Repository 32bit  Forum
Repository 64bit  Wiki
Thu Jul 7 19:52:36 UTC 2016
patches/packages/samba-4.2.14-i486-1_slack14.1.txz: Upgraded.
  This release fixes a security issue:
  Client side SMB2/3 required signing can be downgraded.
  It's possible for an attacker to downgrade the required signing for an
  SMB2/3 client connection, by injecting the SMB2_SESSION_FLAG_IS_GUEST or
  SMB2_SESSION_FLAG_IS_NULL flags. This means that the attacker can
  impersonate a server being connected to by Samba, and return malicious
  results.
  For more information, see:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119
  (* Security fix *)