Bug 246002 - net/samba41{01}: fixed 2 CVEs
Summary: net/samba41{01}: fixed 2 CVEs
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-ports-bugs (Nobody)
URL: https://www.samba.org/samba/history/
Keywords:
Depends on:
Blocks:
 
Reported: 2020-04-28 16:29 UTC by Vladimir Druzenko
Modified: 2020-04-29 04:23 UTC (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Vladimir Druzenko freebsd_committer freebsd_triage 2020-04-28 16:29:52 UTC 
Fixed 2 CVEs:
o CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ
o CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD DC

https://www.samba.org/samba/history/samba-4.10.15.html
https://www.samba.org/samba/history/samba-4.11.8.html
Comment 1 Vladimir Druzenko freebsd_committer freebsd_triage 2020-04-29 04:21:09 UTC 
Fixed, thanks: https://svnweb.freebsd.org/ports?view=revision&revision=533307