4.5.11</a><br>
+<a 
href="https://download.samba.org/pub/samba/patches/samba-4.5.11-4.5.12.diffs.asc";>Signature</a>
+</p>
+<p>
+<pre>
+                   ==============================
+                   Release Notes for Samba 4.5.12
+                            July 12, 2017
+                   ==============================
+
+
+This is a security release in order to address the following defect:
+
+o  CVE-2017-11103 (Orpheus&apos; Lyre mutual authentication validation bypass)
+
+=======
+Details
+=======
+
+o  CVE-2017-11103 (Heimdal):
+   All versions of Samba from 4.0.0 onwards using embedded Heimdal
+   Kerberos are vulnerable to a man-in-the-middle attack impersonating
+   a trusted server, who may gain elevated access to the domain by
+   returning malicious replication or authorization data.
+
+   Samba binaries built against MIT Kerberos are not vulnerable.
+
+
+Changes since 4.5.11:
+---------------------
+
+o  Jeffrey Altman &lt;jalt...@secure-endpoints.com&gt;
+   * BUG 12894: CVE-2017-11103: Orpheus&apos; Lyre KDC-REP service name 
validation
+
+
+</pre>
+</p>
+</body>
+</html>
diff --git a/history/samba-4.6.6.html b/history/samba-4.6.6.html
new file mode 100644
index 0000000..5d34853
--- /dev/null
+++ b/history/samba-4.6.6.html
@@ -0,0 +1,52 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
+<html xmlns="http://www.w3.org/1999/xhtml";>
+<head>
+<title>Samba 4.6.6 - Release Notes</title>
+</head>
+<body>
+<H2>Samba 4.6.6 Available for Download</H2>
+<p>
+<a href="https://download.samba.org/pub/samba/stable/samba-4.6.6.tar.gz";>Samba 
4.6.6 (gzipped)</a><br>
+<a 
href="https://download.samba.org/pub/samba/stable/samba-4.6.6.tar.asc";>Signature</a>
+</p>
+<p>
+<a 
href="https://download.samba.org/pub/samba/patches/samba-4.6.5-4.6.6.diffs.gz";>Patch
 (gzipped) against Samba 4.6.5</a><br>
+<a 
href="https://download.samba.org/pub/samba/patches/samba-4.6.5-4.6.6.diffs.asc";>Signature</a>
+</p>
+<p>
+<pre>
+                   =============================
+                   Release Notes for Samba 4.6.6
+                            July 12, 2017
+                   =============================
+
+
+This is a security release in order to address the following defect:
+
+o  CVE-2017-11103 (Orpheus&apos; Lyre mutual authentication validation bypass)
+
+=======
+Details
+=======
+
+o  CVE-2017-11103 (Heimdal):
+   All versions of Samba from 4.0.0 onwards using embedded Heimdal
+   Kerberos are vulnerable to a man-in-the-middle attack impersonating
+   a trusted server, who may gain elevated access to the domain by
+   returning malicious replication or authorization data.
+
+   Samba binaries built against MIT Kerberos are not vulnerable.
+
+
+Changes since 4.6.5:
+---------------------
+
+o  Jeffrey Altman &lt;jalt...@secure-endpoints.com&gt;
+   * BUG 12894: CVE-2017-11103: Orpheus&apos; Lyre KDC-REP service name 
validation
+
+
+</pre>
+</p>
+</body>
+</html>
diff --git a/history/security.html b/history/security.html
index c2081ea..8f8dd63 100755
--- a/history/security.html
+++ b/history/security.html
@@ -22,13 +22,26 @@ link to full release notes for each release.</p>
       </tr>
 
