SUSE-SU-2017:0862-1

Опубликовано: 29 мар. 2017

Источник: suse-cvrf

Описание

Security update for samba

This update for samba fixes the following issues:

Security issues fixed:

CVE-2017-2619: Symlink race permits opening files outside share directory (bsc#1027147).

Bugfixes:

Don't package man pages for VFS modules that aren't built (bsc#993707).
sync_req: make async_connect_send() 'reentrant'; (bso#12105); (bsc#1024416).
Document 'winbind: ignore domains' parameter; (bsc#1019416).
Prevent core, make sure response->extra_data.data is always cleared out; (bsc#993692).

Список пакетов

SUSE Linux Enterprise High Availability Extension 12

ctdb-4.2.4-18.35.1

SUSE Linux Enterprise Server 12-LTSS

ctdb-4.2.4-18.35.1

libdcerpc-binding0-4.2.4-18.35.1

libdcerpc-binding0-32bit-4.2.4-18.35.1

libdcerpc0-4.2.4-18.35.1

libdcerpc0-32bit-4.2.4-18.35.1

libgensec0-4.2.4-18.35.1

libgensec0-32bit-4.2.4-18.35.1

libndr-krb5pac0-4.2.4-18.35.1

libndr-krb5pac0-32bit-4.2.4-18.35.1

libndr-nbt0-4.2.4-18.35.1

libndr-nbt0-32bit-4.2.4-18.35.1

libndr-standard0-4.2.4-18.35.1

libndr-standard0-32bit-4.2.4-18.35.1

libndr0-4.2.4-18.35.1

libndr0-32bit-4.2.4-18.35.1

libnetapi0-4.2.4-18.35.1

libnetapi0-32bit-4.2.4-18.35.1

libregistry0-4.2.4-18.35.1

libsamba-credentials0-4.2.4-18.35.1

libsamba-credentials0-32bit-4.2.4-18.35.1

libsamba-hostconfig0-4.2.4-18.35.1

libsamba-hostconfig0-32bit-4.2.4-18.35.1

libsamba-passdb0-4.2.4-18.35.1

libsamba-passdb0-32bit-4.2.4-18.35.1

libsamba-util0-4.2.4-18.35.1

libsamba-util0-32bit-4.2.4-18.35.1

libsamdb0-4.2.4-18.35.1

libsamdb0-32bit-4.2.4-18.35.1

libsmbclient-raw0-4.2.4-18.35.1

libsmbclient-raw0-32bit-4.2.4-18.35.1

libsmbclient0-4.2.4-18.35.1

libsmbclient0-32bit-4.2.4-18.35.1

libsmbconf0-4.2.4-18.35.1

libsmbconf0-32bit-4.2.4-18.35.1

libsmbldap0-4.2.4-18.35.1

libsmbldap0-32bit-4.2.4-18.35.1

libtevent-util0-4.2.4-18.35.1

libtevent-util0-32bit-4.2.4-18.35.1

libwbclient0-4.2.4-18.35.1

libwbclient0-32bit-4.2.4-18.35.1

samba-4.2.4-18.35.1

samba-32bit-4.2.4-18.35.1

samba-client-4.2.4-18.35.1

samba-client-32bit-4.2.4-18.35.1

samba-doc-4.2.4-18.35.1

samba-libs-4.2.4-18.35.1

samba-libs-32bit-4.2.4-18.35.1

samba-winbind-4.2.4-18.35.1

samba-winbind-32bit-4.2.4-18.35.1

SUSE Linux Enterprise Server for SAP Applications 12

ctdb-4.2.4-18.35.1

libdcerpc-binding0-4.2.4-18.35.1

libdcerpc-binding0-32bit-4.2.4-18.35.1

libdcerpc0-4.2.4-18.35.1

libdcerpc0-32bit-4.2.4-18.35.1

libgensec0-4.2.4-18.35.1

libgensec0-32bit-4.2.4-18.35.1

libndr-krb5pac0-4.2.4-18.35.1

libndr-krb5pac0-32bit-4.2.4-18.35.1

libndr-nbt0-4.2.4-18.35.1

libndr-nbt0-32bit-4.2.4-18.35.1

