Обновление Системы(DSA-3548-1 &DSA-3549-1 &DSA-3550-1)

Обновления безопасности samba, браузера Chrome и openssh.   Информация об уязвимости DSA-3548-1 samba— Security Update Сведения о базе данных безопасности: CVE-2015-5370: Jouni Knuutinen из Synopsys обнаружил недостатки в коде DCE-RPC Samba, которые могут привести к отказу в обслуживании (сбои и высокая загрузка процессора) и атакам «человек посередине». CVE-2016-2110: Stefan Metzmacher of SerNet and the Samba Team discovered that the feature negotiation of NTLMSSP does not protect against downgrade attacks. CVE-2016-2111: When Samba is configured as domain controller, it allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information. This flaw corresponds to the same vulnerability as CVE-2015-0005 for Windows, discovered by Alberto Solino from Core Security. CVE-2016-2112: Stefan Metzmacher of SerNet and the Samba Team discovered that a man-in-the-middle attacker can downgrade LDAP connections to avoid integrity protection. CVE-2016-2113: Stefan Metzmacher of SerNet and the Samba Team discovered that man-in-the-middle attacks are possible for client triggered LDAP connections and ncacn_http connections. CVE-2016-2114: Stefan Metzmacher of SerNet and the Samba Team discovered that Samba does not enforce required smb signing even if explicitly configured. CVE-2016-2115: Stefan Metzmacher of SerNet and the Samba Team discovered that SMB connections for IPC traffic are not integrity-protected. ...Читать еще