[SCM] Samba Website Repository - branch master updated
Karolin Seeger
kseeger at samba.org
Tue Dec 10 07:02:59 MST 2013
The branch, master has been updated
via e6f9d64 security.html: Break lines.
from f32a5a1 Add security advisories for CVE-2013-4408 and CVE-2012-6150.
http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit e6f9d64b0e0aedc36929f367c2179844a2e5f922
Author: Karolin Seeger <kseeger at samba.org>
Date: Tue Dec 10 15:01:22 2013 +0100
security.html: Break lines.
Make table a bit more readable.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
-----------------------------------------------------------------------
Summary of changes:
history/security.html | 108 ++++++++++++++++++++++++------------------------
1 files changed, 54 insertions(+), 54 deletions(-)
Changeset truncated at 500 lines:
diff --git a/history/security.html b/history/security.html
index 4065209..9bb5f9a 100755
--- a/history/security.html
+++ b/history/security.html
@@ -24,17 +24,17 @@ link to full release notes for each release.</p>
<tr>
<td>09 Dec 2013</td>
<td><a href="/samba/ftp/patches/security/samba-4.1.2-CVE-2013-4408-CVE-2012-6150.patch">
- patch for Samba 4.1.2</a>
+ patch for Samba 4.1.2</a><br />
<a href="/samba/ftp/patches/security/amba-4.0.12-CVE-2013-4408-CVE-2012-6150.patch">
- patch for Samba 4.0.12</a>
+ patch for Samba 4.0.12</a><br />
<a href="/samba/ftp/patches/security/samba-3.6.21-CVE-2013-4408-CVE-2012-6150.patch">
- patch for Samba 3.6.21</a>
+ patch for Samba 3.6.21</a><br />
<a href="/samba/ftp/patches/security/samba-3.5.22-CVE-2013-4408.patch">
- patch for Samba 3.5.22</a>
+ patch for Samba 3.5.22</a><br />
<a href="/samba/ftp/patches/security/samba-3.4.17-CVE-2013-4408.patch">
patch for Samba 3.4.17</a>
<td>DCE-RPC fragment length field is incorrectly checked, pam_winbind
- login without require_membership_of restrictions.</td>
+ login without require_membership_of restrictions.</td>
<td>please refer to the advisories</td>
<td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408">CVE-2013-4408</a>,
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6150">CVE-2012-6150</a>
@@ -47,11 +47,11 @@ link to full release notes for each release.</p>
<tr>
<td>11 Nov 2013</td>
<td><a href="/samba/ftp/patches/security/samba-4.1.0-CVE-2013-4475-CVE-2013-4476.patch">
- patch for Samba 4.1.0</a>
+ patch for Samba 4.1.0</a><br />
<a href="/samba/ftp/patches/security/samba-4.0.10-CVE-2013-4475-CVE-2013-4476.patch">
- patch for Samba 4.0.10</a>
+ patch for Samba 4.0.10</a><br />
<a href="/samba/ftp/patches/security/samba-3.6.19-CVE-2013-4475.patch">
- patch for Samba 3.6.19</a>
+ patch for Samba 3.6.19</a><br />
<td>ACLs are not checked on opening an alternate data stream on a file
or directory, Private key in key.pem world readable.</td>
<td>3.2.0 - 4.1.0, 4.0.0 - 4.0.10, 4.1.0</td>
@@ -66,11 +66,11 @@ link to full release notes for each release.</p>
<tr>
<td>05 Aug 2013</td>
<td><a href="/samba/ftp/patches/security/samba-4.0.7-CVE-2013-4124.patch">
- patch for Samba 4.0.7</a>
+ patch for Samba 4.0.7</a><br />
<a href="/samba/ftp/patches/security/samba-3.6.16-CVE-2013-4124.patch">
- patch for Samba 3.6.16</a>
