SECURITY

USN-2855-2: Samba regression Ubuntu Security Notice USN-2855-2 16th February, 2016 samba regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary USN-2855-1 introduced a regression in Samba. Software description samba – SMB/CIFS file, print, and login server for Unix Details USN-2855-1 fixed vulnerabilities in Samba. The upstream fix forCVE-2015-5252 introduced a regression in certain specific environments.This update fixes the problem. Original advisory details: Thilo Uttendorfer discovered that the Samba LDAP server incorrectly handled certain packets. A remote attacker could use this issue to cause the LDAP server to stop responding, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.04 and Ubuntu 15.10. (CVE-2015-3223) Jan Kasprzak discovered that Samba incorrectly handled certain symlinks. A remote attacker could use this issue to access files outside [ more… ]