From 29254bd6ea1e80ce21ce55417248d7557f528598 Mon Sep 17 00:00:00 2001 From: Joe Slater Date: Fri, 18 Mar 2022 15:17:50 -0400 Subject: [PATCH] samba: fix three CVEs CVE-2021-44142: out-of-bounds heap read/write CVE-2020-25717: user can become root CVE-2020-25719: AD DC does not always rely on the SID and PAC === testing Boot iso and check rpm versions. Only samba libraries are included in the image. === Closes-bug: 1964842 Signed-off-by: Joe Slater Change-Id: I55a97b662ac24c1ba9852a09d8e40b5a40f67945 --- .../config/centos/flock/rpms_centos3rdparties.lst | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/centos-mirror-tools/config/centos/flock/rpms_centos3rdparties.lst b/centos-mirror-tools/config/centos/flock/rpms_centos3rdparties.lst index c053cdb9..70f616f0 100644 --- a/centos-mirror-tools/config/centos/flock/rpms_centos3rdparties.lst +++ b/centos-mirror-tools/config/centos/flock/rpms_centos3rdparties.lst @@ -40,7 +40,7 @@ libss-devel-1.42.9-13.el7.x86_64.rpm libtalloc-2.1.13-1.el7.x86_64.rpm libtdb-1.3.18-1.el7.x86_64.rpm libtevent-0.9.39-1.el7.x86_64.rpm -libwbclient-4.10.16-5.el7.x86_64.rpm +libwbclient-4.10.16-18.el7_9.x86_64.rpm lvm2-2.02.177-4.el7.x86_64.rpm lvm2-libs-2.02.177-4.el7.x86_64.rpm # nss-softokn-3.67.0-3.el7_9.x86_64.rpm provided by mock @@ -77,9 +77,9 @@ python-virtualenv-15.1.0-2.el7.noarch.rpm qemu-vanilla-4.1.1+git.99c5874a9b-3.1.x86_64.rpm qemu-vanilla-bin-4.1.1+git.99c5874a9b-3.1.x86_64.rpm qemu-vanilla-data-4.1.1+git.99c5874a9b-3.1.x86_64.rpm -samba-client-libs-4.10.16-5.el7.x86_64.rpm -samba-common-4.10.16-5.el7.noarch.rpm -samba-common-libs-4.10.16-5.el7.x86_64.rpm +samba-client-libs-4.10.16-18.el7_9.x86_64.rpm +samba-common-4.10.16-18.el7_9.noarch.rpm +samba-common-libs-4.10.16-18.el7_9.x86_64.rpm selinux-policy-3.13.1-229.el7_6.6.noarch.rpm selinux-policy-minimum-3.13.1-229.el7_6.6.noarch.rpm selinux-policy-mls-3.13.1-229.el7_6.6.noarch.rpm