+ patch for Samba 3.6.16</a><br />
<a href="/samba/ftp/patches/security/samba-3.5.21-CVE-2013-4124.patch">
- patch for Samba 3.5.21</a>
+ patch for Samba 3.5.21</a><br />
<td>Denial of service - CPU loop and memory allocation.</td>
<td>3.0.x-4.0.7</td>
<td><a
@@ -108,11 +108,11 @@ link to full release notes for each release.</p>
<tr>
<td>30 Jan 2013</td>
<td><a href="/samba/ftp/patches/security/samba-4.0.1-CVE-2013-0213-CVE-2013-0214.patch">
- patch for Samba 4.0.1</a>
+ patch for Samba 4.0.1</a><br />
<a href="/samba/ftp/patches/security/samba-3.6.11-CVE-2013-0213-CVE-2013-0214.patch">
- patch for Samba 3.6.11</a>
+ patch for Samba 3.6.11</a><br />
<a href="/samba/ftp/patches/security/samba-3.5.20-CVE-2013-0213-CVE-2013-0214.patch">
- patch for Samba 3.5.20</a>
+ patch for Samba 3.5.20</a><br />
<td>Clickjacking issue and potential XSRF in SWAT.</td>
<td>3.0.x-4.0.1</td>
<td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0213">CVE-2013-0213</a>,
@@ -137,11 +137,11 @@ link to full release notes for each release.</p>
<tr>
<td>30 Apr 2012</td>
<td><a href="/samba/ftp/patches/security/samba-3.4.16-CVE-2012-2111.patch">
- patch for Samba 3.4.16</a>
+ patch for Samba 3.4.16</a><br />
<a href="/samba/ftp/patches/security/samba-3.5.14-CVE-2012-2111.patch">
- patch for Samba 3.5.14</a>
+ patch for Samba 3.5.14</a><br />
<a href="/samba/ftp/patches/security/samba-3.6.4-CVE-2012-2111.patch">
- patch for Samba 3.6.4</a>
+ patch for Samba 3.6.4</a><br />
<td>Incorrect permission checks when granting/removing privileges can
compromise file server security.</td>
<td>3.4.x-3.6.4</td>
@@ -152,17 +152,17 @@ link to full release notes for each release.</p>
<tr>
<td>10 Apr 2012</td>
<td><a href="/samba/ftp/patches/security/samba-3.0.37-CVE-2012-1182.patch">
- patch for Samba 3.0.37</a>
+ patch for Samba 3.0.37</a><br />
<a href="/samba/ftp/patches/security/samba-3.2.15-CVE-2012-1182.patch">
- patch for Samba 3.2.15</a>
+ patch for Samba 3.2.15</a><br />
<a href="/samba/ftp/patches/security/samba-3.3.16-CVE-2012-1182.patch">
- patch for Samba 3.3.16</a>
+ patch for Samba 3.3.16</a><br />
<a href="/samba/ftp/patches/security/samba-3.4.15-CVE-2012-1182.patch">
- patch for Samba 3.4.15</a>
+ patch for Samba 3.4.15</a><br />
<a href="/samba/ftp/patches/security/samba-3.5.13-CVE-2012-1182.patch">
- patch for Samba 3.5.13</a>
+ patch for Samba 3.5.13</a><br />
<a href="/samba/ftp/patches/security/samba-3.6.3-CVE-2012-1182.patch">
- patch for Samba 3.6.3</a>
+ patch for Samba 3.6.3</a><br />
<td>"root" credential remote code execution</td>
<td>all current releases</td>
<td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182">CVE-2012-1182</a></td>
@@ -172,11 +172,11 @@ link to full release notes for each release.</p>
<tr>
<td>23 Feb 2012</td>
<td><a href="/samba/ftp/patches/security/samba-3.0-CVE-2012-0870.patch">
- patch for Samba 3.0</a>
+ patch for Samba 3.0</a><br />
<a href="/samba/ftp/patches/security/samba-3.2-CVE-2012-0870.patch">
- patch for Samba 3.2</a>
+ patch for Samba 3.2</a><br />
<a href="/samba/ftp/patches/security/samba-3.3-CVE-2012-0870.patch">
- patch for Samba 3.3</a>
+ patch for Samba 3.3</a><br />
<td>Remote code execution vulnerability in smbd</td>
