Advisories » MGASA-2016-0106

Updated samba packages fix security vulnerability

Publication date: 10 Mar 2016
Modification date: 10 Mar 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-7560

Description

Jeremy Allison discovered that Samba incorrectly handled ACLs on symlink
paths. A remote attacker could use this issue to overwrite the ownership
of ACLs using symlinks (CVE-2015-7560).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=17911
• https://www.samba.org/samba/security/CVE-2015-7560.html
• http://www.ubuntu.com/usn/usn-2922-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560

SRPMS

5/core

• samba-3.6.25-2.2.mga5