enterprise-support team mailing list archive

Thread
Date

[Question #709563]: Samba CVE-2021-44142 release for Jammy

To: enterprise-support@xxxxxxxxxxxxxxxxxxx
From: "Siejka, Olaf" <question709563@xxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 13 Mar 2024 12:50:32 -0000
Reply-to: question709563@xxxxxxxxxxxxxxxxxxxxx
Sender: noreply@xxxxxxxxxxxxx

New question #709563 on samba in Ubuntu:
https://answers.launchpad.net/ubuntu/+source/samba/+question/709563

I've been trying to understand the samba release status for CVE-2021-44142 on Jammy, as referenced in:  https://ubuntu.com/security/CVE-2021-44142

It is currently listed as "Released (4.13.17~dfsg-0ubuntu1)" - but this version just doesn't seem to be correct, as current version for this package on Jammy is 2:4.15.13+dfsg-0ubuntu1.5

Looking at other versions, it would make sense it to be "Released (2:4.13.17~dfsg-0ubuntu1)"  as presented on changelog for this version: https://git.launchpad.net/ubuntu/+source/samba/commit/?h=ubuntu/jammy&id=c6433bc7d8a81e3b825b0dd8f4c1321edb056021

Could it be a typo? I tried to look it up in other CVE aggregators, but status for Jammy is either copied from Ubuntu Security listing for this CVE, or missing, for example https://nvd.nist.gov/vuln/detail/CVE-2021-44142

-- 
You received this question notification because your team Ubuntu
Server/Client Support Team is an answer contact for samba in Ubuntu.