You are here
raistlinkell - Sun, 2022/02/13 - 10:09
Hello Turnkey Linux Gurus
I've just received an email from ACSC (Australian Cyber Security Centre) regarding a HIGH Alert for Samba versions prior to 4.13.17. and checked my Transmission CT executing the following in the container
sudo smbstatus
The Samba version running on this is 4.9.5 and attempted to update the CT using APT. According to APT all the packages are the latest and there are no updates for the samba server currently running.
Wondering if there's a pending resolution to this on the way?
Forum:
Tags:
Debian security
I am guessing the samba package comes from Debian, so we will be getting the fix from them.
https://security-tracker.debian.org/tracker/CVE-2021-44142
Check you have the Debian security repo enabled and have the patched samba version in link the above.
security.sources.list
deb [signed-by=/usr/share/keyrings/tkl-buster-security.gpg] http://archive.turnkeylinux.org/debian buster-security main
deb http://security.debian.org/ buster/updates main
deb http://security.debian.org/ buster/updates contrib
deb http://security.debian.org/ buster/updates non-free
As badco noted, Samba is installed from Debian
As badco noted, Samba is installed from Debian. And as the link he provided currently shows, that for Debian "buster" (which is the basis for TurnKey v16.x), CVE-2021-44142 is patched in Samba package version: '2:4.9.5+dfsg-5+deb10u3' which is in the "security" repo.
So if you are using a TurnKey v16.x server with Samba included, it should already have the relevant patched version installed. To double check that is the version you have:
The first few lines of output should look like this:
If all is well, yours will look the same; with the fixed version '', listed as both "Installed" and "Candidate". Assuming so, then you're all good and the security update has already been auto-applied.
Add new comment