Your message dated Sun, 13 Feb 2022 22:32:26 +0000 with message-id <e1njnpu-000ja1...@fasolo.debian.org> and subject line Bug#1004694: fixed in samba 2:4.13.13+dfsg-1~deb11u3 has caused the Debian Bug report #1004694, regarding samba: CVE-2022-0336 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1004694: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004694 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: samba Version: 2:4.13.14+dfsg-1 Severity: grave Tags: security upstream Justification: user security hole Forwarded: https://bugzilla.samba.org/show_bug.cgi?id=14950 X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Control: found -1 2:4.13.13+dfsg-1~deb11u2 Control: found -1 2:4.9.5+dfsg-5+deb10u2 Hi, The following vulnerability was published for samba. CVE-2022-0336[0]: | Samba AD users with permission to write to an account can impersonate | arbitrary services If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-0336 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0336 [1] https://www.samba.org/samba/security/CVE-2022-0336.html [2] https://bugzilla.samba.org/show_bug.cgi?id=14950 Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: samba Source-Version: 2:4.13.13+dfsg-1~deb11u3 Done: Salvatore Bonaccorso <car...@debian.org> We believe that the bug you reported is fixed in the latest version of samba, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1004...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso <car...@debian.org> (supplier of updated samba package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 03 Feb 2022 21:54:02 +0100 Source: samba Architecture: source Version: 2:4.13.13+dfsg-1~deb11u3 Distribution: bullseye-security Urgency: high Maintainer: Debian Samba Maintainers <pkg-samba-ma...@lists.alioth.debian.org> Changed-By: Salvatore Bonaccorso <car...@debian.org> Closes: 1001068 1004693 1004694 Changes: samba (2:4.13.13+dfsg-1~deb11u3) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * Add patches for CVE-2022-0336 (Closes: #1004694) - CVE-2022-0336: pytest: Add a test for an SPN conflict with a re-added SPN. - CVE-2022-0336: s4/dsdb/samldb: Don't return early when an SPN is re-added to an object. * Add patches for CVE-2021-44142 (Closes: #1004693) - CVE-2021-44142: libadouble: add defines for icon lengths. - CVE-2021-44142: smbd: add Netatalk xattr used by vfs_fruit to the list of private Samba xattrs. - CVE-2021-44142: libadouble: harden ad_unpack_xattrs() - CVE-2021-44142: libadouble: add basic cmocka tests. - CVE-2021-44142: libadouble: harden parsing code. * Add patches to address "The CVE-2020-25717 username map [script] advice has undesired side effects for the local nt token" (Closes: #1001068) - CVE-2020-25727: idmap_nss: verify that the name of the sid belongs to the configured domain - CVE-2020-25717: tests/krb5: Add method to automatically obtain server credentials - CVE-2020-25717: nsswitch/nsstest.c: Lower 'non existent uid' to make room for new accounts - CVE-2020-25717: selftest: turn ad_member_no_nss_wb into ad_member_idmap_nss - CVE-2020-25717: tests/krb5: Add a test for idmap_nss mapping users to SIDs - CVE-2020-25717: s3:auth: Fallback to a SID/UID based mapping if the named based lookup fails Checksums-Sha1: 62595a0c2cd92a646f2ee32ef98a9b7f12737a74 4514 samba_4.13.13+dfsg-1~deb11u3.dsc 9a5f54933e1409a4c403e4a4d7f122071af9700d 467700 samba_4.13.13+dfsg-1~deb11u3.debian.tar.xz Checksums-Sha256: 0d84245dfa8ac468b5f50910d1942bac515c8d17e08261390f8ce8a422ba9a05 4514 samba_4.13.13+dfsg-1~deb11u3.dsc b053b5d46c3f42c6167312a640f0b73972c2e8c9e87405e5559e3fb91fd5fe89 467700 samba_4.13.13+dfsg-1~deb11u3.debian.tar.xz Files: 1241d6789653e4eea6b82fa627468dda 4514 net optional samba_4.13.13+dfsg-1~deb11u3.dsc e25800062ba55e437c3e036c6e023a89 467700 net optional samba_4.13.13+dfsg-1~deb11u3.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmH8RsRfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EhxQQAJv0xn6HV0bmHW4BvocvQ+fkei30Qs3x mnGRMlIJo/3zRjr/813Ia9ZiFSBT/TTvxnvlr+1Fk+zJSRALpyoXtqQ/GXpwOa10 eEX5AK9rwBm5XAVK45OchrrX4yXYcqG8/SRZzcJo/RDJApTBYM2zSS5LOkfX0xE+ m+GqTPbp1PHFDe2BJnQZnt1hhtIVaNvGP/Mf/6OWqjWUlRPGhp9AgjUr+ffPGtx3 0HIZ61GRB0Uxr3mgRQvhzWZJYQ+/XU6hMNS+EBV9NbXIQY+XOOiRLagZlYi4I52a 42RcCi+6gXjPwIrJqSsSZTOafSZQox3sszEohBcH1gN0htFI3KfmzEdZWyIoaX2Y GTRckvx9bG+WgPyVESSS+gBGBwQgx9hg2Ae0an5C8PpcmFECcl7b+meiNwVqF3MR +LuIRvlC2cgv2PUMXfoedsA98UVkLGxSJk9MJ+1Gsldhy6EhdSjQqsLIKkYmf7Yj oFJFJ6np2u7j7HAUEZrAXmuEm+vJW62VuhE5f1ZKyhI0D4u7Sus2pr3+5hdEc8m0 HCcgcgbkuxxan+N+5WM+s3OngZQAWxNEPVtszxu/TpRNcLF9122lcrmiVYWmj5uz f81juB9L5VBCuUMQBO7FBS87XJ4tfqmIfL1gTOiAmAU+lwYXI9Jy43s/XU7hTbtf 7kiZHZ4gcsk+ =lSxZ -----END PGP SIGNATURE-----
--- End Message ---
