Описание
Security update for samba
This update for samba fixes several issues.
These security issues were fixed:
- CVE-2017-12163: Prevent client short SMB1 write from writing server memory to file, leaking information from the server to the client (bsc#1058624).
- CVE-2017-12150: Always enforce smb signing when it is configured (bsc#1058622).
- CVE-2017-12151: Keep required encryption across SMB3 dfs redirects (bsc#1058565).
These non-security issues were fixed:
- Fixed error where short name length was read as 2 bytes, should be 1 (bsc#1042419)
- Fixed GUID string format on GetPrinter to prevent published printers from disappearing 7 (bsc#1050707).
- Halt endless forest trust scan to prevent winbind from running out of memory (bsc#1044084).
Список пакетов
SUSE Linux Enterprise Desktop 12 SP2
libdcerpc-binding0-4.4.2-38.11.2
libdcerpc-binding0-32bit-4.4.2-38.11.2
libdcerpc0-4.4.2-38.11.2
libdcerpc0-32bit-4.4.2-38.11.2
libndr-krb5pac0-4.4.2-38.11.2
libndr-krb5pac0-32bit-4.4.2-38.11.2
libndr-nbt0-4.4.2-38.11.2
libndr-nbt0-32bit-4.4.2-38.11.2
libndr-standard0-4.4.2-38.11.2
libndr-standard0-32bit-4.4.2-38.11.2
libndr0-4.4.2-38.11.2
libndr0-32bit-4.4.2-38.11.2
libnetapi0-4.4.2-38.11.2
libnetapi0-32bit-4.4.2-38.11.2
libsamba-credentials0-4.4.2-38.11.2
libsamba-credentials0-32bit-4.4.2-38.11.2
libsamba-errors0-4.4.2-38.11.2
libsamba-errors0-32bit-4.4.2-38.11.2
libsamba-hostconfig0-4.4.2-38.11.2
libsamba-hostconfig0-32bit-4.4.2-38.11.2
libsamba-passdb0-4.4.2-38.11.2
libsamba-passdb0-32bit-4.4.2-38.11.2
libsamba-util0-4.4.2-38.11.2
libsamba-util0-32bit-4.4.2-38.11.2
libsamdb0-4.4.2-38.11.2
libsamdb0-32bit-4.4.2-38.11.2
libsmbclient0-4.4.2-38.11.2
libsmbclient0-32bit-4.4.2-38.11.2
libsmbconf0-4.4.2-38.11.2
libsmbconf0-32bit-4.4.2-38.11.2
libsmbldap0-4.4.2-38.11.2
libsmbldap0-32bit-4.4.2-38.11.2
libtevent-util0-4.4.2-38.11.2
libtevent-util0-32bit-4.4.2-38.11.2
libwbclient0-4.4.2-38.11.2
libwbclient0-32bit-4.4.2-38.11.2
samba-4.4.2-38.11.2
samba-client-4.4.2-38.11.2
samba-client-32bit-4.4.2-38.11.2
samba-doc-4.4.2-38.11.2
samba-libs-4.4.2-38.11.2
samba-libs-32bit-4.4.2-38.11.2
samba-winbind-4.4.2-38.11.2
samba-winbind-32bit-4.4.2-38.11.2
SUSE Linux Enterprise High Availability Extension 12 SP2
ctdb-4.4.2-38.11.2
SUSE Linux Enterprise Server 12 SP2
libdcerpc-binding0-4.4.2-38.11.2
libdcerpc-binding0-32bit-4.4.2-38.11.2
libdcerpc0-4.4.2-38.11.2
libdcerpc0-32bit-4.4.2-38.11.2
libndr-krb5pac0-4.4.2-38.11.2
libndr-krb5pac0-32bit-4.4.2-38.11.2
libndr-nbt0-4.4.2-38.11.2
libndr-nbt0-32bit-4.4.2-38.11.2
libndr-standard0-4.4.2-38.11.2
libndr-standard0-32bit-4.4.2-38.11.2
libndr0-4.4.2-38.11.2
libndr0-32bit-4.4.2-38.11.2
libnetapi0-4.4.2-38.11.2
libnetapi0-32bit-4.4.2-38.11.2
libsamba-credentials0-4.4.2-38.11.2
libsamba-credentials0-32bit-4.4.2-38.11.2
libsamba-errors0-4.4.2-38.11.2
libsamba-errors0-32bit-4.4.2-38.11.2
libsamba-hostconfig0-4.4.2-38.11.2
libsamba-hostconfig0-32bit-4.4.2-38.11.2
libsamba-passdb0-4.4.2-38.11.2
libsamba-passdb0-32bit-4.4.2-38.11.2
libsamba-util0-4.4.2-38.11.2
libsamba-util0-32bit-4.4.2-38.11.2
libsamdb0-4.4.2-38.11.2
libsamdb0-32bit-4.4.2-38.11.2
libsmbclient0-4.4.2-38.11.2
libsmbclient0-32bit-4.4.2-38.11.2
libsmbconf0-4.4.2-38.11.2
libsmbconf0-32bit-4.4.2-38.11.2
libsmbldap0-4.4.2-38.11.2
libsmbldap0-32bit-4.4.2-38.11.2
libtevent-util0-4.4.2-38.11.2
libtevent-util0-32bit-4.4.2-38.11.2
libwbclient0-4.4.2-38.11.2
libwbclient0-32bit-4.4.2-38.11.2
samba-4.4.2-38.11.2
samba-client-4.4.2-38.11.2
samba-client-32bit-4.4.2-38.11.2
samba-doc-4.4.2-38.11.2
samba-libs-4.4.2-38.11.2
samba-libs-32bit-4.4.2-38.11.2
samba-winbind-4.4.2-38.11.2
samba-winbind-32bit-4.4.2-38.11.2
