Описание
Security update for samba
This update for samba fixes the following issues:
Security issues fixed:
- CVE-2017-2619: Symlink race permits opening files outside share directory (bsc#1027147).
Bugfixes:
- Force usage of ncurses6-config thru NCURSES_CONFIG env var (bsc#1023847).
- Add missing ldb module directory (bsc#1012092).
- Don't package man pages for VFS modules that aren't built (bsc#993707).
- sync_req: make async_connect_send() 'reentrant'; (bso#12105); (bsc#1024416).
- Document 'winbind: ignore domains' parameter; (bsc#1019416).
- Prevent core, make sure response->extra_data.data is always cleared out; (bsc#993692).
Список пакетов
SUSE Linux Enterprise Desktop 12 SP2
libdcerpc-binding0-4.4.2-36.2
libdcerpc-binding0-32bit-4.4.2-36.2
libdcerpc0-4.4.2-36.2
libdcerpc0-32bit-4.4.2-36.2
libndr-krb5pac0-4.4.2-36.2
libndr-krb5pac0-32bit-4.4.2-36.2
libndr-nbt0-4.4.2-36.2
libndr-nbt0-32bit-4.4.2-36.2
libndr-standard0-4.4.2-36.2
libndr-standard0-32bit-4.4.2-36.2
libndr0-4.4.2-36.2
libndr0-32bit-4.4.2-36.2
libnetapi0-4.4.2-36.2
libnetapi0-32bit-4.4.2-36.2
libsamba-credentials0-4.4.2-36.2
libsamba-credentials0-32bit-4.4.2-36.2
libsamba-errors0-4.4.2-36.2
libsamba-errors0-32bit-4.4.2-36.2
libsamba-hostconfig0-4.4.2-36.2
libsamba-hostconfig0-32bit-4.4.2-36.2
libsamba-passdb0-4.4.2-36.2
libsamba-passdb0-32bit-4.4.2-36.2
libsamba-util0-4.4.2-36.2
libsamba-util0-32bit-4.4.2-36.2
libsamdb0-4.4.2-36.2
libsamdb0-32bit-4.4.2-36.2
libsmbclient0-4.4.2-36.2
libsmbclient0-32bit-4.4.2-36.2
libsmbconf0-4.4.2-36.2
libsmbconf0-32bit-4.4.2-36.2
libsmbldap0-4.4.2-36.2
libsmbldap0-32bit-4.4.2-36.2
libtevent-util0-4.4.2-36.2
libtevent-util0-32bit-4.4.2-36.2
libwbclient0-4.4.2-36.2
libwbclient0-32bit-4.4.2-36.2
samba-4.4.2-36.2
samba-client-4.4.2-36.2
samba-client-32bit-4.4.2-36.2
samba-doc-4.4.2-36.2
samba-libs-4.4.2-36.2
samba-libs-32bit-4.4.2-36.2
samba-winbind-4.4.2-36.2
samba-winbind-32bit-4.4.2-36.2
SUSE Linux Enterprise High Availability Extension 12 SP2
ctdb-4.4.2-36.2
SUSE Linux Enterprise Server 12 SP2
libdcerpc-binding0-4.4.2-36.2
libdcerpc-binding0-32bit-4.4.2-36.2
libdcerpc0-4.4.2-36.2
libdcerpc0-32bit-4.4.2-36.2
libndr-krb5pac0-4.4.2-36.2
libndr-krb5pac0-32bit-4.4.2-36.2
libndr-nbt0-4.4.2-36.2
libndr-nbt0-32bit-4.4.2-36.2
libndr-standard0-4.4.2-36.2
libndr-standard0-32bit-4.4.2-36.2
libndr0-4.4.2-36.2
libndr0-32bit-4.4.2-36.2
libnetapi0-4.4.2-36.2
libnetapi0-32bit-4.4.2-36.2
libsamba-credentials0-4.4.2-36.2
libsamba-credentials0-32bit-4.4.2-36.2
libsamba-errors0-4.4.2-36.2
libsamba-errors0-32bit-4.4.2-36.2
libsamba-hostconfig0-4.4.2-36.2
libsamba-hostconfig0-32bit-4.4.2-36.2
libsamba-passdb0-4.4.2-36.2
libsamba-passdb0-32bit-4.4.2-36.2
libsamba-util0-4.4.2-36.2
libsamba-util0-32bit-4.4.2-36.2
libsamdb0-4.4.2-36.2
libsamdb0-32bit-4.4.2-36.2
libsmbclient0-4.4.2-36.2
libsmbclient0-32bit-4.4.2-36.2
libsmbconf0-4.4.2-36.2
libsmbconf0-32bit-4.4.2-36.2
libsmbldap0-4.4.2-36.2
libsmbldap0-32bit-4.4.2-36.2
libtevent-util0-4.4.2-36.2