     <tr>
+       <td>12 July 2017</td>
+       <td><a 
href="/samba/ftp/patches/security/samba-4.x.y-CVE-2017-11103.patch">
+       patch for Samba 4.x.y</a><br />
+       <td>Orpheus&apos; Lyre mutual authentication validation bypass.
+       </td>
+       <td>All versions between Samba 4.0.0 and 4.6.6/4.5.12/4.4.15</td>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11103";>CVE-2017-11103</a>
+       </td>
+       <td><a href="/samba/security/CVE-2017-11103.html">Announcement</a>
+       </td>
+    </tr>
+
+    <tr>
        <td>24 May 2017</td>
        <td><a 
href="/samba/ftp/patches/security/samba-4.6.3-4.5.9-4.4.13-CVE-2017-7494.patch">
        patch for Samba 4.6.3, 4.5.9, 4.4.13</a><br />
        <td>Remote code execution from a writable share.
        </td>
        <td>All versions between Samba 3.5.0 and 4.6.4/4.5.10/4.4.14</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7494";>CVE-2017-7494</a>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7494";>CVE-2017-7494</a>
        </td>
        <td><a href="/samba/security/CVE-2017-7494.html">Announcement</a>
        </td>
@@ -45,7 +58,7 @@ link to full release notes for each release.</p>
        <td>Symlink race allows access outside share definition.
        </td>
        <td>All versions of Samba prior to 4.6.1, 4.5.7, 4.4.12</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2619";>CVE-2017-2619</a>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2619";>CVE-2017-2619</a>
        </td>
        <td><a href="/samba/security/CVE-2017-2619.html">Announcement</a>
        </td>
@@ -62,9 +75,9 @@ link to full release notes for each release.</p>
        <td>Numerous CVEs. Please see the announcements for details.
        </td>
        <td>please refer to the advisories</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123";>CVE-2016-2123</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125";>CVE-2016-2125</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126";>CVE-2016-2126</a>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123";>CVE-2016-2123</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125";>CVE-2016-2125</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126";>CVE-2016-2126</a>
        </td>
        <td><a href="/samba/security/CVE-2016-2123.html">Announcement</a>, 
            <a href="/samba/security/CVE-2016-2125.html">Announcement</a>, 
@@ -83,7 +96,7 @@ link to full release notes for each release.</p>
        <td>Client side SMB2/3 required signing can be downgraded.
        </td>
        <td>4.0.0 - 4.4.4</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119";>CVE-2016-2119</a>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119";>CVE-2016-2119</a>
        </td>
        <td><a href="/samba/security/CVE-2016-2119.html">Announcement</a>
        </td>
@@ -104,14 +117,14 @@ link to full release notes for each release.</p>
        <td>Numerous CVEs. Please see the announcements for details.
        </td>
        <td>please refer to the advisories</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370";>CVE-2015-5370</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110";>CVE-2016-2110</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111";>CVE-2016-2111</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112";>CVE-2016-2112</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113";>CVE-2016-2113</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114";>CVE-2016-2114</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115";>CVE-2016-2115</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118";>CVE-2016-2118</a>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370";>CVE-2015-5370</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110";>CVE-2016-2110</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111";>CVE-2016-2111</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112";>CVE-2016-2112</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113";>CVE-2016-2113</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114";>CVE-2016-2114</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115";>CVE-2016-2115</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118";>CVE-2016-2118</a>
        </td>
        <td><a href="/samba/security/CVE-2015-5370.html">Announcement</a>
            <a href="/samba/security/CVE-2016-2110.html">Announcement</a>
@@ -135,8 +148,8 @@ link to full release notes for each release.</p>
        <td>Incorrect ACL get/set allowed on symlink path, Out-of-bounds read 
in internal DNS server.
        </td>
        <td>please refer to the advisories</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560";>CVE-2015-7560</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771";>CVE-2016-0771</a>,
 
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560";>CVE-2015-7560</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771";>CVE-2016-0771</a>,
 
        </td>
        <td><a href="/samba/security/CVE-2015-7560.html">Announcement</a>
            <a href="/samba/security/CVE-2016-0771.html">Announcement</a>
@@ -156,13 +169,13 @@ link to full release notes for each release.</p>
        <td>Numerous CVEs. Please see the announcements for details.
        </td>
        <td>3.0.0 to 4.3.2</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223";>CVE-2015-3223</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252";>CVE-2015-5252</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296";>CVE-2015-5296</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299";>CVE-2015-5299</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330";>CVE-2015-5330</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540";>CVE-2015-7540</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467";>CVE-2015-8467</a>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223";>CVE-2015-3223</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252";>CVE-2015-5252</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296";>CVE-2015-5296</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299";>CVE-2015-5299</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330";>CVE-2015-5330</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540";>CVE-2015-7540</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467";>CVE-2015-8467</a>
        </td>
        <td><a href="/samba/security/CVE-2015-3223.html">Announcement</a>
            <a href="/samba/security/CVE-2015-5252.html">Announcement</a>
@@ -187,7 +200,7 @@ link to full release notes for each release.</p>
        <td>Unexpected code execution in smbd.
        </td>
        <td>3.5.0 - 4.2.0rc4</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0240";>CVE-2015-0240</a>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0240";>CVE-2015-0240</a>
        </td>
        <td><a href="/samba/security/CVE-2015-0240.html">Announcement</a>
        </td>
@@ -202,7 +215,7 @@ link to full release notes for each release.</p>
        <td>Elevation of privilege to Active Directory Domain Controller.
        </td>
        <td>4.0.0 - 4.1.15</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8143";>CVE-2014-8143</a>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8143";>CVE-2014-8143</a>
        </td>
        <td><a href="/samba/security/CVE-2014-8143.html">Announcement</a>
        </td>
@@ -217,7 +230,7 @@ link to full release notes for each release.</p>
        <td>Remote code execution in nmbd.
        </td>
        <td>4.0.0 - 4.1.10</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3560";>CVE-2014-3560</a>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3560";>CVE-2014-3560</a>
        </td>
        <td><a href="/samba/security/CVE-2014-3560.html">Announcement</a>
        </td>
@@ -234,8 +247,8 @@ link to full release notes for each release.</p>
        <td>Denial of service - CPU loop, Denial of service - Server 
crash/memory corruption.
        </td>
        <td>please refer to the advisories</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244";>CVE-2014-0244</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493";>CVE-2014-3493</a>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244";>CVE-2014-0244</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493";>CVE-2014-3493</a>
        </td>
        <td><a href="/samba/security/CVE-2014-0244.html">Announcement</a>
            <a href="/samba/security/CVE-2014-3493.html">Announcement</a>
@@ -253,8 +266,8 @@ link to full release notes for each release.</p>
        <td>Uninitialized memory exposure, Potential DOS in Samba internal DNS 
server.
        </td>
        <td>please refer to the advisories</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178";>CVE-2014-0178</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0239";>CVE-2014-0239</a>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178";>CVE-2014-0178</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0239";>CVE-2014-0239</a>
        </td>
        <td><a href="/samba/security/CVE-2014-0178.html">Announcement</a>
            <a href="/samba/security/CVE-2014-0239.html">Announcement</a>
@@ -273,8 +286,8 @@ link to full release notes for each release.</p>
                or directory ACL by mistake.
        </td>
        <td>please refer to the advisories</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4496";>CVE-2013-4496</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6442";>CVE-2013-6442</a>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4496";>CVE-2013-4496</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6442";>CVE-2013-6442</a>
        </td>
        <td><a href="/samba/security/CVE-2013-4496.html">Announcement</a>
            <a href="/samba/security/CVE-2013-6442.html">Announcement</a>
@@ -296,8 +309,8 @@ link to full release notes for each release.</p>
        <td>DCE-RPC fragment length field is incorrectly checked, pam_winbind
        login without require_membership_of restrictions.</td>
        <td>please refer to the advisories</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408";>CVE-2013-4408</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6150";>CVE-2012-6150</a>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408";>CVE-2013-4408</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6150";>CVE-2012-6150</a>
        </td>
        <td><a href="/samba/security/CVE-2013-4408.html">Announcement</a>
            <a href="/samba/security/CVE-2012-6150.html">Announcement</a>
@@ -315,8 +328,8 @@ link to full release notes for each release.</p>
        <td>ACLs are not checked on opening an alternate data stream on a file
            or directory, Private key in key.pem world readable.</td>
        <td>3.2.0 - 4.1.0, 4.0.0 - 4.0.10, 4.1.0</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475";>CVE-2013-4475</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4476";>CVE-2013-4476</a>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475";>CVE-2013-4475</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4476";>CVE-2013-4476</a>
        </td>
        <td><a href="/samba/security/CVE-2013-4475.html">Announcement</a>
            <a href="/samba/security/CVE-2013-4476.html">Announcement</a>
@@ -334,7 +347,7 @@ link to full release notes for each release.</p>
        <td>Denial of service - CPU loop and memory allocation.</td>
        <td>3.0.x-4.0.7</td>
        <td><a
-       
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4124";>CVE-2013-4124</a>
+       
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4124";>CVE-2013-4124</a>
        </td>
        <td><a href="/samba/security/CVE-2013-4124.html">Announcement</a>
        </td>
@@ -346,7 +359,7 @@ link to full release notes for each release.</p>
        patch for Samba 3.6.5</a>
        <td>A writable configured share might get read only</td>
        <td>3.6.0 - 3.6.5 (inclusive)</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0454";>CVE-2013-0454</a>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0454";>CVE-2013-0454</a>
        </td>
        <td><a href="/samba/security/CVE-2013-0454.html">Announcement</a>
        </td>
@@ -359,7 +372,7 @@ link to full release notes for each release.</p>
        <td>World-writeable files may be created in additional shares on a Samba
        4.0 AD DC.</td>
        <td>4.0.0rc6-4.0.3</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1863";>CVE-2013-1863</a>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1863";>CVE-2013-1863</a>
        </td>
        <td><a href="/samba/security/CVE-2013-1863.html">Announcement</a>
        </td>
@@ -375,8 +388,8 @@ link to full release notes for each release.</p>
        patch for Samba 3.5.20</a><br />
        <td>Clickjacking issue and potential XSRF in SWAT.</td>
        <td>3.0.x-4.0.1</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0213";>CVE-2013-0213</a>,
 
