Back to bug 2222795

Who	When	What	Removed	Added
TEJ RATHI	2023-07-13 18:08:20 UTC	CC		security-response-team
TEJ RATHI	2023-07-13 18:11:44 UTC	CC		abokovoy, anoopcs, asn, dkarpele, nobody, pfilipen, sbose
TEJ RATHI	2023-07-13 18:13:19 UTC	Blocks		2216374
TEJ RATHI	2023-07-14 11:42:18 UTC	Depends On		2222896, 2222894, 2222895
TEJ RATHI	2023-07-17 14:35:25 UTC	Deadline		2023-07-19
TEJ RATHI	2023-07-19 14:52:38 UTC	Fixed In Version		samba 4.16.11, samba 4.17.10, samba 4.18.5
TEJ RATHI	2023-07-20 09:21:48 UTC	Deadline	2023-07-19
		Group	security, qe_staff
		Summary	EMBARGOED CVE-2023-34968 samba: spotlight server-side share path disclosure	CVE-2023-34968 samba: spotlight server-side share path disclosure
		CC		rhs-smb
TEJ RATHI	2023-07-20 09:22:14 UTC	Depends On		2224250
TEJ RATHI	2023-07-20 09:55:47 UTC	Doc Text		A path disclosure vulnerability was discovered in Samba. As part of the Spotlight protocol Samba discloses the server-side absolute path of shares and files and directories in results for search queries. A malicious client or an attacker with a targeted RPC request, could view the information that is part of the disclosed path.
RaTasha Tillery-Smith	2023-07-20 13:43:13 UTC	Doc Text	A path disclosure vulnerability was discovered in Samba. As part of the Spotlight protocol Samba discloses the server-side absolute path of shares and files and directories in results for search queries. A malicious client or an attacker with a targeted RPC request, could view the information that is part of the disclosed path.	A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the information that is part of the disclosed path.

Back to bug 2222795