Bug 40921

Summary: samba: Security issue (ES 3.1)
Product: UCS Reporter: Arvid Requate <requate>
Component: Security updatesAssignee: Arvid Requate <requate>
Status: CLOSED DUPLICATE QA Contact: Janek Walkenhorst <walkenhorst>
Severity: normal    
Priority: P5 CC: gohmann
Version: UCS 3.1Flags: requate: Patch_Available+
Target Milestone: UCS 3.1-ES   
Hardware: Other   
OS: Linux   
URL: https://bugzilla.samba.org/show_bug.cgi?id=11648
What kind of report is it?: --- What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional): Security
Max CVSS v3 score:
Attachments: CVE-2015-7560-v3-6.patch

Description Arvid Requate univentionstaff 2016-03-17 17:29:19 CET 
Created attachment 7542 [details]
CVE-2015-7560-v3-6.patch

+++ This bug was initially created as a clone of Bug #37734 +++

* Getting and setting Windows ACLs on symlinks can change permissions on link target (CVE-2015-7560)

Affects both, samba & samba4 packages.
Comment 1 Stefan Gohmann univentionstaff 2016-05-19 09:55:41 CEST 
Still valid?
Comment 2 Arvid Requate univentionstaff 2016-05-19 18:41:38 CEST 
We have updated to 4.3.7.

*** This bug has been marked as a duplicate of bug 41012 ***
Comment 3 Janek Walkenhorst univentionstaff 2016-05-26 15:28:24 CEST 
(In reply to Arvid Requate from comment #2)
> We have updated to 4.3.7.
> 
> *** This bug has been marked as a duplicate of bug 41012 ***
Ok, fixed upstream with 4.3.6.