Le mer. 19 juin 2019 à 21:51, Salvatore Bonaccorso <car...@debian.org> a écrit : > > Source: samba > Version: 2:4.9.5+dfsg-4 > Severity: important > Tags: security upstream > > Hi,
Hi, > The following vulnerability was published for samba. > > CVE-2019-12435[0]: > | Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer > | dereference, leading to Denial of Service. This is related to the AD > | DC DNS management server (dnsserver) RPC server process. > > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2019-12435 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12435 > [1] https://www.samba.org/samba/security/CVE-2019-12435.html I've just created a pre-approval unblock request to choose between uploading 4.9.9 (including stability fixes) or 4.9.5+patch. Regards -- Mathieu Parent