<td>pre-3.4</td>
<td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870">CVE-2012-0870</a></td>
@@ -196,11 +196,11 @@ link to full release notes for each release.</p>
<tr>
<td>26 Jul 2011</td>
<td><a href="/samba/ftp/patches/security/samba-3.3.15-CVE-2011-2522.patch">
- patch for Samba 3.3.15</a>
+ patch for Samba 3.3.15</a><br />
<a href="/samba/ftp/patches/security/samba-3.4.13-CVE-2011-2522.patch">
- patch for Samba 3.4.13</a>
+ patch for Samba 3.4.13</a><br />
<a href="/samba/ftp/patches/security/samba-3.5.9-CVE-2011-2522.patch">
- patch for Samba 3.5.9</a>
+ patch for Samba 3.5.9</a><br />
<td>Cross-Site Request Forgery in SWAT</td>
<td>all current releases</td>
<td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2522">CVE-2011-2522</a></td>
@@ -210,11 +210,11 @@ link to full release notes for each release.</p>
<tr>
<td>26 Jul 2011</td>
<td><a href="/samba/ftp/patches/security/samba-3.3.15-CVE-2011-2694.patch">
- patch for Samba 3.3.15</a>
+ patch for Samba 3.3.15</a><br />
<a href="/samba/ftp/patches/security/samba-3.4.13-CVE-2011-2694.patch">
- patch for Samba 3.4.13</a>
+ patch for Samba 3.4.13</a><br />
<a href="/samba/ftp/patches/security/samba-3.5.9-CVE-2011-2694.patch">
- patch for Samba 3.5.9</a>
+ patch for Samba 3.5.9</a><br />
<td>Cross-Site Scripting vulnerability in SWAT</td>
<td>all current releases</td>
<td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2694">CVE-2011-2694</a></td>
@@ -224,11 +224,11 @@ link to full release notes for each release.</p>
<tr>
<td>18 Feb 2011</td>
<td><a href="/samba/ftp/patches/security/samba-3.3.14-CVE-2011-0719.patch">
- patch for Samba 3.3.14</a>
+ patch for Samba 3.3.14</a><br />
<a href="/samba/ftp/patches/security/samba-3.4.11-CVE-2011-0719.patch">
- patch for Samba 3.4.11</a>
+ patch for Samba 3.4.11</a><br />
<a href="/samba/ftp/patches/security/samba-3.5.6-CVE-2011-0719.patch">
- patch for Samba 3.5.6</a>
+ patch for Samba 3.5.6</a><br />
<td>Denial of service - memory corruption</td>
<td>all current releases</td>
<td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0719">CVE-2011-0719</a></td>
@@ -238,11 +238,11 @@ link to full release notes for each release.</p>
<tr>
<td>14 Sep 2010</td>
<td><a href="/samba/ftp/patches/security/samba-3.3.13-CVE-2010-3069.patch">
- patch for Samba 3.3.13</a>
+ patch for Samba 3.3.13</a><br />
<a href="/samba/ftp/patches/security/samba-3.4.8-CVE-2010-3069.patch">
- patch for Samba 3.4.8</a>
+ patch for Samba 3.4.8</a><br />
<a href="/samba/ftp/patches/security/samba-3.5.4-CVE-2010-3069.patch">
- patch for Samba 3.5.4</a>
+ patch for Samba 3.5.4</a><br />
<td>Buffer Overrun Vulnerability</td>
<td>all current releases</td>
<td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3069">CVE-2010-3069</a></td>
@@ -252,9 +252,9 @@ link to full release notes for each release.</p>
<tr>
<td>16 Jun 2010</td>
<td><a href="/samba/ftp/patches/security/samba-3.3.12-CVE-2010-2063.patch">
- patch for Samba 3.3.12 and 3.2.15</a>
+ patch for Samba 3.3.12 and 3.2.15</a><br />
<a href="/samba/ftp/patches/security/samba-3.0.37-CVE-2010-2063.patch">
- patch for Samba 3.0.37</a>
+ patch for Samba 3.0.37</a><br />
