Samba has issued an advisory today (August 14): https://www.samba.org/samba/security/CVE-2018-1140.html The issue is fixed upstream in 1.3.5 and 1.4.1.
Assigning to all packagers collectively, since there is no registered maintainer for this package. CC'ing some committers.
Assignee: bugsquad => pkg-bugsCC: (none) => bgmilne, mageia, mageia, marja11
ldb-1.3.5-1.mga7 uploaded in cauldron
Resolution: (none) => FIXEDStatus: NEW => RESOLVEDCC: (none) => bruno
As the comment in the SPEC file says, samba and sssd need to be rebuilt when this package is updated.
Status: RESOLVED => REOPENEDResolution: FIXED => (none)
I see you've updated samba to 4.9.1 (thanks) which takes care of that one. sssd should *not* be updated to 2.0.0. 1.13.x is the current LTM branch, and the 2.0.0 release notes say that 1.16.x might become one, so we should stay on one of those branches.
uploaded the following packages: tdb-1.3.16-1.mga7 talloc-2.1.14-1.mga7 ldb-1.4.2-1.mga7 samba-4.9.1-1.mga7 sssd-1.13.4-16.mga7
I kept sssd 1.13 ;-)
Assignee: pkg-bugs => qa-bugsStatus: REOPENED => ASSIGNED
Assignee: qa-bugs => bruno
Perfect.
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED