USN-5993-1: Samba vulnerabilities
3 April 2023
Samba could be made to expose sensitive information over the network.
- samba - SMB/CIFS file, print, and login server for Unix
Demi Marie Obenour discovered that the Samba LDAP server incorrectly
handled certain confidential attribute values. A remote authenticated
attacker could possibly use this issue to obtain certain sensitive
Andrew Bartlett discovered that the Samba AD DC admin tool incorrectly
sent passwords in cleartext. A remote attacker could possibly use this
issue to obtain sensitive information. (CVE-2023-0922)
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.
- USN-5992-1: python3-ldb-dev, libldb2, python3-ldb, libldb-dev, ldb-tools, ldb