Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#67983 - [security][samba] 4.12.6-1 " Zerologon" vulnerability CVE-2020-1472
Attached to Project:
Arch Linux
Opened by Pascal Ernster (hardfalcon) - Thursday, 24 September 2020, 11:47 GMT
Last edited by freswa (frederik) - Monday, 28 September 2020, 14:03 GMT
Opened by Pascal Ernster (hardfalcon) - Thursday, 24 September 2020, 11:47 GMT
Last edited by freswa (frederik) - Monday, 28 September 2020, 14:03 GMT
|
DetailsSamba 4.12.6 is also affected by the recent "zerologon" vulnerability discovered in MS Windows:
https://www.samba.org/samba/security/CVE-2020-1472.html CVSSv3 rating: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8) Samba 4.12.7 has been released to fix the issue on 2020-09-18, and the freshly released Samba 4.13.0 from yesterday should fix the issue as well. |
This task depends upon
Closed by freswa (frederik)
Monday, 28 September 2020, 14:03 GMT
Reason for closing: Fixed
Additional comments about closing: samba 4.13.0-1
Monday, 28 September 2020, 14:03 GMT
Reason for closing: Fixed
Additional comments about closing: samba 4.13.0-1