Описание
Security update for samba
This update for samba provides the following fix:
Following security issue was fixed:
- CVE-2016-2119: Prevent client-side SMB2 signing downgrade. (bsc#986869)
Also the following bugs were fixed:
- Fix possible ctdb crash when opening sockets with htons(IPPROTO_RAW). (bsc#969522)
- Honor smb.conf socket options in winbind. (bsc#975131)
- Fix ntlm-auth segmentation fault with squid. (bsc#986228)
- Implement new '--no-dns-updates' option in 'net ads' command. (bsc#991564)
- Fix population of ctdb sysconfig after source merge. (bsc#981566)
Список пакетов
SUSE Linux Enterprise Server 12-LTSS
ctdb-4.2.4-18.27.9
libdcerpc-binding0-4.2.4-18.27.9
libdcerpc-binding0-32bit-4.2.4-18.27.9
libdcerpc0-4.2.4-18.27.9
libdcerpc0-32bit-4.2.4-18.27.9
libgensec0-4.2.4-18.27.9
libgensec0-32bit-4.2.4-18.27.9
libndr-krb5pac0-4.2.4-18.27.9
libndr-krb5pac0-32bit-4.2.4-18.27.9
libndr-nbt0-4.2.4-18.27.9
libndr-nbt0-32bit-4.2.4-18.27.9
libndr-standard0-4.2.4-18.27.9
libndr-standard0-32bit-4.2.4-18.27.9
libndr0-4.2.4-18.27.9
libndr0-32bit-4.2.4-18.27.9
libnetapi0-4.2.4-18.27.9
libnetapi0-32bit-4.2.4-18.27.9
libregistry0-4.2.4-18.27.9
libsamba-credentials0-4.2.4-18.27.9
libsamba-credentials0-32bit-4.2.4-18.27.9
libsamba-hostconfig0-4.2.4-18.27.9
libsamba-hostconfig0-32bit-4.2.4-18.27.9
libsamba-passdb0-4.2.4-18.27.9
libsamba-passdb0-32bit-4.2.4-18.27.9
libsamba-util0-4.2.4-18.27.9
libsamba-util0-32bit-4.2.4-18.27.9
libsamdb0-4.2.4-18.27.9
libsamdb0-32bit-4.2.4-18.27.9
libsmbclient-raw0-4.2.4-18.27.9
libsmbclient-raw0-32bit-4.2.4-18.27.9
libsmbclient0-4.2.4-18.27.9
libsmbclient0-32bit-4.2.4-18.27.9
libsmbconf0-4.2.4-18.27.9
libsmbconf0-32bit-4.2.4-18.27.9
libsmbldap0-4.2.4-18.27.9
libsmbldap0-32bit-4.2.4-18.27.9
libtevent-util0-4.2.4-18.27.9
libtevent-util0-32bit-4.2.4-18.27.9
libwbclient0-4.2.4-18.27.9
libwbclient0-32bit-4.2.4-18.27.9
samba-4.2.4-18.27.9
samba-32bit-4.2.4-18.27.9
samba-client-4.2.4-18.27.9
samba-client-32bit-4.2.4-18.27.9
samba-doc-4.2.4-18.27.9
samba-libs-4.2.4-18.27.9
samba-libs-32bit-4.2.4-18.27.9
samba-winbind-4.2.4-18.27.9
samba-winbind-32bit-4.2.4-18.27.9
Ссылки
- Link for SUSE-SU-2016:2570-1
- E-Mail link for SUSE-SU-2016:2570-1
- SUSE Security Ratings
- SUSE Bug 1005065
- SUSE Bug 969522
- SUSE Bug 975131
- SUSE Bug 981566
- SUSE Bug 986228
- SUSE Bug 986869
- SUSE Bug 991564
- SUSE CVE CVE-2016-2119 page
Описание
libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the (1) SMB2_SESSION_FLAG_IS_GUEST or (2) SMB2_SESSION_FLAG_IS_NULL flag.
Затронутые продукты
SUSE Linux Enterprise Server 12-LTSS:ctdb-4.2.4-18.27.9
SUSE Linux Enterprise Server 12-LTSS:libdcerpc-binding0-32bit-4.2.4-18.27.9
SUSE Linux Enterprise Server 12-LTSS:libdcerpc-binding0-4.2.4-18.27.9
SUSE Linux Enterprise Server 12-LTSS:libdcerpc0-32bit-4.2.4-18.27.9
Ссылки
- CVE-2016-2119
- SUSE Bug 986869