libtevent-util0-32bit-4.4.2-36.2
libwbclient0-4.4.2-36.2
libwbclient0-32bit-4.4.2-36.2
samba-4.4.2-36.2
samba-client-4.4.2-36.2
samba-client-32bit-4.4.2-36.2
samba-doc-4.4.2-36.2
samba-libs-4.4.2-36.2
samba-libs-32bit-4.4.2-36.2
samba-winbind-4.4.2-36.2
samba-winbind-32bit-4.4.2-36.2
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
libdcerpc-binding0-4.4.2-36.2
libdcerpc0-4.4.2-36.2
libndr-krb5pac0-4.4.2-36.2
libndr-nbt0-4.4.2-36.2
libndr-standard0-4.4.2-36.2
libndr0-4.4.2-36.2
libnetapi0-4.4.2-36.2
libsamba-credentials0-4.4.2-36.2
libsamba-errors0-4.4.2-36.2
libsamba-hostconfig0-4.4.2-36.2
libsamba-passdb0-4.4.2-36.2
libsamba-util0-4.4.2-36.2
libsamdb0-4.4.2-36.2
libsmbclient0-4.4.2-36.2
libsmbconf0-4.4.2-36.2
libsmbldap0-4.4.2-36.2
libtevent-util0-4.4.2-36.2
libwbclient0-4.4.2-36.2
samba-4.4.2-36.2
samba-client-4.4.2-36.2
samba-doc-4.4.2-36.2
samba-libs-4.4.2-36.2
samba-winbind-4.4.2-36.2
SUSE Linux Enterprise Server for SAP Applications 12 SP2
libdcerpc-binding0-4.4.2-36.2
libdcerpc-binding0-32bit-4.4.2-36.2
libdcerpc0-4.4.2-36.2
libdcerpc0-32bit-4.4.2-36.2
libndr-krb5pac0-4.4.2-36.2
libndr-krb5pac0-32bit-4.4.2-36.2
libndr-nbt0-4.4.2-36.2
libndr-nbt0-32bit-4.4.2-36.2
libndr-standard0-4.4.2-36.2
libndr-standard0-32bit-4.4.2-36.2
libndr0-4.4.2-36.2
libndr0-32bit-4.4.2-36.2
libnetapi0-4.4.2-36.2
libnetapi0-32bit-4.4.2-36.2
libsamba-credentials0-4.4.2-36.2
libsamba-credentials0-32bit-4.4.2-36.2
libsamba-errors0-4.4.2-36.2
libsamba-errors0-32bit-4.4.2-36.2
libsamba-hostconfig0-4.4.2-36.2
libsamba-hostconfig0-32bit-4.4.2-36.2
libsamba-passdb0-4.4.2-36.2
libsamba-passdb0-32bit-4.4.2-36.2
libsamba-util0-4.4.2-36.2
libsamba-util0-32bit-4.4.2-36.2
libsamdb0-4.4.2-36.2
libsamdb0-32bit-4.4.2-36.2
libsmbclient0-4.4.2-36.2
libsmbclient0-32bit-4.4.2-36.2
libsmbconf0-4.4.2-36.2
libsmbconf0-32bit-4.4.2-36.2
libsmbldap0-4.4.2-36.2
libsmbldap0-32bit-4.4.2-36.2
libtevent-util0-4.4.2-36.2
libtevent-util0-32bit-4.4.2-36.2
libwbclient0-4.4.2-36.2
libwbclient0-32bit-4.4.2-36.2
samba-4.4.2-36.2
samba-client-4.4.2-36.2
samba-client-32bit-4.4.2-36.2
samba-doc-4.4.2-36.2
samba-libs-4.4.2-36.2
samba-libs-32bit-4.4.2-36.2
samba-winbind-4.4.2-36.2
samba-winbind-32bit-4.4.2-36.2
SUSE Linux Enterprise Software Development Kit 12 SP2
libsmbclient-devel-4.4.2-36.2
libwbclient-devel-4.4.2-36.2
Ссылки
- Link for SUSE-SU-2017:0858-1
- E-Mail link for SUSE-SU-2017:0858-1
- SUSE Security Ratings
- SUSE Bug 1012092
- SUSE Bug 1019416
- SUSE Bug 1023847
- SUSE Bug 1024416
- SUSE Bug 1027147
- SUSE Bug 993692
- SUSE Bug 993707
- SUSE CVE CVE-2017-2619 page
Описание
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc-binding0-32bit-4.4.2-36.2
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc-binding0-4.4.2-36.2
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc0-32bit-4.4.2-36.2
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc0-4.4.2-36.2
Ссылки
- CVE-2017-2619
- SUSE Bug 1027147
- SUSE Bug 1036283
- SUSE Bug 1054017