MGASA-2013-0348

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2013-0348.html
Import Source
https://advisories.mageia.org/MGASA-2013-0348.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2013-0348
Related
Published
2013-11-22T19:10:41Z
Modified
2013-11-22T19:10:37Z
Summary
Updated samba packages fix CVE-2013-4475
Details

Updated samba packages fix security vulnerabilities:

Samba versions before 3.6.20 do not check the underlying file or directory ACL when opening an alternate data stream (CVE-2013-4475).

Samba is not configured by default to support alternate data streams, so only servers that have enabled the streamsdepot or streamsxattr VFS modules are affected.

References
Credits

Affected packages

Mageia:2 / samba

Package

Name
samba
Purl
pkg:rpm/mageia/samba?distro=mageia-2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.6.5-2.4.mga2

Ecosystem specific 

{
    "section": "core"
}

Mageia:3 / samba

Package

Name
samba
Purl
pkg:rpm/mageia/samba?distro=mageia-3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.6.15-1.2.mga3

Ecosystem specific 

{
    "section": "core"
}