[ Date Index ]
[ Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
Re: [LUG] Fw: [SECURITY] [DSA 5015-1] samba security update
- To: Tom <list@xxxxxxxxxxxxx>
- Subject: Re: [LUG] Fw: [SECURITY] [DSA 5015-1] samba security update
- From: "Dom Rodriguez/shymega" <shymega@xxxxxxxxxxxxxx>
- Date: Wed, 01 Dec 2021 16:11:50 +0000
- Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=dcglug.org.uk; s=1633856761; h=Sender:Content-Transfer-Encoding: Content-Type:Reply-To:List-Subscribe:List-Help:List-Post:List-Unsubscribe: List-Id:Subject:To:From:Date:References:In-Reply-To:Message-Id:Mime-Version: Cc:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Owner:List-Archive; bh=5VJByjvpWfUPAblgEDSEaGtyCYwgQ9xWWuGNhGVheC0=; b=izQiPifTLjAn2uMmyBmiNfq9NB BED1XvOMg0+IecqlOvnXzpPcx7Ddc55vkDZHigXPmYt+bayk29PqtZwXhquPYPLe/7Zafgm2vGxWA YRK+mXZ3EPJjewrLsNCQW8otUy0vQsS+OmVSw3EsRL8ygQy3gtG6E+HXQ0d3Q9xy16Cg=;
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=yaXcP3 DKcb4lzW7FC9xVBxXC2nBxHuwSnOqrHSpZRPA=; b=Vdv0Y4UJ7O5hwF6NdLpv+z +W5ti0Dy6Nroh4c3fbFUM3+65AbKFn2aen8m+fqgto5e91YBWHL97uchozo2dz+R VM61seMTtn6OsIZjKZx+KrGJP89cnFDlWZZaTamRz6ST4xR/I3XGLng0SERubG5g +uzq3Yma+Un6Dd/w7gMRmBA/ltps64AhH4ApPNeHFLhZT5nUIGA3b66UY0tAGd7a ZzzCaX2/pjdrmU1D2nD6fhZUGg5kM0eXYpU3xFyEV7Ftit3GFjzL+fT5W9NarBfo Z7utOQRvLb0A9aHDvaWhopp41RDD2o4Tz7nbhr/VfpS0GZ/zPDMVZg+U6C+McjdA ==
On Wed, Dec 1, 2021, at 2:47 PM, Sebastian wrote:
> Dear Fraser,
>
>> Don't do nothing about it, but do something about it one way or >
>> another... Begin forwarded message:
>>
>> Package : samba
>> CVE ID : CVE-2020-25717
>>
>> Andrew Bartlett discovered that Samba, a SMB/CIFS file, print, and login
>> server for Unix, may map domain users to local users in an undesired
>> way. This could allow a user in an AD domain to potentially become root
>
> Looks like this has been fixed since Debian 10 'Oldstable' Buster, so
> I shouldn't imagine anyone on this mailing list is affected :)
To be honest, I think it's a valid post to make, it could be some people are still
on older versions of Debian. One of my servers is on the latest, sure.
--
Kind regards,
--
Dom Rodriguez (also known as shymega)
--
The Mailing List for the Devon & Cornwall LUG
https://mailman.dcglug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq