[ Date Index ]
[ Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
Re: [LUG] Fw: [SECURITY] [DSA 5015-1] samba security update
- To: list@xxxxxxxxxxxxx
- Subject: Re: [LUG] Fw: [SECURITY] [DSA 5015-1] samba security update
- From: "maceion@xxxxxxxxx" <maceion@xxxxxxxxx>
- Date: Wed, 1 Dec 2021 16:07:41 +0000
- Content-language: en-GB
- Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=dcglug.org.uk; s=1633856761; h=Sender:Content-Transfer-Encoding: Content-Type:Reply-To:List-Subscribe:List-Help:List-Post:List-Unsubscribe: List-Id:Subject:In-Reply-To:MIME-Version:Date:Message-ID:From:References:To: Cc:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Owner:List-Archive; bh=bW81LKt7SF8jEfxqmrLTxEEKZjstZ1nnL3t9fIKi4RM=; b=Sz1bOHrWw3u5YcV1EOCrHmTJqJ 13jy85LHdVk0CtPPrDhxAXkowPoqA9KbHirRL/uD6u+bFyQhQJ5iE71giH4mkMLOKcZtwSCMWKLQG c07r6pNkH+DMAfRdDY0CnwyGh2nzVRNCAraDQn0t08a3xHIbTegbiiCMYQ1pYuHSzyaQ=;
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-language:content-transfer-encoding; bh=iFGl16Cdrolr02cz3yFly+hKnm0KuTn4e+RiZDr1k1c=; b=A8czVPmVKKSy+DMhpXpZjpXHwwf+y00+Bk6ub5KyXVPE6w0n/m1XqnPnmfleMVd1wx RdTV1fs3OZOyjEWFMgl+DJe92li+P4mkhA1mXODiNFGHdil2z9SMge99eCH+CsEIdf7Y 8p8hYJ3Nuqy6pqVM8gxkXk5JBdL8TesQF5Q2Te+GdWtRsecU9uMgnHdFq2+5e5e0bQMm SJfC9gBSJtwjkrEbzRC/yctaVprxJKDLcgH5iRFyezdiJTgjnzgz8bAmDnyfIW0uAZ02 U3qn4vJKzyN3gJ6qXmnpDuCoEexZE6ZphHlRFy9gnxBGI8ZZLpqjCax2pXgQp+7Nn1lg iGWg==
On 01/12/2021 14:47, Sebastian wrote:
> Dear Fraser,
>
>> Don't do nothing about it, but do something about it one way or >
>> another... Begin forwarded message:
>>
>> Package : samba
>> CVE ID : CVE-2020-25717
>>
>> Andrew Bartlett discovered that Samba, a SMB/CIFS file, print, and login
>> server for Unix, may map domain users to local users in an undesired
>> way. This could allow a user in an AD domain to potentially become root
>
> Looks like this has been fixed since Debian 10 'Oldstable' Buster, so
> I shouldn't imagine anyone on this mailing list is affected :)
>
> Best wishes,
>
> Sebastian
>
I last week just updated my very old spare email only Debian 10 to
Debian 11, [It is a fall back spare old computer] only Debian runs on i!
No hope of or risk of SAMBA ever as it had Windows XP (or was it 98?)
wiped a long time ago.
I use it to demonstrate that old stuff can have a use.
Keeps it out of landfill etc.
--
Regards
Eion MacDonald
--
The Mailing List for the Devon & Cornwall LUG
https://mailman.dcglug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq