samba: CVE-2020-14383

Debian Bug report logs - #973398
samba: CVE-2020-14383

Reply or subscribe to this bug.

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: samba: CVE-2020-14383

Date: Thu, 29 Oct 2020 22:02:49 +0100

Source: samba
Version: 2:4.12.5+dfsg-3
Severity: important
Tags: security upstream
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>
Control: found -1 2:4.9.5+dfsg-5+deb10u1
Control: found -1 2:4.9.5+dfsg-5

Hi,

The following vulnerability was published for samba.

CVE-2020-14383[0]:
| An authenticated user can crash the DCE/RPC DNS with easily crafted
| records

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2020-14383
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14383
[1] https://www.samba.org/samba/security/CVE-2020-14383.html

Regards,
Salvatore

Message #14 received at 973398-close@bugs.debian.org (full text, mbox, reply):

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>

To: 973398-close@bugs.debian.org

Subject: Bug#973398: fixed in samba 2:4.13.2+dfsg-1

Date: Thu, 12 Nov 2020 10:50:15 +0000

Source: samba
Source-Version: 2:4.13.2+dfsg-1
Done: Mathieu Parent <sathieu@debian.org>

We believe that the bug you reported is fixed in the latest version of
samba, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 973398@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mathieu Parent <sathieu@debian.org> (supplier of updated samba package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 12 Nov 2020 11:23:01 +0100
Source: samba
Architecture: source
Version: 2:4.13.2+dfsg-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>
Changed-By: Mathieu Parent <sathieu@debian.org>
Closes: 946821 946840 956096 956482 971048 971292 973398 973399 973400 973957
Changes:
 samba (2:4.13.2+dfsg-1) experimental; urgency=medium
 .
   * New upstream major version
     - Update d/gbp.conf, d/watch and d/README.source for 4.13
     - Update patches
     - Bump build-depends ldb >= 2.2.0
     - Install new files
     - Update symbols
   * Includes the following security fixes:
     - CVE-2020-14318: Missing handle permissions check in SMB1/2/3 ChangeNotify
       (Closes: #973400)
     - CVE-2020-14323: Unprivileged user can crash winbind (Closes: #973399)
     - CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with
       easily crafted records (Closes: #973398)
     - CVE-2020-1472: Unauthenticated domain takeover via netlogon ("ZeroLogon")
       (Closes: #971048)
   * Includes the following fixes:
     - Fixes "samba_dnsupdate gives depreacation warnings" (Closes: #973957)
     - s3: libsmbclient.h: add missing time.h include (Closes: #946840)
   * Remove unused python3-crypto dependency (Closes: #971292)
   * Enable Spotlight with ES backend (Closes: #956096, #956482)
   * Standards-Version: 4.5.0
   * Add missing Build-Depends-Package in libsmbclient.symbols and
     libwbclient0.symbols
   * d/copyright: Fix duplicate-globbing-patterns
   * Remove outdated/malformed lintian overrides
   * d/winbind.logrotate: Only reload winbindd when running (Closes: #946821)
   * Bump to debhelper compat 13
   * Add another library-not-linked-against-libc override
Checksums-Sha1:
 ba2a33cfd546e53355ab72fde1ce3ac495bc57bd 4323 samba_4.13.2+dfsg-1.dsc
 10d9d7c1710c26830a8861312386924a7f7b3c31 11677920 samba_4.13.2+dfsg.orig.tar.xz
 880e473d1ecd854cb8d153decaa30088d0671bbc 244780 samba_4.13.2+dfsg-1.debian.tar.xz
 7f9a02ad886eaa0afca36f622f4b9420e949da6c 7137 samba_4.13.2+dfsg-1_source.buildinfo
Checksums-Sha256:
 8d1ebd38595b8ec64696bfd7447fb6ef384c91dd4a520070f1ebc8eb14abf0a7 4323 samba_4.13.2+dfsg-1.dsc
 cf5d4c8ef5966cf806a6e94edc8a7acb05955bb05fc4ac8d52ad82bd16beec02 11677920 samba_4.13.2+dfsg.orig.tar.xz
 5c4fdae8b112a74dfcc3fbe521d2496310b45c24ccc171c310bb3ed6c0497499 244780 samba_4.13.2+dfsg-1.debian.tar.xz
 8363ff93f0e00da8962105525e68c23f72050b8e6b977ba6d50e2b5071549f02 7137 samba_4.13.2+dfsg-1_source.buildinfo
Files:
 31b392cba19a860817b641a2848e6e0b 4323 net optional samba_4.13.2+dfsg-1.dsc
 b0a948cd7e88c765baa4993f41729a64 11677920 net optional samba_4.13.2+dfsg.orig.tar.xz
 b6d202c21a462887dd7eb6ef9e0d31e8 244780 net optional samba_4.13.2+dfsg-1.debian.tar.xz
 4f2c0a25c21cc4dfe5b13b747e9e790a 7137 net optional samba_4.13.2+dfsg-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJHBAEBCgAxFiEEqqWLhC6ILPQU4Lqxp8cqHHgrjD8FAl+tDXATHHNhdGhpZXVA
ZGViaWFuLm9yZwAKCRCnxyoceCuMPzAsEACS6oJhI8Bk4XEY4yn2zOW/iPizXyHS
kyNGO0nkDxY2F6oMnvEWBOXfOzrIqimDkCmKWO881qa3ZkRpETj5+vA6iqS9iowQ
/Z4IpSYHovULwDT90AK767OaPTT/05pvqGRyI9ndjGpIrdhFD6UFGgMplVEUZe8m
qL99YJ2G2rJ1j4uQ8YxXS1Hfw22AZKFS9q7n5bCym/yxL8Ng9fuszhPFFDHMUCWp
z7pd6YFDtvhXafZLblGrbSI+N48bHjgNDoOOBXkxhiXrFDJMH8F0nspkbKmaO67H
IUs8e85lXdmkO1Qfd9e9Boo/AGuxcvfD/ICyeeNgh0tk9fZdp+RXtD6j3EM2RCmJ
5fDjPM51xB15CAKxOiURCP3kRV5QF1oMDrMDU7HRgATiO2gKWr7NavXmc5ZR+mU8
qpk9K8FPbAU2FhqaKX2EZPFS4teraM9aT5wLavrLiJ5ChMIXCANSU1CtxIAExZHk
7V3wiUbWbVG5Bck7zYAvdl14Jie1dQqu6MZn1CJqoEYLgjh/YmpKt1YXZixloM0Z
xRZI0sf8LTmUAxHXNW1FJeYaTgKLY4mPrWG6knwgtsSKzlewj9/CIpEtkToyKkfg
G4DvpB0VNEByrnYxZqDdkAvscH/to0f5cpAkMq6bzn2vbdjdfyRV+wZhUQOaFGjH
za5uusXG2XldmA==
=mHRN
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.