Описание
ELSA-2018-3056: samba security, bug fix, and enhancement update (MODERATE)
[4.8.3-4]
- resolves: #1614132 - Fix delete-on-close after smb2_find
- resolves: #1614265 - Fix CVE-2018-1139
- resolves: #1614269 - Fix CVE-2018-10858
[4.8.3-3]
- resolves: #1581016 - Add smbclient quiet argument
[4.8.3-2]
- related: #1538743 - Fix local user account lookup with winbind
[4.8.3-1]
- related: #1558560 - Rebase to Samba version 4.8.3
- resolves: #1579398 - Add winbind localauth krb5 plugin
[4.8.2-2]
- resolves: #1540457 - Fixed support for authenticaton on on way trusts
[4.8.2-1]
- related: #1558560 - Rebase to newer Samba version
[4.8.1-4]
- resolves: #1582541 - Fix anonymous auth with SMB2/3
[4.8.1-3]
- resolves: #1575205 - Fix segfault when updating DNS with 'net ads join'
- resolves: #1525511 - Fix idmap_rid dependency on trusted domain list
[4.8.1-2]
- resolves: #1538743 - Fix UPN handling in winbind
[4.8.1-1]
- related: #1558560 - Rebase to newer Samba version
- resolves: #1567896 - Fix possible crash if secrets db is emtpy
- resolves: #1570020 - Fix a crash in smbd when dfsgetinfo is called
[4.8.0-1]
- resolves: #1558560 - Rebase to newer Samba version
- resolves: #1558943 - Fix winbind requests getting stuck on a child
- resolves: #1532618 - Fix segfault with NT1 connections in smbd
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
ctdb
4.8.3-4.el7
ctdb-tests
4.8.3-4.el7
libsmbclient
4.8.3-4.el7
libsmbclient-devel
4.8.3-4.el7
libwbclient
4.8.3-4.el7
libwbclient-devel
4.8.3-4.el7
samba
4.8.3-4.el7
samba-client
4.8.3-4.el7
samba-client-libs
4.8.3-4.el7
samba-common
4.8.3-4.el7
samba-common-libs
4.8.3-4.el7
samba-common-tools
4.8.3-4.el7
samba-dc
4.8.3-4.el7
samba-dc-libs
4.8.3-4.el7
samba-devel
4.8.3-4.el7
samba-krb5-printing
4.8.3-4.el7
samba-libs
4.8.3-4.el7
samba-pidl
4.8.3-4.el7
samba-python
4.8.3-4.el7
samba-python-test
4.8.3-4.el7
samba-test
4.8.3-4.el7
samba-test-libs
4.8.3-4.el7
samba-winbind
4.8.3-4.el7
samba-winbind-clients
4.8.3-4.el7
samba-winbind-krb5-locator
4.8.3-4.el7
samba-winbind-modules
4.8.3-4.el7
Oracle Linux x86_64
ctdb
4.8.3-4.el7
ctdb-tests
4.8.3-4.el7
libsmbclient
4.8.3-4.el7
libsmbclient-devel
4.8.3-4.el7
libwbclient
4.8.3-4.el7
libwbclient-devel
4.8.3-4.el7
samba
4.8.3-4.el7
samba-client
4.8.3-4.el7
samba-client-libs
4.8.3-4.el7
samba-common
4.8.3-4.el7
samba-common-libs
4.8.3-4.el7
samba-common-tools
4.8.3-4.el7
samba-dc
4.8.3-4.el7
samba-dc-libs
4.8.3-4.el7
samba-devel
4.8.3-4.el7
samba-krb5-printing
4.8.3-4.el7
samba-libs
4.8.3-4.el7
samba-pidl
4.8.3-4.el7
samba-python
4.8.3-4.el7
samba-python-test
4.8.3-4.el7
samba-test
4.8.3-4.el7
samba-test-libs
4.8.3-4.el7
samba-vfs-glusterfs
4.8.3-4.el7
samba-winbind
4.8.3-4.el7
samba-winbind-clients
4.8.3-4.el7
samba-winbind-krb5-locator
4.8.3-4.el7
samba-winbind-modules
4.8.3-4.el7
Связанные CVE
Связанные уязвимости
A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.