libndr-standard0-4.2.4-18.35.1

libndr-standard0-32bit-4.2.4-18.35.1

libndr0-4.2.4-18.35.1

libndr0-32bit-4.2.4-18.35.1

libnetapi0-4.2.4-18.35.1

libnetapi0-32bit-4.2.4-18.35.1

libregistry0-4.2.4-18.35.1

libsamba-credentials0-4.2.4-18.35.1

libsamba-credentials0-32bit-4.2.4-18.35.1

libsamba-hostconfig0-4.2.4-18.35.1

libsamba-hostconfig0-32bit-4.2.4-18.35.1

libsamba-passdb0-4.2.4-18.35.1

libsamba-passdb0-32bit-4.2.4-18.35.1

libsamba-util0-4.2.4-18.35.1

libsamba-util0-32bit-4.2.4-18.35.1

libsamdb0-4.2.4-18.35.1

libsamdb0-32bit-4.2.4-18.35.1

libsmbclient-raw0-4.2.4-18.35.1

libsmbclient-raw0-32bit-4.2.4-18.35.1

libsmbclient0-4.2.4-18.35.1

libsmbclient0-32bit-4.2.4-18.35.1

libsmbconf0-4.2.4-18.35.1

libsmbconf0-32bit-4.2.4-18.35.1

libsmbldap0-4.2.4-18.35.1

libsmbldap0-32bit-4.2.4-18.35.1

libtevent-util0-4.2.4-18.35.1

libtevent-util0-32bit-4.2.4-18.35.1

libwbclient0-4.2.4-18.35.1

libwbclient0-32bit-4.2.4-18.35.1

samba-4.2.4-18.35.1

samba-32bit-4.2.4-18.35.1

samba-client-4.2.4-18.35.1

samba-client-32bit-4.2.4-18.35.1

samba-doc-4.2.4-18.35.1

samba-libs-4.2.4-18.35.1

samba-libs-32bit-4.2.4-18.35.1

samba-winbind-4.2.4-18.35.1

samba-winbind-32bit-4.2.4-18.35.1

Ссылки

https://www.suse.com/support/update/announcement/2017/suse-su-20170862-1/
Link for SUSE-SU-2017:0862-1
https://lists.suse.com/pipermail/sle-security-updates/2017-March/002750.html
E-Mail link for SUSE-SU-2017:0862-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1019416
SUSE Bug 1019416
https://bugzilla.suse.com/1024416
SUSE Bug 1024416
https://bugzilla.suse.com/1027147
SUSE Bug 1027147
https://bugzilla.suse.com/993692
SUSE Bug 993692
https://bugzilla.suse.com/993707
SUSE Bug 993707
https://www.suse.com/security/cve/CVE-2017-2619/
SUSE CVE CVE-2017-2619 page

Описание

Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.

Затронутые продукты

SUSE Linux Enterprise High Availability Extension 12:ctdb-4.2.4-18.35.1

SUSE Linux Enterprise Server 12-LTSS:ctdb-4.2.4-18.35.1

SUSE Linux Enterprise Server 12-LTSS:libdcerpc-binding0-32bit-4.2.4-18.35.1

SUSE Linux Enterprise Server 12-LTSS:libdcerpc-binding0-4.2.4-18.35.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-2619.html
CVE-2017-2619
https://bugzilla.suse.com/1027147
SUSE Bug 1027147
https://bugzilla.suse.com/1036283
SUSE Bug 1036283
https://bugzilla.suse.com/1054017
SUSE Bug 1054017

SUSE-SU-2017:0862-1

Описание

Список пакетов

SUSE Linux Enterprise High Availability Extension 12

SUSE Linux Enterprise Server 12-LTSS

SUSE Linux Enterprise Server for SAP Applications 12

Ссылки

Уязвимость: CVE-2017-2619

Описание

Затронутые продукты

Ссылки