similar to: Processed: stable is affected as well

Source: xen Version: 4.17.0+46-gaaf74a532c-1 Severity: grave Tags: security upstream X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org> Hi, The following vulnerabilities were published for xen. CVE-2022-42331[0]: | x86: speculative vulnerability in 32bit SYSCALL path Due to an | oversight in the very original Spectre/Meltdown security work | (XSA-254),

Release Announcements --------------------- This are security releases in order to address the following defects: o CVE-2022-2031:? Samba AD users can bypass certain restrictions associated with ????????????????? changing passwords. https://www.samba.org/samba/security/CVE-2022-2031.html o CVE-2022-32744: Samba AD users can forge password change requests for any user.

Release Announcements --------------------- This are security releases in order to address the following defects: o CVE-2022-2031:? Samba AD users can bypass certain restrictions associated with ????????????????? changing passwords. https://www.samba.org/samba/security/CVE-2022-2031.html o CVE-2022-32744: Samba AD users can forge password change requests for any user.

Comparison of http://mirror.team-cymru.org/pub/OpenBSD/OpenSSH/openssh-4.4.tar.gz to http://mirror.team-cymru.org/pub/OpenBSD/OpenSSH/openssh-4.5.tar.gz source codes, in conjunction with the changes shown at http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/packet.c.diff?r1=1.144&r2=1.145&f=h, appear to shows that CVE-2006-4925 was fixed with the release of OpenSSH 4.5. However, can a

Release Announcements --------------------- This are security releases in order to address the following defects: o CVE-2022-37966: This is the Samba CVE for the Windows Kerberos ????????????????? RC4-HMAC Elevation of Privilege Vulnerability ????????????????? disclosed by Microsoft on Nov 8 2022. ????????????????? A Samba Active Directory DC will issue weak rc4-hmac ?????????????????

Release Announcements --------------------- This are security releases in order to address the following defects: o CVE-2022-37966: This is the Samba CVE for the Windows Kerberos ????????????????? RC4-HMAC Elevation of Privilege Vulnerability ????????????????? disclosed by Microsoft on Nov 8 2022. ????????????????? A Samba Active Directory DC will issue weak rc4-hmac ?????????????????

Hey Andre,? Sure, we already on the latest Patch Level on Ubuntu with 2:4.13.17~dfsg-0ubuntu1.20.04.4 Installer, but the issue still exist.? The only way to resolve the issue and to make a login possible again, was the workaround in my previous mail.? The Windows clients are Windows 10 22H2 with all updates installed. We also doesn't have any special settings in smb.conf. If you have any

Release Announcements --------------------- This are security releases in order to address the following defects: o CVE-2022-2127:? When winbind is used for NTLM authentication, a maliciously ????????????????? crafted request can trigger an out-of-bounds read in winbind ????????????????? and possibly crash it. https://www.samba.org/samba/security/CVE-2022-2127.html o CVE-2023-3347:? SMB2

Release Announcements --------------------- This are security releases in order to address the following defects: o CVE-2022-2127:? When winbind is used for NTLM authentication, a maliciously ????????????????? crafted request can trigger an out-of-bounds read in winbind ????????????????? and possibly crash it. https://www.samba.org/samba/security/CVE-2022-2127.html o CVE-2023-3347:? SMB2

19.07.2023 17:55, Jule Anger via samba weote: > Release Announcements > --------------------- > > This are security releases in order to address the following defects: > > o CVE-2022-2127:? When winbind is used for NTLM authentication, a maliciously > ????????????????? crafted request can trigger an out-of-bounds read in winbind > ????????????????? and possibly crash

Mapping stable-security to proposed-updates. Accepted: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 17 Aug 2014 10:39:32 +0300 Source: xen Binary: xen-docs-4.1 libxen-4.1 libxenstore3.0 libxen-dev xenstore-utils libxen-ocaml libxen-ocaml-dev xen-utils-common xen-utils-4.1 xen-hypervisor-4.1-amd64 xen-system-amd64 xen-hypervisor-4.1-i386 xen-system-i386 Architecture:

Accepted: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 17 Aug 2014 10:39:32 +0300 Source: xen Binary: xen-docs-4.1 libxen-4.1 libxenstore3.0 libxen-dev xenstore-utils libxen-ocaml libxen-ocaml-dev xen-utils-common xen-utils-4.1 xen-hypervisor-4.1-amd64 xen-system-amd64 xen-hypervisor-4.1-i386 xen-system-i386 Architecture: source all amd64 Version: 4.1.4-3+deb7u2

Mapping stable-security to proposed-updates. Accepted: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 25 Nov 2015 13:03:13 +0000 Source: xen Binary: libxen-4.4 libxenstore3.0 libxen-dev xenstore-utils xen-utils-common xen-utils-4.4 xen-hypervisor-4.4-amd64 xen-system-amd64 xen-hypervisor-4.4-arm64 xen-system-arm64 xen-hypervisor-4.4-armhf xen-system-armhf Architecture:

Accepted: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 25 Nov 2015 13:03:13 +0000 Source: xen Binary: libxen-4.4 libxenstore3.0 libxen-dev xenstore-utils xen-utils-common xen-utils-4.4 xen-hypervisor-4.4-amd64 xen-system-amd64 xen-hypervisor-4.4-arm64 xen-system-arm64 xen-hypervisor-4.4-armhf xen-system-armhf Architecture: source all amd64 Version: 4.4.1-9+deb8u3

Release Announcements --------------------- This are security releases in order to address the following defects: o CVE-2022-3437:? There is a limited write heap buffer overflow in the GSSAPI ????????????????? unwrap_des() and unwrap_des3() routines of Heimdal (included ????????????????? in Samba). https://www.samba.org/samba/security/CVE-2022-3437.html o CVE-2022-3592:? A malicious client

Release Announcements --------------------- This are security releases in order to address the following defects: o CVE-2022-3437:? There is a limited write heap buffer overflow in the GSSAPI ????????????????? unwrap_des() and unwrap_des3() routines of Heimdal (included ????????????????? in Samba). https://www.samba.org/samba/security/CVE-2022-3437.html o CVE-2022-3592:? A malicious client

Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2021-44141: UNIX extensions in SMB1 disclose whether the outside target ????????????????? of a symlink exists. https://www.samba.org/samba/security/CVE-2021-44141.html o CVE-2021-44142: Out-of-Bound Read/Write on Samba vfs_fruit module.

Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2021-44141: UNIX extensions in SMB1 disclose whether the outside target ????????????????? of a symlink exists. https://www.samba.org/samba/security/CVE-2021-44141.html o CVE-2021-44142: Out-of-Bound Read/Write on Samba vfs_fruit module.

Source: xen Version: 4.17.0-1 Severity: important Tags: security upstream X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org> Hi, The following vulnerability was published for xen. CVE-2022-42330[0]: | Guests can cause Xenstore crash via soft reset When a guest issues a | "Soft Reset" (e.g. for performing a kexec) the libxl based Xen |

Source: xen Version: 4.17.0+24-g2f8851c37f-2 Severity: grave Tags: security upstream X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org> Hi, The following vulnerability was published for xen, filling with RC severity (for ideally fixed before bookworm release): CVE-2022-27672[0]: | When SMT is enabled, certain AMD processors may speculatively execute |