<td>Memory Corruption Vulnerability</td>
<td>3.0.x, 3.2.x, 3.3.0-3.3.12</td>
<td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-CVE-2010-2063">CVE-2010-2063</a></td>
@@ -264,11 +264,11 @@ link to full release notes for each release.</p>
<tr>
<td>08 Mar 2010</td>
<td><a href="/samba/ftp/patches/security/samba-3.5.0-CVE-2010-0728.patch">
- patch for Samba 3.5.0</a>
+ patch for Samba 3.5.0</a><br />
<a href="/samba/ftp/patches/security/samba-3.4.6-CVE-2010-0728.patch">
- patch for Samba 3.4.6</a>
+ patch for Samba 3.4.6</a><br />
<a href="/samba/ftp/patches/security/samba-3.3.11-CVE-2010-0728.patch">
- patch for Samba 3.3.11</a>
+ patch for Samba 3.3.11</a><br />
<td>Permission ignored</td>
<td>3.3.11, 3.4.6, 3.5.0</td>
<td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0728">CVE-2010-0728</a></td>
@@ -311,13 +311,13 @@ link to full release notes for each release.</p>
<tr>
<td>01 Oct 2009</td>
<td><a href="/samba/ftp/patches/security/samba-3.4.1-CVE-2009-2906.patch">
- patch for Samba 3.4.1</a>
+ patch for Samba 3.4.1</a><br />
<a href="/samba/ftp/patches/security/samba-3.3.7-CVE-2009-2906.patch">
- patch for Samba 3.3.7</a>
+ patch for Samba 3.3.7</a><br />
<a href="/samba/ftp/patches/security/samba-3.2.14-CVE-2009-2906.patch">
- patch for Samba 3.2.14</a>
+ patch for Samba 3.2.14</a><br />
<a href="/samba/ftp/patches/security/samba-3.0.36-CVE-2009-2906.patch">
- patch for Samba 3.0.36</a>
+ patch for Samba 3.0.36</a><br />
<td>Remote DoS against smbd on authenticated connections</td>
<td>all releases</td>
<td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906">CVE-2009-2906</a></td>
@@ -328,13 +328,13 @@ link to full release notes for each release.</p>
<tr>
<td>01 Oct 2009</td>
<td><a href="/samba/ftp/patches/security/samba-3.4.1-CVE-2009-2813.patch">
- patch for Samba 3.4.1</a>
+ patch for Samba 3.4.1</a><br />
<a href="/samba/ftp/patches/security/samba-3.3.7-CVE-2009-2813.patch">
- patch for Samba 3.3.7</a>
+ patch for Samba 3.3.7</a><br />
<a href="/samba/ftp/patches/security/samba-3.2.14-CVE-2009-2813.patch">
- patch for Samba 3.2.14</a>
+ patch for Samba 3.2.14</a><br />
<a href="/samba/ftp/patches/security/samba-3.0.36-CVE-2009-2813.patch">
- patch for Samba 3.0.36</a>
+ patch for Samba 3.0.36</a><br />
<td>Misconfigured /etc/passwd file may share folders unexpectedly</td>
<td>> 3.0.11</td>
<td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813">CVE-2009-2813</a></td>
@@ -345,11 +345,11 @@ link to full release notes for each release.</p>
<tr>
<td>23 Jun 2009</td>
<td><a href="/samba/ftp/patches/security/samba-3.3.5-CVE-2009-1888.patch">
- patch for Samba 3.3.5</a>
+ patch for Samba 3.3.5</a><br />
<a href="/samba/ftp/patches/security/samba-3.2.12-CVE-2009-1888.patch">
- patch for Samba 3.2.12</a>
+ patch for Samba 3.2.12</a><br />
<a href="/samba/ftp/patches/security/samba-3.0.34-CVE-2009-1888.patch">
- patch for Samba 3.0.34</a>
+ patch for Samba 3.0.34</a><br />
<td>Uninitialized read of a data value</td>
<td>Samba 3.0.31 - 3.3.5</td>
<td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888">CVE-2009-1888</a></td>
--
Samba Website Repository
More information about the samba-cvs
mailing list