[gentoo-commits] gentoo commit in xml/htdocs/security/en/glsa: glsa-201502-15.xml - gentoo-commits

From:	"Kristian Fiskerstrand (k_f)" <k_f@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo commit in xml/htdocs/security/en/glsa: glsa-201502-15.xml
Date:	Wed, 25 Feb 2015 22:06:09
Message-Id:	`20150225220602.7B639128CA@oystercatcher.gentoo.org`

1

k_f         15/02/25 22:06:02

2

3

  Added:                glsa-201502-15.xml

4

  Log:

5

  GLSA 201502-15

6

7

Revision  Changes    Path

8

1.1                  xml/htdocs/security/en/glsa/glsa-201502-15.xml

9

10

file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201502-15.xml?rev=1.1&view=markup

11

plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201502-15.xml?rev=1.1&content-type=text/plain

12

13

Index: glsa-201502-15.xml

14

===================================================================

15

<?xml version="1.0" encoding="UTF-8"?>

16

<?xml-stylesheet href="/xsl/glsa.xsl" type="text/xsl"?>

17

<?xml-stylesheet href="/xsl/guide.xsl" type="text/xsl"?>

18

<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">

19

<glsa id="201502-15">

20

  <title>Samba: Multiple vulnerabilities</title>

21

  <synopsis>Multiple vulnerabilities have been found in Samba, the worst of

22

    which allowing a context-dependent attacker to bypass intended file

23

    restrictions, cause a Denial of Service or execute arbitrary code. 

24

  </synopsis>

25

  <product type="ebuild">samba</product>

26

  <announced>February 25, 2015</announced>

27

  <revised>February 25, 2015: 1</revised>

28

  <bug>479868</bug>

29

  <bug>491070</bug>

30

  <bug>493664</bug>

31

  <bug>504494</bug>

32

  <bug>511764</bug>

33

  <bug>514676</bug>

34

  <bug>541182</bug>

35

  <access>local, remote</access>

36

  <affected>

37

    <package name="net-fs/samba" auto="yes" arch="*">

38

      <unaffected range="ge">3.6.25</unaffected>

39

      <vulnerable range="lt">3.6.25</vulnerable>

40

    </package>

41

  </affected>

42

  <background>

43

    <p>Samba is a suite of SMB and CIFS client/server programs.</p>

44

  </background>

45

  <description>

46

    <p>Multiple vulnerabilities have been discovered in Samba. Please review

47

      the CVE identifiers referenced below for details.

48

    </p>

49

  </description>

50

  <impact type="high">

51

    <p>A context-dependent attacker may be able to execute arbitrary code,

52

      cause a Denial of Service condition, bypass intended file restrictions,

53

      or obtain sensitive information.

54

    </p>

55

  </impact>

56

  <workaround>

57

    <p>There is no known workaround at this time.</p>

58

  </workaround>

59

  <resolution>

60

    <p>All Samba users should upgrade to the latest version:</p>

61

62

    <code>

63

      # emerge --sync

64

      # emerge --ask --oneshot --verbose "&gt;=net-fs/samba-3.6.25"

65

    </code>

66

  </resolution>

67

  <references>

68

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6150">CVE-2012-6150</uri>

69

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4124">CVE-2013-4124</uri>

70

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4408">CVE-2013-4408</uri>

71

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4475">CVE-2013-4475</uri>

72

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4476">CVE-2013-4476</uri>

73

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4496">CVE-2013-4496</uri>

74

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0178">CVE-2014-0178</uri>

75

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0239">CVE-2014-0239</uri>

76

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0244">CVE-2014-0244</uri>

77

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3493">CVE-2014-3493</uri>

78

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0240">CVE-2015-0240</uri>

79

  </references>

80

  <metadata tag="requester" timestamp="Wed, 21 May 2014 04:10:53 +0000">

81

    BlueKnight

82

  </metadata>

83

  <metadata tag="submitter" timestamp="Wed, 25 Feb 2015 22:04:57 +0000">K_F</metadata>

84

</glsa>

1	k_f 15/02/25 22:06:02
2
3	Added: glsa-201502-15.xml
4	Log:
5	GLSA 201502-15
6
7	Revision Changes Path
8	1.1 xml/htdocs/security/en/glsa/glsa-201502-15.xml
9
10	file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201502-15.xml?rev=1.1&view=markup
11	plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201502-15.xml?rev=1.1&content-type=text/plain
12
13	Index: glsa-201502-15.xml
14	===================================================================
15	<?xml version="1.0" encoding="UTF-8"?>
16	<?xml-stylesheet href="/xsl/glsa.xsl" type="text/xsl"?>
17	<?xml-stylesheet href="/xsl/guide.xsl" type="text/xsl"?>
18	<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
19	<glsa id="201502-15">
20	<title>Samba: Multiple vulnerabilities</title>
21	<synopsis>Multiple vulnerabilities have been found in Samba, the worst of
22	which allowing a context-dependent attacker to bypass intended file
23	restrictions, cause a Denial of Service or execute arbitrary code.
24	</synopsis>
25	<product type="ebuild">samba</product>
26	<announced>February 25, 2015</announced>
27	<revised>February 25, 2015: 1</revised>
28	<bug>479868</bug>
29	<bug>491070</bug>
30	<bug>493664</bug>
31	<bug>504494</bug>
32	<bug>511764</bug>
33	<bug>514676</bug>
34	<bug>541182</bug>
35	<access>local, remote</access>
36	<affected>
37	<package name="net-fs/samba" auto="yes" arch="*">
38	<unaffected range="ge">3.6.25</unaffected>
39	<vulnerable range="lt">3.6.25</vulnerable>
40	</package>
41	</affected>
42	<background>
43	<p>Samba is a suite of SMB and CIFS client/server programs.</p>
44	</background>
45	<description>
46	<p>Multiple vulnerabilities have been discovered in Samba. Please review
47	the CVE identifiers referenced below for details.
48	</p>
49	</description>
50	<impact type="high">
51	<p>A context-dependent attacker may be able to execute arbitrary code,
52	cause a Denial of Service condition, bypass intended file restrictions,
53	or obtain sensitive information.
54	</p>
55	</impact>
56	<workaround>
57	<p>There is no known workaround at this time.</p>
58	</workaround>
59	<resolution>
60	<p>All Samba users should upgrade to the latest version:</p>
61
62	<code>
63	# emerge --sync
64	# emerge --ask --oneshot --verbose ">=net-fs/samba-3.6.25"
65	</code>
66	</resolution>
67	<references>
68	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6150">CVE-2012-6150</uri>
69	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4124">CVE-2013-4124</uri>
70	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4408">CVE-2013-4408</uri>
71	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4475">CVE-2013-4475</uri>
72	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4476">CVE-2013-4476</uri>
73	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4496">CVE-2013-4496</uri>
74	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0178">CVE-2014-0178</uri>
75	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0239">CVE-2014-0239</uri>
76	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0244">CVE-2014-0244</uri>
77	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3493">CVE-2014-3493</uri>
78	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0240">CVE-2015-0240</uri>
79	</references>
80	<metadata tag="requester" timestamp="Wed, 21 May 2014 04:10:53 +0000">
81	BlueKnight
82	</metadata>
83	<metadata tag="submitter" timestamp="Wed, 25 Feb 2015 22:04:57 +0000">K_F</metadata>
84	</glsa>

Gentoo Archives: gentoo-commits