Package "samba-dsdb-modules"

  samba (2:4.15.13+dfsg-0ubuntu1.12) jammy-security; urgency=medium

  * SECURITY UPDATE: May 2026 security updates
    - debian/patches/security-202605-*.patch
    - CVE-2026-2340 - WORM vfs module does not block overwrites
    - CVE-2026-3012 - auto-enrolment GPO installing CA certificate over
                      http without verification
    - CVE-2026-3238 - Denial of service against AD DC WINS server
    - CVE-2026-4408 - Unauthenticated Remote Code Execution in Samba
                      DCE/RPC SAMR server
    - CVE-2026-4480 - Unauthenticated Remote Code Execution in Samba
                      printing subsystem
    - debian/libwbclient0.symbols: updated with new symbols.

 -- Marc Deslauriers <email address hidden> Thu, 21 May 2026 13:08:17 -0400

  samba (2:4.15.13+dfsg-0ubuntu1.10) jammy-security; urgency=medium

  * SECURITY UPDATE: uninitialized memory disclosure via vfs_streams_xattr
    - debian/patches/CVE-2025-9640-1.patch: add torture test for inserting
      hole in stream in source3/selftest/tests.py, source4/torture/*.
    - debian/patches/CVE-2025-9640-2.patch: fix unitialized write in
      source3/modules/vfs_streams_xattr.c.
    - CVE-2025-9640
  * SECURITY UPDATE: command injection via WINS server hook script
    - debian/patches/CVE-2025-10230-1.patch: check that wins hook sanitizes
      names in python/samba/tests/usage.py, selftest/*, source4/torture/*,
      testprogs/blackbox/wins_hook_test.
    - debian/patches/CVE-2025-10230-2.patch: restrict names fed to shell in
      source4/nbt_server/wins/wins_hook.c.
    - CVE-2025-10230

 -- Marc Deslauriers <email address hidden> Thu, 09 Oct 2025 09:51:42 -0400

  samba (2:4.15.13+dfsg-0ubuntu1.5) jammy-security; urgency=medium

  * SECURITY UPDATE: SMB clients can truncate files with read-only
    permissions
    - debian/patches/CVE-2023-4091-*.patch
    - CVE-2023-4091
  * SECURITY UPDATE: Samba AD DC password exposure to privileged users and
    RODCs
    - debian/patches/CVE-2023-4154-*.patch
    - CVE-2023-4154
  * SECURITY UPDATE: rpcecho development server allows Denial of Service
    via sleep() call on AD DC
    - debian/patches/CVE-2023-42669.patch
    - CVE-2023-42669

 -- Marc Deslauriers <email address hidden> Wed, 04 Oct 2023 08:38:27 -0400

  samba (2:4.15.13+dfsg-0ubuntu1.2) jammy-security; urgency=medium

  * SECURITY UPDATE: Out-Of-Bounds read in winbind AUTH_CRAP
    - debian/patches/CVE-2022-2127-*.patch
    - CVE-2022-2127
  * SECURITY UPDATE: Spotlight mdssvc RPC Request Infinite Loop DoS
    - debian/patches/CVE-2023-34966-*.patch
    - CVE-2023-34966
  * SECURITY UPDATE: Spotlight mdssvc RPC Request Type Confusion DoS
    - debian/patches/CVE-2023-34967-*.patch
    - CVE-2023-34967
  * SECURITY UPDATE: Spotlight server-side Share Path Disclosure
    - debian/patches/CVE-2023-34968-*.patch
    - CVE-2023-34968

 -- Marc Deslauriers <email address hidden> Tue, 11 Jul 2023 08:44:35 -0400

  samba (2:4.15.13+dfsg-0ubuntu1.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Access controlled AD LDAP attributes can be discovered
    - debian/patches/CVE-2023-0614-*.patch: upstream patches to fix the
      issue (some of these aren't directly used in this package as they
      apply to the ldb library which is updated separately).
    - debian/control: bump ldb Build-Depends to security update version.
    - CVE-2023-0614
  * SECURITY UPDATE: admin tool samba-tool sends passwords in cleartext
    - debian/patches/CVE-2023-0922.patch: set default ldap client sasl
      wrapping to seal.
    - CVE-2023-0922

 -- Marc Deslauriers <email address hidden> Thu, 30 Mar 2023 09:25:19 -0400