-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 19 Jul 2023 17:55:58 +0300
Source: samba
Architecture: source
Version: 2:4.17.10+dfsg-0+deb12u1
Distribution: bookworm-security
Urgency: medium
Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Closes: 1041043
Changes:
 samba (2:4.17.10+dfsg-0+deb12u1) bookworm-security; urgency=medium
 .
   * new upstream stable/security release 4.17.10, including:
    o CVE-2022-2127:  When winbind is used for NTLM authentication,
      a maliciously crafted request can trigger an out-of-bounds read
      in winbind and possibly crash it.
      https://www.samba.org/samba/security/CVE-2022-2127.html
    o CVE-2023-3347:  SMB2 packet signing is not enforced if an admin
      configured "server signing = required" or for SMB2 connections to
      Domain Controllers where SMB2 packet signing is mandatory.
      https://www.samba.org/samba/security/CVE-2023-3347.html
    o CVE-2023-34966: An infinite loop bug in Samba's mdssvc RPC service
      for Spotlight can be triggered by an unauthenticated attacker by
      issuing a malformed RPC request.
      https://www.samba.org/samba/security/CVE-2023-34966.html
    o CVE-2023-34967: Missing type validation in Samba's mdssvc RPC service
      for Spotlight can be used by an unauthenticated attacker to trigger
      a process crash in a shared RPC mdssvc worker process.
      https://www.samba.org/samba/security/CVE-2023-34967.html
    o CVE-2023-34968: As part of the Spotlight protocol Samba discloses
      the server-side absolute path of shares and files and directories
      in search results.
      https://www.samba.org/samba/security/CVE-2023-34968.html
    o BUG 15418: Secure channel faulty since Windows 10/11 update 07/2023.
      https://bugzilla.samba.org/show_bug.cgi?id=15418
      (this has been patched in the previous upload; Closes: #1041043)
Checksums-Sha1:
 0c4f92a3408fb816863a239df3c3cdda27089ae9 4454 samba_4.17.10+dfsg-0+deb12u1.dsc
 d02a6567d4cab387d3d3107ba65dbc5bbf3c3cca 18206276 samba_4.17.10+dfsg.orig.tar.xz
 01a5edeabcc2d20e764499693eb84e3cfaf41c64 271772 samba_4.17.10+dfsg-0+deb12u1.debian.tar.xz
 a0ad79e8fead1344ef4fd4fc507b61f4fd17698e 6384 samba_4.17.10+dfsg-0+deb12u1_source.buildinfo
Checksums-Sha256:
 e9490e4a8aee1d17c5e71a46809d89f2a5a0bdd1fe21893d86d28bf3652cb982 4454 samba_4.17.10+dfsg-0+deb12u1.dsc
 79cdf385091b96aa53fac0cbd5946ba0f0f051ed323f71e69990a25019e1fc94 18206276 samba_4.17.10+dfsg.orig.tar.xz
 ebcbac3e7a3045ac06a1d18f22b7f529aa502f377d30685df119aca954ac2f0a 271772 samba_4.17.10+dfsg-0+deb12u1.debian.tar.xz
 b58a38f380a70f5c8803a2725e6470f2253837beba189256d192e0c55e2cf62e 6384 samba_4.17.10+dfsg-0+deb12u1_source.buildinfo
Files:
 5c36bd1df04a72c068f1f6625d3bb6b1 4454 net optional samba_4.17.10+dfsg-0+deb12u1.dsc
 e01fdb78ab4887d2001e1b3d0545a7de 18206276 net optional samba_4.17.10+dfsg.orig.tar.xz
 8c4a830743ff198634f1981914984d8c 271772 net optional samba_4.17.10+dfsg-0+deb12u1.debian.tar.xz
 45be04c34016238c434ccc9ee3f008f7 6384 net optional samba_4.17.10+dfsg-0+deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQFDBAEBCgAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAmS3/ioPHG1qdEB0bHMu
bXNrLnJ1AAoJEHAbT2saaT5ZX84H/jd3fmepwqzUoQZLL//tX6SVvEm7XGdIgnPC
9aFwsIbH/kBFtGe2/tpAFN6UawwWqiXynKsbBe8rlpOgclDKmauUENVsZZVgIHZH
5ZkTguzO4D4dgi9OWqx+mAjdyWopHyVVIjXGvpF+6sI31eVlkeXRfwfYykl4pIK4
fXOVZbIdS83L/1RUzs6PZdzSCfIOmzCizA+F2X8K+/+d9z8EANk0BbNER92OS82C
Dr53Rz6JmwQRzSAiDRRwj/xucGXczDcTurE7pLazOntslfXC+Ty7XdLY9x79uH+t
toTWaRSErpzBezv1h/8+jkPJhfmEfKI20jITuSWt8T+ojSi5QF4=
=hXEQ
-----END PGP SIGNATURE-----