Univention Bugzilla – Bug 55275
samba: Security issue (5.0)
Last modified: 2022-10-25 14:36:11 CEST
r19708 | New upstream patch r19709 | Adjust patch file extension for quilt Package: samba Version: 2:4.16.2-1A~5.0.0.202210171146 Branch: ucs_5.0-0 Scope: errata5.0-2
The fix at this bug is for the security issue: CVE-2022-3437 Heimdal des/des3 overflow At the same time another issue will be disclosed and released. But that issue only affects samba 4.17, which means that UCS is not affected: CVE-2022-3592 A malicious client can use a symlink to escape the exported directory
OK: 98_CVE-2022-3437-des3-overflow-v4-4.16.quilt OK: patch applied during build, samba 2:4.16.2-1A~5.0.0.202210171146 OK: Tests We need an advisory for the release
Created attachment 10998 [details] advisory
OK: Advisory Verified
<https://errata.software-univention.de/#/?erratum=5.0x469>