Bug 40847 - Samba: security update (4.1)
Samba: security update (4.1)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.1
Other Linux
: P4 normal (vote)
: UCS 4.1-1-errata
Assigned To: Arvid Requate
Janek Walkenhorst
https://bugzilla.samba.org/show_bug.c...
:
Depends on: 40328
Blocks:
  Show dependency treegraph
 
Reported: 2016-03-07 12:23 CET by Arvid Requate
Modified: 2016-10-05 12:46 CEST (History)
1 user (show)

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional): Security
Max CVSS v3 score:
requate: Patch_Available+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2016-03-07 12:23:23 CET
There will be a security update on the 8th of March, currently embargoed:

* Getting and setting Windows ACLs on symlinks can change permissions on link target (CVE-2015-7560)
Comment 1 Arvid Requate univentionstaff 2016-03-07 13:30:09 CET
The package is rebuilt with the upstream patch in errata4.1-1.

Advisory: samba.yaml
Comment 2 Felix Botner univentionstaff 2016-03-08 14:48:58 CET
OK - built with patches
OK - installation
OK - Autotest MultiEnv
OK - simple samba test (windows join, share access)

OK - YAML
Comment 3 Janek Walkenhorst univentionstaff 2016-03-08 15:31:31 CET
(In reply to Felix Botner from comment #2)
> OK - built with patches
> OK - installation
> OK - Autotest MultiEnv
> OK - simple samba test (windows join, share access)
> 
> OK - YAML
I concur.
Comment 4 Janek Walkenhorst univentionstaff 2016-03-08 17:06:07 CET
<http://errata.software-univention.de/ucs/4.1/124.html>