summaryrefslogtreecommitdiffstats
path: root/ChangeLog.txt
diff options
context:
space:
mode:
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r--ChangeLog.txt37
1 files changed, 37 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt
index e4b6b17b8..b421783e9 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,40 @@
+Wed Nov 10 20:32:37 UTC 2021
+d/python3-3.9.8-x86_64-1.txz: Upgraded.
+l/libtasn1-4.18.0-x86_64-1.txz: Upgraded.
+n/curl-7.80.0-x86_64-1.txz: Upgraded.
+n/ethtool-5.15-x86_64-1.txz: Upgraded.
+n/samba-4.15.2-x86_64-1.txz: Upgraded.
+ This is a security release in order to address the following defects:
+ SMB1 client connections can be downgraded to plaintext authentication.
+ A user on the domain can become root on domain members.
+ Samba AD DC did not correctly sandbox Kerberos tickets issued by an RODC.
+ Samba AD DC did not always rely on the SID and PAC in Kerberos tickets.
+ Kerberos acceptors need easy access to stable AD identifiers (eg objectSid).
+ Samba AD DC did not do suffienct access and conformance checking of data
+ stored.
+ Use after free in Samba AD DC RPC server.
+ Subsequent DCE/RPC fragment injection vulnerability.
+ For more information, see:
+ https://www.samba.org/samba/security/CVE-2016-2124.html
+ https://www.samba.org/samba/security/CVE-2020-25717.html
+ ^^ (PLEASE READ! There are important behaviour changes described)
+ https://www.samba.org/samba/security/CVE-2020-25718.html
+ https://www.samba.org/samba/security/CVE-2020-25719.html
+ https://www.samba.org/samba/security/CVE-2020-25721.html
+ https://www.samba.org/samba/security/CVE-2020-25722.html
+ https://www.samba.org/samba/security/CVE-2021-3738.html
+ https://www.samba.org/samba/security/CVE-2021-23192.html
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192
+ (* Security fix *)
+x/xorg-server-xwayland-21.1.3-x86_64-1.txz: Upgraded.
++--------------------------+
Tue Nov 9 20:22:27 UTC 2021
a/dialog-1.3_20211107-x86_64-1.txz: Upgraded.
ap/mariadb-10.5.13-x86_64-1.txz: Upgraded.
generated by cgit v1.2.3 (git 2.26.2) at 2024-05-01 08:33:39 +0000