Viewing all changes in revision 83.
- Committer: Bazaar Package Importer
- Date: 2009-10-01 08:20:29 UTC
- Revision ID: james.westby@ubuntu.com-20091001082029-kjaluowbnuytii7o
* SECURITY UPDATE: whole filesystem share via user with no home directory
- debian/patches/security-CVE-2009-2813.patch: make sure home directory
is set in source3/param/loadparm.c, source3/smbd/service.c.
- CVE-2009-2813
* SECURITY UPDATE: credentials file disclosure and unauthorized usage via
setuid mount.cifs
- debian/patches/security-CVE-2009-2948.patch: don't open credentials
file if user doesn't have permission, and don't print password when
using verbose option in source3/client/mount.cifs.c.
- CVE-2009-2948
* SECURITY UPDATE: denial of service via unexpected oplock break
notification reply
- debian/patches/security-CVE-2009-2906.patch: track messages already
processed in source3/include/smb.h, source3/smbd/process.c.
- CVE-2009-2906
- debian/patches/security-CVE-2009-2813.patch: make sure home directory
is set in source3/param/loadparm.c, source3/smbd/service.c.
- CVE-2009-2813
* SECURITY UPDATE: credentials file disclosure and unauthorized usage via
setuid mount.cifs
- debian/patches/security-CVE-2009-2948.patch: don't open credentials
file if user doesn't have permission, and don't print password when
using verbose option in source3/client/mount.cifs.c.
- CVE-2009-2948
* SECURITY UPDATE: denial of service via unexpected oplock break
notification reply
- debian/patches/security-CVE-2009-2906.patch: track messages already
processed in source3/include/smb.h, source3/smbd/process.c.
- CVE-2009-2906
expand all
collapse all
added
removed
