Updated ldb/samba packages fix security vulnerability
Publication date: 06 Apr 2023Modification date: 06 Apr 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2023-0225
Description
Deletion of AD DC "dnsHostname" attribute by unprivileged authenticated
users (CVE-2023-0225)
Read access controlled AD LDAP attributes (CVE-2023-0614)
Cleartext password sending by AD DC admin tool (CVE-2023-0922)
References
- https://bugs.mageia.org/show_bug.cgi?id=31735
- https://www.samba.org/samba/security/CVE-2023-0225.html
- https://www.samba.org/samba/security/CVE-2023-0922.html
- https://www.samba.org/samba/security/CVE-2023-0614.html
- https://lists.suse.com/pipermail/sle-security-updates/2023-March/014245.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0225
SRPMS
8/core
- ldb-2.5.3-1.mga8
- samba-4.16.10-1.mga8