Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackwarearm-14.2 ChangeLog (2016-07-09) ====== ====== Sat Jul 9 07:37:07 UTC 2016 ====== ===== Packages ===== ==== Upgraded ==== * [[slackwarearm.14.2>patches/packages/samba-4.4.5-arm-1_slack14.2.txz]] \\ This release fixes a security issue: \\ Client side SMB2/3 required signing can be downgraded. \\ It's possible for an attacker to downgrade the required signing for an \\ SMB2/3 client connection, by injecting the SMB2_SESSION_FLAG_IS_GUEST or \\ SMB2_SESSION_FLAG_IS_NULL flags. This means that the attacker can \\ impersonate a server being connected to by Samba, and return malicious \\ results. \\ For more information, see: \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119 \\ (* Security fix *) {{tag>slackware changelog slackwarearm-14.2 2016-07}} news/2016/07/09/slackwarearm-14.2-changelog.txt Last modified: 5 months agoby Giuseppe Di Terlizzi Log In