Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware64-current ChangeLog (2017-09-21) ====== ====== Thu Sep 21 01:23:24 UTC 2017 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware64.current>n/samba-4.6.8-x86_64-1.txz]] \\ This is a security release in order to address the following defects: \\ SMB1/2/3 connections may not require signing where they should. A man in the \\ middle attack may hijack client connections. \\ SMB3 connections don't keep encryption across DFS redirects. A man in the \\ middle attack can read and may alter confidential documents transferred via \\ a client connection, which are reached via DFS redirect when the original \\ connection used SMB3. \\ Server memory information leak over SMB1. Client with write access to a share \\ can cause server memory contents to be written into a file or printer. \\ For more information, see: \\ https://www.samba.org/samba/security/CVE-2017-12150.html \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150 \\ https://www.samba.org/samba/security/CVE-2017-12151.html \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151 \\ https://www.samba.org/samba/security/CVE-2017-12163.html \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163 \\ (* Security fix *) {{tag>slackware changelog slackware64-current 2017/09}} news/2017/09/21/slackware64-current-changelog.txt Last modified: 7 years agoby Giuseppe Di Terlizzi Log In