SUSE-SU-2016:2306-1

Опубликовано: 14 сент. 2016

Источник: suse-cvrf

Описание

Security update for samba

This update for samba provides the following fixes:

CVE-2016-2119: Prevent client-side SMB2 signing downgrade. (bsc#986869)
Fix possible ctdb crash when opening sockets with htons(IPPROTO_RAW). (bsc#969522)
Honor smb.conf socket options in winbind. (bsc#975131)
Fix ntlm-auth segmentation fault with squid. (bsc#986228)
Implement new '--no-dns-updates' option in 'net ads' command. (bsc#991564)
Fix population of ctdb sysconfig after source merge. (bsc#981566)

Список пакетов

SUSE Linux Enterprise Desktop 12 SP1

libdcerpc-binding0-4.2.4-26.2

libdcerpc-binding0-32bit-4.2.4-26.2

libdcerpc0-4.2.4-26.2

libdcerpc0-32bit-4.2.4-26.2

libgensec0-4.2.4-26.2

libgensec0-32bit-4.2.4-26.2

libndr-krb5pac0-4.2.4-26.2

libndr-krb5pac0-32bit-4.2.4-26.2

libndr-nbt0-4.2.4-26.2

libndr-nbt0-32bit-4.2.4-26.2

libndr-standard0-4.2.4-26.2

libndr-standard0-32bit-4.2.4-26.2

libndr0-4.2.4-26.2

libndr0-32bit-4.2.4-26.2

libnetapi0-4.2.4-26.2

libnetapi0-32bit-4.2.4-26.2

libregistry0-4.2.4-26.2

libsamba-credentials0-4.2.4-26.2

libsamba-credentials0-32bit-4.2.4-26.2

libsamba-hostconfig0-4.2.4-26.2

libsamba-hostconfig0-32bit-4.2.4-26.2

libsamba-passdb0-4.2.4-26.2

libsamba-passdb0-32bit-4.2.4-26.2

libsamba-util0-4.2.4-26.2

libsamba-util0-32bit-4.2.4-26.2

libsamdb0-4.2.4-26.2

libsamdb0-32bit-4.2.4-26.2

libsmbclient-raw0-4.2.4-26.2

libsmbclient-raw0-32bit-4.2.4-26.2

libsmbclient0-4.2.4-26.2

libsmbclient0-32bit-4.2.4-26.2

libsmbconf0-4.2.4-26.2

libsmbconf0-32bit-4.2.4-26.2

libsmbldap0-4.2.4-26.2

libsmbldap0-32bit-4.2.4-26.2

libtevent-util0-4.2.4-26.2

libtevent-util0-32bit-4.2.4-26.2

libwbclient0-4.2.4-26.2

libwbclient0-32bit-4.2.4-26.2

samba-4.2.4-26.2

samba-32bit-4.2.4-26.2

samba-client-4.2.4-26.2

samba-client-32bit-4.2.4-26.2

samba-doc-4.2.4-26.2

samba-libs-4.2.4-26.2

samba-libs-32bit-4.2.4-26.2

samba-winbind-4.2.4-26.2

samba-winbind-32bit-4.2.4-26.2

SUSE Linux Enterprise High Availability Extension 12 SP1

ctdb-4.2.4-26.2

SUSE Linux Enterprise Server 12 SP1

libdcerpc-binding0-4.2.4-26.2

libdcerpc-binding0-32bit-4.2.4-26.2

libdcerpc0-4.2.4-26.2

libdcerpc0-32bit-4.2.4-26.2

libgensec0-4.2.4-26.2

libgensec0-32bit-4.2.4-26.2

libndr-krb5pac0-4.2.4-26.2

libndr-krb5pac0-32bit-4.2.4-26.2

libndr-nbt0-4.2.4-26.2

libndr-nbt0-32bit-4.2.4-26.2

libndr-standard0-4.2.4-26.2

libndr-standard0-32bit-4.2.4-26.2

