-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 10 Oct 2023 18:17:19 +0300
Source: samba
Architecture: source
Version: 2:4.17.12+dfsg-0+deb12u1
Distribution: bookworm-security
Urgency: medium
Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Changes:
 samba (2:4.17.12+dfsg-0+deb12u1) bookworm-security; urgency=medium
 .
   * new stable security bugfix release:
     o CVE-2023-3961: https://www.samba.org/samba/security/CVE-2023-3961.html
       Unsanitized pipe names allow SMB clients to connect as root
       to existing unix domain sockets on the file system.
     o CVE-2023-4091: https://www.samba.org/samba/security/CVE-2023-4091.html
       SMB client can truncate files to 0 bytes by opening files with OVERWRITE
       disposition when using the acl_xattr Samba VFS module with the smb.conf
       setting "acl_xattr:ignore system acls = yes"
     o CVE-2023-4154: https://www.samba.org/samba/security/CVE-2023-4154.html
       An RODC and a user with the GET_CHANGES right can view all attributes,
       including secrets and passwords.  Additionally, the access check fails
       open on error conditions.
     o CVE-2023-42669: https://www.samba.org/samba/security/CVE-2023-42669.html
       Calls to the rpcecho server on the AD DC can request that the server
       block for a user-defined amount of time, denying service.
     o CVE-2023-42670: https://www.samba.org/samba/security/CVE-2023-42670.html
       Samba can be made to start multiple incompatible RPC listeners,
       disrupting service on the AD DC.
Checksums-Sha1:
 75bca6c05066d1d95167cc137ddd01aa2b926c3c 4466 samba_4.17.12+dfsg-0+deb12u1.dsc
 89bb8e1416f7ce856342523920da888dab72c43e 18223156 samba_4.17.12+dfsg.orig.tar.xz
 e649c6a1e95162b0efa333c7cf54d6bc80904531 272776 samba_4.17.12+dfsg-0+deb12u1.debian.tar.xz
 f4ce7a0504f04ef38d0f73e83266cb52ce2eb483 6308 samba_4.17.12+dfsg-0+deb12u1_source.buildinfo
Checksums-Sha256:
 30616f6b04bfb0d2878c61cd9295d79dd6cea5a05c529dc387b0ad135dbaf888 4466 samba_4.17.12+dfsg-0+deb12u1.dsc
 d01f7df9a7dca56ce3b145ee9f887ebd138665a76b61b99208044a8f43e9931d 18223156 samba_4.17.12+dfsg.orig.tar.xz
 5ef5245bab0b690cd1ca4a20315d008795b1090a9b792922ac4f6796b618169d 272776 samba_4.17.12+dfsg-0+deb12u1.debian.tar.xz
 b18fef8981cdf942f19bd648cafe2933063c5739e1c9e78eaa019fccad7750dd 6308 samba_4.17.12+dfsg-0+deb12u1_source.buildinfo
Files:
 5a307458004b7873958d9f277aceccba 4466 net optional samba_4.17.12+dfsg-0+deb12u1.dsc
 d8ac9891eac4590603f43c0cec81d240 18223156 net optional samba_4.17.12+dfsg.orig.tar.xz
 dc4fa65762d9938b63b6d2e64eff6c92 272776 net optional samba_4.17.12+dfsg-0+deb12u1.debian.tar.xz
 d9a4344c7e8bed5d5bebdeb8b4d09b16 6308 net optional samba_4.17.12+dfsg-0+deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQFDBAEBCgAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAmUlbLUPHG1qdEB0bHMu
bXNrLnJ1AAoJEHAbT2saaT5Zo8MH/0qmnDFp6m4df8hGPM3wInyfXGOBW0KAiw8y
xf+2cLj2rHaMWy8aXM4a6EOt2zKKio1Xyr4r8sEBGPVrw9qjL4xclv3IGE6sLGCC
zkeNlmxZXXUamZ+3Y1siGHot/8DmKVbR+C+tb6Gg0tg96SYSZ6NuL7SO9o8Nfcxd
28jtz6gWjH6Zkr8P3jEBtRXoUPrjW0FfHXNaC7zrSZHpxTwQF3jC3XBGrt6OebXJ
LWhHrgtuQTzybnrUhJbDmHh6RBjiFXiNGmqb6pluTfiXHlZjZ6G7f5to0w6RCm9W
2G3ln7UZUb/XQM/Q5aQ21T3UtAS0oxRZdJVAF4ABQawwDakbg6M=
=GTKe
-----END PGP SIGNATURE-----