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
libdcerpc-binding0-4.4.2-38.11.2
libdcerpc0-4.4.2-38.11.2
libndr-krb5pac0-4.4.2-38.11.2
libndr-nbt0-4.4.2-38.11.2
libndr-standard0-4.4.2-38.11.2
libndr0-4.4.2-38.11.2
libnetapi0-4.4.2-38.11.2
libsamba-credentials0-4.4.2-38.11.2
libsamba-errors0-4.4.2-38.11.2
libsamba-hostconfig0-4.4.2-38.11.2
libsamba-passdb0-4.4.2-38.11.2
libsamba-util0-4.4.2-38.11.2
libsamdb0-4.4.2-38.11.2
libsmbclient0-4.4.2-38.11.2
libsmbconf0-4.4.2-38.11.2
libsmbldap0-4.4.2-38.11.2
libtevent-util0-4.4.2-38.11.2
libwbclient0-4.4.2-38.11.2
samba-4.4.2-38.11.2
samba-client-4.4.2-38.11.2
samba-doc-4.4.2-38.11.2
samba-libs-4.4.2-38.11.2
samba-winbind-4.4.2-38.11.2
SUSE Linux Enterprise Server for SAP Applications 12 SP2
libdcerpc-binding0-4.4.2-38.11.2
libdcerpc-binding0-32bit-4.4.2-38.11.2
libdcerpc0-4.4.2-38.11.2
libdcerpc0-32bit-4.4.2-38.11.2
libndr-krb5pac0-4.4.2-38.11.2
libndr-krb5pac0-32bit-4.4.2-38.11.2
libndr-nbt0-4.4.2-38.11.2
libndr-nbt0-32bit-4.4.2-38.11.2
libndr-standard0-4.4.2-38.11.2
libndr-standard0-32bit-4.4.2-38.11.2
libndr0-4.4.2-38.11.2
libndr0-32bit-4.4.2-38.11.2
libnetapi0-4.4.2-38.11.2
libnetapi0-32bit-4.4.2-38.11.2
libsamba-credentials0-4.4.2-38.11.2
libsamba-credentials0-32bit-4.4.2-38.11.2
libsamba-errors0-4.4.2-38.11.2
libsamba-errors0-32bit-4.4.2-38.11.2
libsamba-hostconfig0-4.4.2-38.11.2
libsamba-hostconfig0-32bit-4.4.2-38.11.2
libsamba-passdb0-4.4.2-38.11.2
libsamba-passdb0-32bit-4.4.2-38.11.2
libsamba-util0-4.4.2-38.11.2
libsamba-util0-32bit-4.4.2-38.11.2
libsamdb0-4.4.2-38.11.2
libsamdb0-32bit-4.4.2-38.11.2
libsmbclient0-4.4.2-38.11.2
libsmbclient0-32bit-4.4.2-38.11.2
libsmbconf0-4.4.2-38.11.2
libsmbconf0-32bit-4.4.2-38.11.2
libsmbldap0-4.4.2-38.11.2
libsmbldap0-32bit-4.4.2-38.11.2
libtevent-util0-4.4.2-38.11.2
libtevent-util0-32bit-4.4.2-38.11.2
libwbclient0-4.4.2-38.11.2
libwbclient0-32bit-4.4.2-38.11.2
samba-4.4.2-38.11.2
samba-client-4.4.2-38.11.2
samba-client-32bit-4.4.2-38.11.2
samba-doc-4.4.2-38.11.2
samba-libs-4.4.2-38.11.2
samba-libs-32bit-4.4.2-38.11.2
samba-winbind-4.4.2-38.11.2
samba-winbind-32bit-4.4.2-38.11.2
SUSE Linux Enterprise Software Development Kit 12 SP2
libsmbclient-devel-4.4.2-38.11.2
libwbclient-devel-4.4.2-38.11.2
Ссылки
- Link for SUSE-SU-2017:2650-1
- E-Mail link for SUSE-SU-2017:2650-1
- SUSE Security Ratings
- SUSE Bug 1042419
- SUSE Bug 1044084
- SUSE Bug 1050707
- SUSE Bug 1058565
- SUSE Bug 1058622
- SUSE Bug 1058624
- SUSE CVE CVE-2017-12150 page
- SUSE CVE CVE-2017-12151 page
- SUSE CVE CVE-2017-12163 page
Описание
It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc-binding0-32bit-4.4.2-38.11.2
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc-binding0-4.4.2-38.11.2
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc0-32bit-4.4.2-38.11.2
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc0-4.4.2-38.11.2
Ссылки
- CVE-2017-12150
- SUSE Bug 1058622
Описание
A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc-binding0-32bit-4.4.2-38.11.2
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc-binding0-4.4.2-38.11.2
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc0-32bit-4.4.2-38.11.2
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc0-4.4.2-38.11.2
Ссылки
- CVE-2017-12151
- SUSE Bug 1058565
Описание
An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc-binding0-32bit-4.4.2-38.11.2
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc-binding0-4.4.2-38.11.2
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc0-32bit-4.4.2-38.11.2
SUSE Linux Enterprise Desktop 12 SP2:libdcerpc0-4.4.2-38.11.2
Ссылки
- CVE-2017-12163
- SUSE Bug 1058410
- SUSE Bug 1058624