2019-09-04 02:58:34 |
Bryce Harrington |
description |
samba (2:4.10.7+dfsg-0ubuntu2) eoan; urgency=medium
* SECURITY UPDATE: restricted share escape by user
- debian/patches/CVE-2019-10197-01-v4-10.patch: smbd: separate
out impersonation debug info into a new function.
- debian/patches/CVE-2019-10197-02-v4-10.patch: smbd: make sure that
change_to_user_internal() always resets current_user.done_chdir
- debian/patches/CVE-2019-10197-03-v4-10.patch: smbd: make sure we
reset current_user.{need,done}_chdir in become_root()
- debian/patches/CVE-2019-10197-04-v4-10.patch: selftest: make
fsrvp_share its own independent subdirectory
- debian/patches/CVE-2019-10197-05-v4-10.patch:
test_smbclient_s3.sh: add regression test for the no permission
on share root problem
- debian/patches/CVE-2019-10197-06-v4-10.patch: smbd: split
change_to_user_impersonate() out of change_to_user_internal()
- CVE-2019-10197
-- Steve Beattie <sbeattie@ubuntu.com> Fri, 30 Aug 2019 11:07:19 -0700 |
samba (2:4.10.7+dfsg-0ubuntu2) eoan; urgency=medium
* SECURITY UPDATE: restricted share escape by user
- debian/patches/CVE-2019-10197-01-v4-10.patch: smbd: separate
out impersonation debug info into a new function.
- debian/patches/CVE-2019-10197-02-v4-10.patch: smbd: make sure that
change_to_user_internal() always resets current_user.done_chdir
- debian/patches/CVE-2019-10197-03-v4-10.patch: smbd: make sure we
reset current_user.{need,done}_chdir in become_root()
- debian/patches/CVE-2019-10197-04-v4-10.patch: selftest: make
fsrvp_share its own independent subdirectory
- debian/patches/CVE-2019-10197-05-v4-10.patch:
test_smbclient_s3.sh: add regression test for the no permission
on share root problem
- debian/patches/CVE-2019-10197-06-v4-10.patch: smbd: split
change_to_user_impersonate() out of change_to_user_internal()
- CVE-2019-10197
-- Steve Beattie <sbeattie@ubuntu.com> Fri, 30 Aug 2019 11:07:19 -0700
A PPA build with this patch is available from the security team at:
https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages
I've also uploaded it to my own PPA here, to doublecheck the build:
https://launchpad.net/~bryce/+archive/ubuntu/samba-cve-2019-10197/+packages |
|