-           <a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0214";>CVE-2013-0214</a>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0213";>CVE-2013-0213</a>,
 
+           <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0214";>CVE-2013-0214</a>
        </td>
        <td><a href="/samba/security/CVE-2013-0213.html">Announcement</a>
            <a href="/samba/security/CVE-2013-0214.html">Announcement</a>
@@ -390,7 +403,7 @@ link to full release notes for each release.</p>
        <td>Samba 4.0 as an AD DC may provide authenticated users with write
        access to LDAP directory objects.</td>
        <td>4.0.0</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0172";>CVE-2013-0172</a></td>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0172";>CVE-2013-0172</a></td>
        <td><a href="/samba/security/CVE-2013-0172.html">Announcement</a></td>
     </tr>
 
@@ -405,7 +418,7 @@ link to full release notes for each release.</p>
        <td>Incorrect permission checks when granting/removing privileges can
        compromise file server security.</td>
        <td>3.4.x-3.6.4</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111";>CVE-2012-2111</a></td>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111";>CVE-2012-2111</a></td>
        <td><a href="/samba/security/CVE-2012-2111.html">Announcement</a></td>
     </tr>
 
@@ -425,7 +438,7 @@ link to full release notes for each release.</p>
        patch for Samba 3.6.3</a><br />
        <td>"root" credential remote code execution</td>
        <td>all current releases</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182";>CVE-2012-1182</a></td>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182";>CVE-2012-1182</a></td>
        <td><a href="/samba/security/CVE-2012-1182.html">Announcement</a></td>
     </tr>
 
@@ -439,7 +452,7 @@ link to full release notes for each release.</p>
        patch for Samba 3.3</a><br />
        <td>Remote code execution vulnerability in smbd</td>
        <td>pre-3.4</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870";>CVE-2012-0870</a></td>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870";>CVE-2012-0870</a></td>
        <td><a href="/samba/security/CVE-2012-0870.html">Announcement</a></td>
     </tr>
 
@@ -449,7 +462,7 @@ link to full release notes for each release.</p>
        patch for Samba 3.6.2</a>
        <td>Memory leak/Denial of service</td>
        <td>3.6.0-3.6.2</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0817";>CVE-2012-0817</a></td>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0817";>CVE-2012-0817</a></td>
        <td><a href="/samba/security/CVE-2012-0817.html">Announcement</a></td>
     </tr>
 
@@ -463,7 +476,7 @@ link to full release notes for each release.</p>
        patch for Samba 3.5.9</a><br />
        <td>Cross-Site Request Forgery in SWAT</td>
        <td>all current releases</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2522";>CVE-2011-2522</a></td>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2522";>CVE-2011-2522</a></td>
        <td><a href="/samba/security/CVE-2011-2522.html">Announcement</a></td>
     </tr>
 
@@ -477,7 +490,7 @@ link to full release notes for each release.</p>
        patch for Samba 3.5.9</a><br />
        <td>Cross-Site Scripting vulnerability in SWAT</td>
        <td>all current releases</td>
-       <td><a 
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2694";>CVE-2011-2694</a></td>
+       <td><a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2694";>CVE-2011-2694</a></td>
        <td><a href="/samba/security/CVE-2011-2694.html">Announcement</a></td>


-- 
Samba Website Repository

Reply via email to