libndr0-4.2.4-26.2

libndr0-32bit-4.2.4-26.2

libnetapi0-4.2.4-26.2

libnetapi0-32bit-4.2.4-26.2

libregistry0-4.2.4-26.2

libsamba-credentials0-4.2.4-26.2

libsamba-credentials0-32bit-4.2.4-26.2

libsamba-hostconfig0-4.2.4-26.2

libsamba-hostconfig0-32bit-4.2.4-26.2

libsamba-passdb0-4.2.4-26.2

libsamba-passdb0-32bit-4.2.4-26.2

libsamba-util0-4.2.4-26.2

libsamba-util0-32bit-4.2.4-26.2

libsamdb0-4.2.4-26.2

libsamdb0-32bit-4.2.4-26.2

libsmbclient-raw0-4.2.4-26.2

libsmbclient-raw0-32bit-4.2.4-26.2

libsmbclient0-4.2.4-26.2

libsmbclient0-32bit-4.2.4-26.2

libsmbconf0-4.2.4-26.2

libsmbconf0-32bit-4.2.4-26.2

libsmbldap0-4.2.4-26.2

libsmbldap0-32bit-4.2.4-26.2

libtevent-util0-4.2.4-26.2

libtevent-util0-32bit-4.2.4-26.2

libwbclient0-4.2.4-26.2

libwbclient0-32bit-4.2.4-26.2

samba-4.2.4-26.2

samba-32bit-4.2.4-26.2

samba-client-4.2.4-26.2

samba-client-32bit-4.2.4-26.2

samba-doc-4.2.4-26.2

samba-libs-4.2.4-26.2

samba-libs-32bit-4.2.4-26.2

samba-winbind-4.2.4-26.2

samba-winbind-32bit-4.2.4-26.2

SUSE Linux Enterprise Server for SAP Applications 12 SP1

libdcerpc-binding0-4.2.4-26.2

libdcerpc-binding0-32bit-4.2.4-26.2

libdcerpc0-4.2.4-26.2

libdcerpc0-32bit-4.2.4-26.2

libgensec0-4.2.4-26.2

libgensec0-32bit-4.2.4-26.2

libndr-krb5pac0-4.2.4-26.2

libndr-krb5pac0-32bit-4.2.4-26.2

libndr-nbt0-4.2.4-26.2

libndr-nbt0-32bit-4.2.4-26.2

libndr-standard0-4.2.4-26.2

libndr-standard0-32bit-4.2.4-26.2

libndr0-4.2.4-26.2

libndr0-32bit-4.2.4-26.2

libnetapi0-4.2.4-26.2

libnetapi0-32bit-4.2.4-26.2

libregistry0-4.2.4-26.2

libsamba-credentials0-4.2.4-26.2

libsamba-credentials0-32bit-4.2.4-26.2

libsamba-hostconfig0-4.2.4-26.2

libsamba-hostconfig0-32bit-4.2.4-26.2

libsamba-passdb0-4.2.4-26.2

libsamba-passdb0-32bit-4.2.4-26.2

libsamba-util0-4.2.4-26.2

libsamba-util0-32bit-4.2.4-26.2

libsamdb0-4.2.4-26.2

libsamdb0-32bit-4.2.4-26.2

libsmbclient-raw0-4.2.4-26.2

libsmbclient-raw0-32bit-4.2.4-26.2

libsmbclient0-4.2.4-26.2

libsmbclient0-32bit-4.2.4-26.2

libsmbconf0-4.2.4-26.2

libsmbconf0-32bit-4.2.4-26.2

libsmbldap0-4.2.4-26.2

libsmbldap0-32bit-4.2.4-26.2

libtevent-util0-4.2.4-26.2

libtevent-util0-32bit-4.2.4-26.2

libwbclient0-4.2.4-26.2

libwbclient0-32bit-4.2.4-26.2

samba-4.2.4-26.2

samba-32bit-4.2.4-26.2

samba-client-4.2.4-26.2

samba-client-32bit-4.2.4-26.2

samba-doc-4.2.4-26.2

samba-libs-4.2.4-26.2

samba-libs-32bit-4.2.4-26.2

samba-winbind-4.2.4-26.2

samba-winbind-32bit-4.2.4-26.2

