[Buildroot] [PATCH 1/1] package/samba4: security bump version to 4.10.10
Peter Korsgaard
peter at korsgaard.com
Thu Oct 31 20:54:07 UTC 2019
>>>>> "Bernd" == Bernd Kuhls <bernd.kuhls at t-online.de> writes:
> This is a security release in order to address the following defects:
> o CVE-2019-10218: Client code can return filenames containing path
> separators.
> o CVE-2019-14833: Samba AD DC check password script does not receive
> the full password.
> o CVE-2019-14847: User with "get changes" permission can crash AD DC
> LDAP server via dirsync.
> Release notes: https://www.samba.org/samba/history/samba-4.10.10.html
> Signed-off-by: Bernd Kuhls <bernd.kuhls at t-online.de>
Committed to 2019.08.x, thanks. For 2019.02.x I will instead bump to
4.9.15, which includes the same fixes.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list