|
|
Log in / Subscribe / Register

Mageia alert MGASA-2017-0326 (samba)



From:
    	      Mageia Updates <buildsystem-daemon@mageia.org> 


To:
    	      updates-announce@ml.mageia.org 


Subject:
    	      [updates-announce] MGASA-2017-0326: Updated samba packages fix security vulnerability 


Date:
    	      Sun, 3 Sep 2017 16:32:11 +0200


Message-ID:
    	      <20170903143211.8D20A9F872@duvel.mageia.org>


MGASA-2017-0326 - Updated samba packages fix security vulnerability

Publication date: 03 Sep 2017
URL: http://advisories.mageia.org/MGASA-2017-0326.html
Type: security
Affected Mageia releases: 6
CVE: CVE-2017-11103

Description:
Jeffrey Altman, Viktor Dukhovni, and Nicolas Williams discovered that
Samba clients incorrectly trusted unauthenticated portions of Kerberos
tickets. A remote attacker could use this to impersonate trusted network
servers or perform other attacks (CVE-2017-11103).

The samba package has been updated to version 4.6.7, fixing this issue
and several other bugs.

References:
- https://bugs.mageia.org/show_bug.cgi?id=21482
- https://www.samba.org/samba/security/CVE-2017-11103.html
- https://www.samba.org/samba/history/samba-4.6.6.html
- https://www.samba.org/samba/history/samba-4.6.7.html
- https://usn.ubuntu.com/usn/usn-3353-2/
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11103

SRPMS:
- 6/core/samba-4.6.7-1.mga6
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds