-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 27 Dec 2025 10:40:36 +0100 Source: smb4k Architecture: source Version: 4.0.0-1+deb13u1 Distribution: trixie-security Urgency: high Maintainer: Debian KDE Extras Team Changed-By: Salvatore Bonaccorso Closes: 1122381 Changes: smb4k (4.0.0-1+deb13u1) trixie-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix two security issues in the KAuth mounthelper: - CVE-2025-66002: local users can perform arbitrary unmounts via smb4kmounthelper due to lack of input validation - CVE-2025-66003: local users can perform a local root exploit via smb4k mounthelper if they can access and control the contents of a Samba share (Closes: #1122381) * Merge Smb4KHardwareInterface class from master so that the merged security fixes can be compiled Checksums-Sha1: b0c5a5020f122d455edbe94d45f6fdfe3c814cbf 2994 smb4k_4.0.0-1+deb13u1.dsc dbe96db0505cba109068084d07303e400df9ec2c 4852924 smb4k_4.0.0.orig.tar.xz 58cd2c7be587b9e890de1279c2b17aea0507e654 38496 smb4k_4.0.0-1+deb13u1.debian.tar.xz ca260e59e77bb09a0887e24745a3cc3e413f6a4c 6243 smb4k_4.0.0-1+deb13u1_source.buildinfo Checksums-Sha256: c5ed6dc8bb975cedf511212a0f4878d0dd969c71159036f7a9b3ebcb37474747 2994 smb4k_4.0.0-1+deb13u1.dsc d7da661711c9bc565cc4c14713e3ea5916dca245fddfa00fa0441763985b1bae 4852924 smb4k_4.0.0.orig.tar.xz a4c8ce7ce93fa4702b0f65acf432ce5cebfa1a439f5cb3de0a9abefff5f4ecb2 38496 smb4k_4.0.0-1+deb13u1.debian.tar.xz 8789e8880de9f7527fbb4487247b87e826007a0ff712f78efbccf59f9622a87b 6243 smb4k_4.0.0-1+deb13u1_source.buildinfo Files: 188ce8cdfa91c312d79b6067694d5500 2994 kde optional smb4k_4.0.0-1+deb13u1.dsc 09eaa3f79339115a4da2c9fe648318ea 4852924 kde optional smb4k_4.0.0.orig.tar.xz 85a810b59b286faacae0cef4a4236e79 38496 kde optional smb4k_4.0.0-1+deb13u1.debian.tar.xz 74d94d4d4b9a5efc670b99923d1533c6 6243 kde optional smb4k_4.0.0-1+deb13u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmlVEEdfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EQlgP+gPtqNuVILRGOnS6lItBTHZUNa7z+G0o 8laCa1cPL6KUXF8JmMj+1qVdaufXLpsGV/T1HX8Wni42bdao/+aPKPmFmzOgHwC5 LHZEDJTgLpA3FRQJmrnj36eToFklEypfVa9mWNEp/mi1f4CSFMigrGp0qVvsVTy2 xKB7WVgE9lC26tIH4Brj5lqOkWwrYs78ncZd+9b9Rr8sChgEbu2A9Uou9bIsIgu2 dyawpK6+0EYnRuGZpFWGBXvxXDA/u0GY7Lg5/kusbiecVlLrPf6CjtivJvYNcIev fxVkbdFJ8fRLLYol1NEccinyOoz7y/Y3l4nYRWoXQw80Ic0DxBZsml43s0uUjr6i PDl5U1TAdGE+jKm/o8JcAL8qX+1JvHtzhWmYgAgqqZXltYESwF7VjYbISao4h6er 9gU1ZALlq7RMiVofqXlaWJ2Mvt7KLr1nK4rSvt4tocsZKMXAXmCGsexq+pbrm/zQ ub9qCHDb8xxt718fn86OsFGLXVtg+J/+N3kLGJCnGb2j4TxPpS1+n6OZxTjABMzi riJfr6kX1/wwnGV1U/iW4vEY6B0g+Ls1+65en8fsLOvbR3FpJ75X/6QRUFU8UK3R gq/jwTcpubdRoXBQ6WFsIotL2LcJ/g0j0rAtzRNBqsHFFAEMBSijMr9NUQroMsWG cCXKXtUQbDeL =zDqX -----END PGP SIGNATURE-----