news:2014:03:14:slackware64-current-changelog

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
news:2014:03:14:slackware64-current-changelog [2015/03/10 01:13] – creata Giuseppe Di Terlizzinews:2014:03:14:slackware64-current-changelog [2015/03/26 10:43] (current) Giuseppe Di Terlizzi
Line 2: Line 2:
  
 ====== Fri Mar 14 00:44:48 UTC 2014 ====== ====== Fri Mar 14 00:44:48 UTC 2014 ======
- 
- 
 ===== Packages ===== ===== Packages =====
  
 ==== Upgraded ==== ==== Upgraded ====
-  * [[slackware64.current>n/samba-4.1.6-x86_64-1.txz]] (Security fix) +  * [[slackware64.current>n/samba-4.1.6-x86_64-1.txz]] \\   This update fixes two security issues: \\   CVE-2013-4496: \\   Samba versions 3.4.0 and above allow the administrator to implement \\   locking out Samba accounts after a number of bad password attempts. \\   However, all released versions of Samba did not implement this check for \\   password changes, such as are available over multiple SAMR and RAP \\   interfaces, allowing password guessing attacks. \\   CVE-2013-6442: \\   Samba versions 4.0.0 and above have a flaw in the smbcacls command. If \\   smbcacls is used with the "-C|--chown name" or "-G|--chgrp name" \\   command options it will remove the existing ACL on the object being \\   modified, leaving the file or directory unprotected. \\   For more information, see: \\     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4496 \\     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6442 \\   (* Security fix *)
-===== ChangeLog ===== +
-<code> +
-Fri Mar 14 00:44:48 UTC 2014 +
-n/samba-4.1.6-x86_64-1.txz:  Upgraded. +
-  This update fixes two security issues: +
-  CVE-2013-4496: +
-  Samba versions 3.4.0 and above allow the administrator to implement +
-  locking out Samba accounts after a number of bad password attempts. +
-  However, all released versions of Samba did not implement this check for +
-  password changes, such as are available over multiple SAMR and RAP +
-  interfaces, allowing password guessing attacks. +
-  CVE-2013-6442: +
-  Samba versions 4.0.0 and above have a flaw in the smbcacls command. If +
-  smbcacls is used with the "-C|--chown name" or "-G|--chgrp name" +
-  command options it will remove the existing ACL on the object being +
-  modified, leaving the file or directory unprotected. +
-  For more information, see: +
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4496 +
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6442 +
-  (* Security fix *) +
-</code> +
  
  
-{{tag>news 2014/03 slackware64-current changelog}}+{{tag>slackware changelog slackware64-current 2014/03}}
  
  • news/2014/03/14/slackware64-current-changelog.1425946430.txt.gz
  • Last modified: 9 years ago
  • by Giuseppe Di Terlizzi