FreeBSD Bugzilla – Attachment 216153 Details for
Bug 247725
security/vuxml samba vulnerabilities
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
patch for vuxml to include recent samba CVEs
samba.diff (text/plain), 1.73 KB, created by
rob2g2
on 2020-07-02 20:45:52 UTC
(
hide
)
Description:
patch for vuxml to include recent samba CVEs
Filename:
MIME Type:
Creator:
rob2g2
Created:
2020-07-02 20:45:52 UTC
Size:
1.73 KB
patch
obsolete
>--- vuln2.xml Thu Jul 2 22:28:58 2020 >+++ vuln.xml Thu Jul 2 22:43:10 2020 >@@ -60,0 +61,42 @@ >+ <vuln vid="ae599263-bca2-11ea-b78f-b42e99a1b9c3"> >+ <topic>samba -- Multiple Vulnerabilities</topic> >+ <affects> >+ <package> >+ <name>samba410</name> >+ <range><lt>4.10.17</lt></range> >+ </package> >+ <package> >+ <name>samba411</name> >+ <range><lt>4.11.11</lt></range> >+ </package> >+ </affects> >+ <description> >+ <body xmlns="http://www.w3.org/1999/xhtml"> >+ <p>The Samba Team reports:</p> >+ <blockquote cite="https://www.samba.org/samba/history/security.html"> >+ <p>Four vulnerabilities were fixed in samba:</p> >+ <ul> >+ <li>CVE-2020-10730: NULL pointer de-reference and use-after-free in Samba AD DC LDAP Server with ASQ, VLV and paged_results</li> >+ <li>CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume excessive CPU in the AD DC (only)</li> >+ <li>CVE-2020-10760: LDAP Use-after-free in Samba AD DC Global Catalog with paged_results and VLV</li> >+ <li>CVE-2020-14303: Empty UDP packet DoS in Samba AD DC nbtd</li> >+ </ul> >+ </blockquote> >+ </body> >+ </description> >+ <references> >+ <url>https://www.samba.org/samba/security/CVE-2020-10730.html</url> >+ <url>https://www.samba.org/samba/security/CVE-2020-10745.html</url> >+ <url>https://www.samba.org/samba/security/CVE-2020-10760.html</url> >+ <url>https://www.samba.org/samba/security/CVE-2020-14303.html</url> >+ <cvename>CVE-2020-10730</cvename> >+ <cvename>CVE-2020-10745</cvename> >+ <cvename>CVE-2020-10760</cvename> >+ <cvename>CVE-2020-14303</cvename> >+ </references> >+ <dates> >+ <discovery>2020-07-02</discovery> >+ <entry>2020-07-02</entry> >+ </dates> >+ </vuln> >+
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=216153">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 247725
: 216153