Ubuntu
samba package

  1. Bug #1842533
  2. Comment #0

Comment 0 for bug 1842533

Revision history for this message
Bryce Harrington (bryce) wrote : CVE-2019-10197

samba (2:4.10.7+dfsg-0ubuntu2) eoan; urgency=medium

  * SECURITY UPDATE: restricted share escape by user
    - debian/patches/CVE-2019-10197-01-v4-10.patch: smbd: separate
      out impersonation debug info into a new function.
    - debian/patches/CVE-2019-10197-02-v4-10.patch: smbd: make sure that
      change_to_user_internal() always resets current_user.done_chdir
    - debian/patches/CVE-2019-10197-03-v4-10.patch: smbd: make sure we
      reset current_user.{need,done}_chdir in become_root()
    - debian/patches/CVE-2019-10197-04-v4-10.patch: selftest: make
      fsrvp_share its own independent subdirectory
    - debian/patches/CVE-2019-10197-05-v4-10.patch:
      test_smbclient_s3.sh: add regression test for the no permission
      on share root problem
    - debian/patches/CVE-2019-10197-06-v4-10.patch: smbd: split
      change_to_user_impersonate() out of change_to_user_internal()
    - CVE-2019-10197

 -- Steve Beattie <email address hidden> Fri, 30 Aug 2019 11:07:19 -0700