SUSE Linux Enterprise Software Development Kit 12 SP1

ctdb-devel-4.2.4-26.2

libdcerpc-atsvc-devel-4.2.4-26.2

libdcerpc-atsvc0-4.2.4-26.2

libdcerpc-devel-4.2.4-26.2

libdcerpc-samr-devel-4.2.4-26.2

libdcerpc-samr0-4.2.4-26.2

libgensec-devel-4.2.4-26.2

libndr-devel-4.2.4-26.2

libndr-krb5pac-devel-4.2.4-26.2

libndr-nbt-devel-4.2.4-26.2

libndr-standard-devel-4.2.4-26.2

libnetapi-devel-4.2.4-26.2

libregistry-devel-4.2.4-26.2

libsamba-credentials-devel-4.2.4-26.2

libsamba-hostconfig-devel-4.2.4-26.2

libsamba-passdb-devel-4.2.4-26.2

libsamba-policy-devel-4.2.4-26.2

libsamba-policy0-4.2.4-26.2

libsamba-util-devel-4.2.4-26.2

libsamdb-devel-4.2.4-26.2

libsmbclient-devel-4.2.4-26.2

libsmbclient-raw-devel-4.2.4-26.2

libsmbconf-devel-4.2.4-26.2

libsmbldap-devel-4.2.4-26.2

libtevent-util-devel-4.2.4-26.2

libwbclient-devel-4.2.4-26.2

samba-core-devel-4.2.4-26.2

samba-test-devel-4.2.4-26.2

Ссылки

https://www.suse.com/support/update/announcement/2016/suse-su-20162306-1/
Link for SUSE-SU-2016:2306-1
https://lists.suse.com/pipermail/sle-security-updates/2016-September/002273.html
E-Mail link for SUSE-SU-2016:2306-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/969522
SUSE Bug 969522
https://bugzilla.suse.com/975131
SUSE Bug 975131
https://bugzilla.suse.com/981566
SUSE Bug 981566
https://bugzilla.suse.com/986228
SUSE Bug 986228
https://bugzilla.suse.com/986869
SUSE Bug 986869
https://bugzilla.suse.com/991564
SUSE Bug 991564
https://www.suse.com/security/cve/CVE-2016-2119/
SUSE CVE CVE-2016-2119 page

Описание

libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the (1) SMB2_SESSION_FLAG_IS_GUEST or (2) SMB2_SESSION_FLAG_IS_NULL flag.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:libdcerpc-binding0-32bit-4.2.4-26.2

SUSE Linux Enterprise Desktop 12 SP1:libdcerpc-binding0-4.2.4-26.2

SUSE Linux Enterprise Desktop 12 SP1:libdcerpc0-32bit-4.2.4-26.2

SUSE Linux Enterprise Desktop 12 SP1:libdcerpc0-4.2.4-26.2

Ссылки

https://www.suse.com/security/cve/CVE-2016-2119.html
CVE-2016-2119
https://bugzilla.suse.com/986869
SUSE Bug 986869

SUSE-SU-2016:2306-1

Описание

Список пакетов

SUSE Linux Enterprise Desktop 12 SP1

SUSE Linux Enterprise High Availability Extension 12 SP1

SUSE Linux Enterprise Server 12 SP1

SUSE Linux Enterprise Server for SAP Applications 12 SP1

SUSE Linux Enterprise Software Development Kit 12 SP1

Ссылки

Уязвимость: CVE-2016-2119

Описание

Затронутые продукты

Ссылки