Описание
Recommended update for samba
This update for samba fixes the following issues:
- Fix CVE-2017-2619 regression with 'follow symlinks = no'; (bsc#1036283, bso#12721).
Список пакетов
SUSE Linux Enterprise Server 12-LTSS
ctdb-4.2.4-18.38.1
libdcerpc-binding0-4.2.4-18.38.1
libdcerpc-binding0-32bit-4.2.4-18.38.1
libdcerpc0-4.2.4-18.38.1
libdcerpc0-32bit-4.2.4-18.38.1
libgensec0-4.2.4-18.38.1
libgensec0-32bit-4.2.4-18.38.1
libndr-krb5pac0-4.2.4-18.38.1
libndr-krb5pac0-32bit-4.2.4-18.38.1
libndr-nbt0-4.2.4-18.38.1
libndr-nbt0-32bit-4.2.4-18.38.1
libndr-standard0-4.2.4-18.38.1
libndr-standard0-32bit-4.2.4-18.38.1
libndr0-4.2.4-18.38.1
libndr0-32bit-4.2.4-18.38.1
libnetapi0-4.2.4-18.38.1
libnetapi0-32bit-4.2.4-18.38.1
libregistry0-4.2.4-18.38.1
libsamba-credentials0-4.2.4-18.38.1
libsamba-credentials0-32bit-4.2.4-18.38.1
libsamba-hostconfig0-4.2.4-18.38.1
libsamba-hostconfig0-32bit-4.2.4-18.38.1
libsamba-passdb0-4.2.4-18.38.1
libsamba-passdb0-32bit-4.2.4-18.38.1
libsamba-util0-4.2.4-18.38.1
libsamba-util0-32bit-4.2.4-18.38.1
libsamdb0-4.2.4-18.38.1
libsamdb0-32bit-4.2.4-18.38.1
libsmbclient-raw0-4.2.4-18.38.1
libsmbclient-raw0-32bit-4.2.4-18.38.1
libsmbclient0-4.2.4-18.38.1
libsmbclient0-32bit-4.2.4-18.38.1
libsmbconf0-4.2.4-18.38.1
libsmbconf0-32bit-4.2.4-18.38.1
libsmbldap0-4.2.4-18.38.1
libsmbldap0-32bit-4.2.4-18.38.1
libtevent-util0-4.2.4-18.38.1
libtevent-util0-32bit-4.2.4-18.38.1
libwbclient0-4.2.4-18.38.1
libwbclient0-32bit-4.2.4-18.38.1
samba-4.2.4-18.38.1
samba-32bit-4.2.4-18.38.1
samba-client-4.2.4-18.38.1
samba-client-32bit-4.2.4-18.38.1
samba-doc-4.2.4-18.38.1
samba-libs-4.2.4-18.38.1
samba-libs-32bit-4.2.4-18.38.1
samba-winbind-4.2.4-18.38.1
samba-winbind-32bit-4.2.4-18.38.1
SUSE Linux Enterprise Server for SAP Applications 12
ctdb-4.2.4-18.38.1
libdcerpc-binding0-4.2.4-18.38.1
libdcerpc-binding0-32bit-4.2.4-18.38.1
libdcerpc0-4.2.4-18.38.1
libdcerpc0-32bit-4.2.4-18.38.1
libgensec0-4.2.4-18.38.1
libgensec0-32bit-4.2.4-18.38.1
libndr-krb5pac0-4.2.4-18.38.1
libndr-krb5pac0-32bit-4.2.4-18.38.1
libndr-nbt0-4.2.4-18.38.1
libndr-nbt0-32bit-4.2.4-18.38.1
libndr-standard0-4.2.4-18.38.1
libndr-standard0-32bit-4.2.4-18.38.1
libndr0-4.2.4-18.38.1
libndr0-32bit-4.2.4-18.38.1
libnetapi0-4.2.4-18.38.1
libnetapi0-32bit-4.2.4-18.38.1
libregistry0-4.2.4-18.38.1
libsamba-credentials0-4.2.4-18.38.1
libsamba-credentials0-32bit-4.2.4-18.38.1
libsamba-hostconfig0-4.2.4-18.38.1
libsamba-hostconfig0-32bit-4.2.4-18.38.1
libsamba-passdb0-4.2.4-18.38.1
libsamba-passdb0-32bit-4.2.4-18.38.1
libsamba-util0-4.2.4-18.38.1
libsamba-util0-32bit-4.2.4-18.38.1
libsamdb0-4.2.4-18.38.1
libsamdb0-32bit-4.2.4-18.38.1
libsmbclient-raw0-4.2.4-18.38.1
libsmbclient-raw0-32bit-4.2.4-18.38.1
libsmbclient0-4.2.4-18.38.1
libsmbclient0-32bit-4.2.4-18.38.1
libsmbconf0-4.2.4-18.38.1
libsmbconf0-32bit-4.2.4-18.38.1
libsmbldap0-4.2.4-18.38.1
libsmbldap0-32bit-4.2.4-18.38.1
libtevent-util0-4.2.4-18.38.1
libtevent-util0-32bit-4.2.4-18.38.1
libwbclient0-4.2.4-18.38.1
libwbclient0-32bit-4.2.4-18.38.1
samba-4.2.4-18.38.1
samba-32bit-4.2.4-18.38.1
samba-client-4.2.4-18.38.1
samba-client-32bit-4.2.4-18.38.1
samba-doc-4.2.4-18.38.1
samba-libs-4.2.4-18.38.1
samba-libs-32bit-4.2.4-18.38.1
samba-winbind-4.2.4-18.38.1
samba-winbind-32bit-4.2.4-18.38.1
Ссылки
- Link for SUSE-RU-2017:1217-1
- E-Mail link for SUSE-RU-2017:1217-1
- SUSE Security Ratings
- SUSE Bug 1036283
- SUSE CVE CVE-2017-2619 page
Описание
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
Затронутые продукты
SUSE Linux Enterprise Server 12-LTSS:ctdb-4.2.4-18.38.1
SUSE Linux Enterprise Server 12-LTSS:libdcerpc-binding0-32bit-4.2.4-18.38.1
SUSE Linux Enterprise Server 12-LTSS:libdcerpc-binding0-4.2.4-18.38.1
SUSE Linux Enterprise Server 12-LTSS:libdcerpc0-32bit-4.2.4-18.38.1
Ссылки
- CVE-2017-2619
- SUSE Bug 1027147
- SUSE Bug 1036283
- SUSE Bug 1054017