Repository 32bit  Forum
Repository 64bit  Wiki
Tue Mar 13 21:12:51 UTC 2018
a/time-1.9-x86_64-1.txz: Upgraded.
d/automake-1.16.1-noarch-1.txz: Upgraded.
l/imagemagick-6.9.9_38-x86_64-1.txz: Upgraded.
n/samba-4.7.6-x86_64-1.txz: Upgraded.
  This is a security update in order to patch the following defects:
  On a Samba 4 AD DC the LDAP server in all versions of Samba from
  4.0.0 onwards incorrectly validates permissions to modify passwords
  over LDAP allowing authenticated users to change any other users`
  passwords, including administrative users.
  All versions of Samba from 4.0.0 onwards are vulnerable to a denial of
  service attack when the RPC spoolss service is configured to be run as
  an external daemon. Missing input sanitization checks on some of the
  input parameters to spoolss RPC calls could cause the print spooler
  service to crash. There is no known vulnerability associated with this
  error, merely a denial of service. If the RPC spoolss service is left by
  default as an internal service, all a client can do is crash its own
  authenticated connection.
  For more information, see:
  https://www.samba.org/samba/security/CVE-2018-1057.html
  https://wiki.samba.org/index.php/CVE-2018-1057
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050
  (* Security fix *)
xap/mozilla-firefox-59.0-x86_64-1.txz: Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
  https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
  https://www.mozilla.org/security/known-vulnerabilities/firefox.html
  (* Security fix *)