SUSE-RU-2016:1479-1

Опубликовано: 02 июн. 2016

Источник: suse-cvrf

Описание

Recommended update for samba

This update for Samba provides the following fixes:

Fix libads' record session expiry for spnego sasl binds. (bsc#979268)
Fix NT_STATUS_ACCESS_DENIED when accessing windows public share.
Only validate MIC if 'map to guest' is not being used.
NetAPP SMB servers don't negotiate NTLMSSP_SIGN. (bsc#977669)
Fix non-working anonymous smb connections.
Handle broken mechListMIC response from Windows 2000.
wbinfo -u or net ads search doesn't work anymore.
Fix regressions regarding the NTLMSSP hardening of CVE-2016-2110.
Allow Domain member resolve trusted domains' users.

Список пакетов

SUSE Linux Enterprise Desktop 12 SP1

libdcerpc-binding0-4.2.4-19.1

libdcerpc-binding0-32bit-4.2.4-19.1

libdcerpc0-4.2.4-19.1

libdcerpc0-32bit-4.2.4-19.1

libgensec0-4.2.4-19.1

libgensec0-32bit-4.2.4-19.1

libndr-krb5pac0-4.2.4-19.1

libndr-krb5pac0-32bit-4.2.4-19.1

libndr-nbt0-4.2.4-19.1

libndr-nbt0-32bit-4.2.4-19.1

libndr-standard0-4.2.4-19.1

libndr-standard0-32bit-4.2.4-19.1

libndr0-4.2.4-19.1

libndr0-32bit-4.2.4-19.1

libnetapi0-4.2.4-19.1

libnetapi0-32bit-4.2.4-19.1

libregistry0-4.2.4-19.1

libsamba-credentials0-4.2.4-19.1

libsamba-credentials0-32bit-4.2.4-19.1

libsamba-hostconfig0-4.2.4-19.1

libsamba-hostconfig0-32bit-4.2.4-19.1

libsamba-passdb0-4.2.4-19.1

libsamba-passdb0-32bit-4.2.4-19.1

libsamba-util0-4.2.4-19.1

libsamba-util0-32bit-4.2.4-19.1

libsamdb0-4.2.4-19.1

libsamdb0-32bit-4.2.4-19.1

libsmbclient-raw0-4.2.4-19.1

libsmbclient-raw0-32bit-4.2.4-19.1

libsmbclient0-4.2.4-19.1

libsmbclient0-32bit-4.2.4-19.1

libsmbconf0-4.2.4-19.1

libsmbconf0-32bit-4.2.4-19.1

libsmbldap0-4.2.4-19.1

libsmbldap0-32bit-4.2.4-19.1

libtevent-util0-4.2.4-19.1

libtevent-util0-32bit-4.2.4-19.1

libwbclient0-4.2.4-19.1

libwbclient0-32bit-4.2.4-19.1

samba-4.2.4-19.1

samba-32bit-4.2.4-19.1

samba-client-4.2.4-19.1

samba-client-32bit-4.2.4-19.1

samba-doc-4.2.4-19.1

samba-libs-4.2.4-19.1

samba-libs-32bit-4.2.4-19.1

samba-winbind-4.2.4-19.1

samba-winbind-32bit-4.2.4-19.1

SUSE Linux Enterprise High Availability Extension 12 SP1

ctdb-4.2.4-19.1

SUSE Linux Enterprise Server 12 SP1

libdcerpc-binding0-4.2.4-19.1

libdcerpc-binding0-32bit-4.2.4-19.1

libdcerpc0-4.2.4-19.1

libdcerpc0-32bit-4.2.4-19.1

libgensec0-4.2.4-19.1

libgensec0-32bit-4.2.4-19.1

libndr-krb5pac0-4.2.4-19.1

libndr-krb5pac0-32bit-4.2.4-19.1

libndr-nbt0-4.2.4-19.1

libndr-nbt0-32bit-4.2.4-19.1

libndr-standard0-4.2.4-19.1

libndr-standard0-32bit-4.2.4-19.1

libndr0-4.2.4-19.1

libndr0-32bit-4.2.4-19.1

libnetapi0-4.2.4-19.1

libnetapi0-32bit-4.2.4-19.1

libregistry0-4.2.4-19.1

libsamba-credentials0-4.2.4-19.1

libsamba-credentials0-32bit-4.2.4-19.1

libsamba-hostconfig0-4.2.4-19.1

libsamba-hostconfig0-32bit-4.2.4-19.1

libsamba-passdb0-4.2.4-19.1

libsamba-passdb0-32bit-4.2.4-19.1

libsamba-util0-4.2.4-19.1

libsamba-util0-32bit-4.2.4-19.1

libsamdb0-4.2.4-19.1

libsamdb0-32bit-4.2.4-19.1

libsmbclient-raw0-4.2.4-19.1

libsmbclient-raw0-32bit-4.2.4-19.1

libsmbclient0-4.2.4-19.1

libsmbclient0-32bit-4.2.4-19.1

libsmbconf0-4.2.4-19.1

libsmbconf0-32bit-4.2.4-19.1

libsmbldap0-4.2.4-19.1

libsmbldap0-32bit-4.2.4-19.1

libtevent-util0-4.2.4-19.1

libtevent-util0-32bit-4.2.4-19.1

libwbclient0-4.2.4-19.1

libwbclient0-32bit-4.2.4-19.1

samba-4.2.4-19.1

samba-32bit-4.2.4-19.1

samba-client-4.2.4-19.1

samba-client-32bit-4.2.4-19.1

samba-doc-4.2.4-19.1

samba-libs-4.2.4-19.1

samba-libs-32bit-4.2.4-19.1

samba-winbind-4.2.4-19.1

samba-winbind-32bit-4.2.4-19.1

SUSE Linux Enterprise Server for SAP Applications 12 SP1

libdcerpc-binding0-4.2.4-19.1

libdcerpc-binding0-32bit-4.2.4-19.1

libdcerpc0-4.2.4-19.1

libdcerpc0-32bit-4.2.4-19.1

libgensec0-4.2.4-19.1

libgensec0-32bit-4.2.4-19.1

libndr-krb5pac0-4.2.4-19.1

libndr-krb5pac0-32bit-4.2.4-19.1

libndr-nbt0-4.2.4-19.1

libndr-nbt0-32bit-4.2.4-19.1

libndr-standard0-4.2.4-19.1

libndr-standard0-32bit-4.2.4-19.1

libndr0-4.2.4-19.1

libndr0-32bit-4.2.4-19.1

libnetapi0-4.2.4-19.1

libnetapi0-32bit-4.2.4-19.1

libregistry0-4.2.4-19.1

libsamba-credentials0-4.2.4-19.1

libsamba-credentials0-32bit-4.2.4-19.1

libsamba-hostconfig0-4.2.4-19.1

libsamba-hostconfig0-32bit-4.2.4-19.1

libsamba-passdb0-4.2.4-19.1

libsamba-passdb0-32bit-4.2.4-19.1

libsamba-util0-4.2.4-19.1

libsamba-util0-32bit-4.2.4-19.1

libsamdb0-4.2.4-19.1

libsamdb0-32bit-4.2.4-19.1

libsmbclient-raw0-4.2.4-19.1

libsmbclient-raw0-32bit-4.2.4-19.1

libsmbclient0-4.2.4-19.1

libsmbclient0-32bit-4.2.4-19.1

libsmbconf0-4.2.4-19.1

libsmbconf0-32bit-4.2.4-19.1

libsmbldap0-4.2.4-19.1

libsmbldap0-32bit-4.2.4-19.1

libtevent-util0-4.2.4-19.1

libtevent-util0-32bit-4.2.4-19.1

libwbclient0-4.2.4-19.1

libwbclient0-32bit-4.2.4-19.1

samba-4.2.4-19.1

samba-32bit-4.2.4-19.1

samba-client-4.2.4-19.1

samba-client-32bit-4.2.4-19.1

samba-doc-4.2.4-19.1

samba-libs-4.2.4-19.1

samba-libs-32bit-4.2.4-19.1

samba-winbind-4.2.4-19.1

samba-winbind-32bit-4.2.4-19.1

SUSE Linux Enterprise Software Development Kit 12 SP1

ctdb-devel-4.2.4-19.1

libdcerpc-atsvc-devel-4.2.4-19.1

libdcerpc-atsvc0-4.2.4-19.1

libdcerpc-devel-4.2.4-19.1

libdcerpc-samr-devel-4.2.4-19.1

libdcerpc-samr0-4.2.4-19.1

libgensec-devel-4.2.4-19.1

libndr-devel-4.2.4-19.1

libndr-krb5pac-devel-4.2.4-19.1

libndr-nbt-devel-4.2.4-19.1

libndr-standard-devel-4.2.4-19.1

libnetapi-devel-4.2.4-19.1

libregistry-devel-4.2.4-19.1

libsamba-credentials-devel-4.2.4-19.1

libsamba-hostconfig-devel-4.2.4-19.1

libsamba-passdb-devel-4.2.4-19.1

libsamba-policy-devel-4.2.4-19.1

libsamba-policy0-4.2.4-19.1

libsamba-util-devel-4.2.4-19.1

libsamdb-devel-4.2.4-19.1

libsmbclient-devel-4.2.4-19.1

libsmbclient-raw-devel-4.2.4-19.1

libsmbconf-devel-4.2.4-19.1

libsmbldap-devel-4.2.4-19.1

libtevent-util-devel-4.2.4-19.1

libwbclient-devel-4.2.4-19.1

samba-core-devel-4.2.4-19.1

samba-test-devel-4.2.4-19.1

Ссылки

https://www.suse.com/support/update/announcement//suse-ru-20161479-1/
Link for SUSE-RU-2016:1479-1
https://lists.suse.com/pipermail/sle-updates/2016-June/004725.html
E-Mail link for SUSE-RU-2016:1479-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/977669
SUSE Bug 977669
https://bugzilla.suse.com/979268
SUSE Bug 979268
https://www.suse.com/security/cve/CVE-2016-2110/
SUSE CVE CVE-2016-2110 page

Описание

The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:libdcerpc-binding0-32bit-4.2.4-19.1

SUSE Linux Enterprise Desktop 12 SP1:libdcerpc-binding0-4.2.4-19.1

SUSE Linux Enterprise Desktop 12 SP1:libdcerpc0-32bit-4.2.4-19.1

SUSE Linux Enterprise Desktop 12 SP1:libdcerpc0-4.2.4-19.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-2110.html
CVE-2016-2110
https://bugzilla.suse.com/1009711
SUSE Bug 1009711
https://bugzilla.suse.com/973031
SUSE Bug 973031
https://bugzilla.suse.com/973033
SUSE Bug 973033
https://bugzilla.suse.com/973036
SUSE Bug 973036
https://bugzilla.suse.com/975276
SUSE Bug 975276
https://bugzilla.suse.com/977416
SUSE Bug 977416

SUSE-RU-2016:1479-1

Описание

Список пакетов

SUSE Linux Enterprise Desktop 12 SP1

SUSE Linux Enterprise High Availability Extension 12 SP1

SUSE Linux Enterprise Server 12 SP1

SUSE Linux Enterprise Server for SAP Applications 12 SP1

SUSE Linux Enterprise Software Development Kit 12 SP1

Ссылки

Уязвимость: CVE-2016-2110

Описание

Затронутые продукты

Ссылки