[Bug 1566348] Re: Patch the Badlock bug in the initial release of Ubuntu 16.04
FIxed by: samba (2:4.3.8+dfsg-0ubuntu1) xenial; urgency=medium * SECURITY UPDATE: Updated to 4.3.8 to fix multiple security issues - CVE-2015-5370: Multiple errors in DCE-RPC code - CVE-2016-2110: Man in the middle attacks possible with NTLMSSP - CVE-2016-2111: NETLOGON Spoofing Vulnerability - CVE-2016-2112: The LDAP client and server don't enforce integrity protection - CVE-2016-2113: Missing TLS certificate validation allows man in the middle attacks - CVE-2016-2114: "server signing = mandatory" not enforced - CVE-2016-2115: SMB client connections for IPC traffic are not integrity protected - CVE-2016-2118: SAMR and LSA man in the middle attacks possible * debian/patches/winbind_trusted_domains.patch: make sure domain members can talk to trusted domains DCs. -- Marc DeslauriersTue, 12 Apr 2016 07:26:29 -0400 ** CVE added: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2015-5370 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-2110 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-2111 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-2112 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-2113 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-2114 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-2115 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-2118 ** Changed in: samba (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1566348 Title: Patch the Badlock bug in the initial release of Ubuntu 16.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1566348/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1566348] Re: Patch the Badlock bug in the initial release of Ubuntu 16.04
No, this is not a duplicate of #1569497, which "is for tracking regressions while the updated packages are in the security team PPA". I reported this bug to make sure the new samba packages which patch Badlock will be included in the initial release of Ubuntu 16.04. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1566348 Title: Patch the Badlock bug in the initial release of Ubuntu 16.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1566348/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1566348] Re: Patch the Badlock bug in the initial release of Ubuntu 16.04
Dupe of https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1569497 ? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1566348 Title: Patch the Badlock bug in the initial release of Ubuntu 16.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1566348/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1566348] Re: Patch the Badlock bug in the initial release of Ubuntu 16.04
** This bug is no longer a duplicate of bug 1569497 Badlock security update tracking bug -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1566348 Title: Patch the Badlock bug in the initial release of Ubuntu 16.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1566348/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1566348] Re: Patch the Badlock bug in the initial release of Ubuntu 16.04
*** This bug is a duplicate of bug 1569497 *** https://bugs.launchpad.net/bugs/1569497 ** This bug has been marked a duplicate of bug 1569497 Badlock security update tracking bug -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1566348 Title: Patch the Badlock bug in the initial release of Ubuntu 16.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1566348/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1566348] Re: Patch the Badlock bug in the initial release of Ubuntu 16.04
** Changed in: samba (Ubuntu) Status: New => Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1566348 Title: Patch the Badlock bug in the initial release of Ubuntu 16.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1566348/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1566348] Re: Patch the Badlock bug in the initial release of Ubuntu 16.04
** Changed in: samba (Ubuntu) Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1566348 Title: Patch the Badlock bug in the initial release of Ubuntu 16.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1566348/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs