SUSE-SU-2018:2320-1

Опубликовано: 14 авг. 2018

Источник: suse-cvrf

Описание

Security update for samba

This update for samba fixes the following issues:

The following security vulnerability was fixed:

CVE-2018-10858: smbc_urlencode helper function is a subject to buffer overflow (bsc#1103411)

The following other bugs were fixed:

Fix libnss_wins.so.2 link libreplace with rpath (bsc#1054849)

Список пакетов

SUSE Enterprise Storage 4

libdcerpc-binding0-4.4.2-38.20.1

libdcerpc-binding0-32bit-4.4.2-38.20.1

libdcerpc0-4.4.2-38.20.1

libdcerpc0-32bit-4.4.2-38.20.1

libndr-krb5pac0-4.4.2-38.20.1

libndr-krb5pac0-32bit-4.4.2-38.20.1

libndr-nbt0-4.4.2-38.20.1

libndr-nbt0-32bit-4.4.2-38.20.1

libndr-standard0-4.4.2-38.20.1

libndr-standard0-32bit-4.4.2-38.20.1

libndr0-4.4.2-38.20.1

libndr0-32bit-4.4.2-38.20.1

libnetapi0-4.4.2-38.20.1

libnetapi0-32bit-4.4.2-38.20.1

libsamba-credentials0-4.4.2-38.20.1

libsamba-credentials0-32bit-4.4.2-38.20.1

libsamba-errors0-4.4.2-38.20.1

libsamba-errors0-32bit-4.4.2-38.20.1

libsamba-hostconfig0-4.4.2-38.20.1

libsamba-hostconfig0-32bit-4.4.2-38.20.1

libsamba-passdb0-4.4.2-38.20.1

libsamba-passdb0-32bit-4.4.2-38.20.1

libsamba-util0-4.4.2-38.20.1

libsamba-util0-32bit-4.4.2-38.20.1

libsamdb0-4.4.2-38.20.1

libsamdb0-32bit-4.4.2-38.20.1

libsmbclient0-4.4.2-38.20.1

libsmbclient0-32bit-4.4.2-38.20.1

libsmbconf0-4.4.2-38.20.1

libsmbconf0-32bit-4.4.2-38.20.1

libsmbldap0-4.4.2-38.20.1

libsmbldap0-32bit-4.4.2-38.20.1

libtevent-util0-4.4.2-38.20.1

libtevent-util0-32bit-4.4.2-38.20.1

libwbclient0-4.4.2-38.20.1

libwbclient0-32bit-4.4.2-38.20.1

samba-4.4.2-38.20.1

samba-client-4.4.2-38.20.1

samba-client-32bit-4.4.2-38.20.1

samba-doc-4.4.2-38.20.1

samba-libs-4.4.2-38.20.1

samba-libs-32bit-4.4.2-38.20.1

samba-winbind-4.4.2-38.20.1

samba-winbind-32bit-4.4.2-38.20.1

SUSE Linux Enterprise High Availability Extension 12 SP2

ctdb-4.4.2-38.20.1

SUSE Linux Enterprise Server 12 SP2-LTSS

libdcerpc-binding0-4.4.2-38.20.1

libdcerpc-binding0-32bit-4.4.2-38.20.1

libdcerpc0-4.4.2-38.20.1

libdcerpc0-32bit-4.4.2-38.20.1

libndr-krb5pac0-4.4.2-38.20.1

libndr-krb5pac0-32bit-4.4.2-38.20.1

libndr-nbt0-4.4.2-38.20.1

libndr-nbt0-32bit-4.4.2-38.20.1

libndr-standard0-4.4.2-38.20.1

libndr-standard0-32bit-4.4.2-38.20.1

libndr0-4.4.2-38.20.1

libndr0-32bit-4.4.2-38.20.1

libnetapi0-4.4.2-38.20.1

libnetapi0-32bit-4.4.2-38.20.1

libsamba-credentials0-4.4.2-38.20.1

libsamba-credentials0-32bit-4.4.2-38.20.1

libsamba-errors0-4.4.2-38.20.1

libsamba-errors0-32bit-4.4.2-38.20.1

libsamba-hostconfig0-4.4.2-38.20.1

libsamba-hostconfig0-32bit-4.4.2-38.20.1

libsamba-passdb0-4.4.2-38.20.1

libsamba-passdb0-32bit-4.4.2-38.20.1

libsamba-util0-4.4.2-38.20.1

libsamba-util0-32bit-4.4.2-38.20.1

libsamdb0-4.4.2-38.20.1

libsamdb0-32bit-4.4.2-38.20.1

libsmbclient0-4.4.2-38.20.1

libsmbclient0-32bit-4.4.2-38.20.1

libsmbconf0-4.4.2-38.20.1

libsmbconf0-32bit-4.4.2-38.20.1

libsmbldap0-4.4.2-38.20.1

libsmbldap0-32bit-4.4.2-38.20.1

libtevent-util0-4.4.2-38.20.1

libtevent-util0-32bit-4.4.2-38.20.1

libwbclient0-4.4.2-38.20.1

libwbclient0-32bit-4.4.2-38.20.1

samba-4.4.2-38.20.1

samba-client-4.4.2-38.20.1

samba-client-32bit-4.4.2-38.20.1

samba-doc-4.4.2-38.20.1

samba-libs-4.4.2-38.20.1

samba-libs-32bit-4.4.2-38.20.1

samba-winbind-4.4.2-38.20.1

samba-winbind-32bit-4.4.2-38.20.1

SUSE Linux Enterprise Server for SAP Applications 12 SP2

libdcerpc-binding0-4.4.2-38.20.1

libdcerpc-binding0-32bit-4.4.2-38.20.1

libdcerpc0-4.4.2-38.20.1

libdcerpc0-32bit-4.4.2-38.20.1

libndr-krb5pac0-4.4.2-38.20.1

libndr-krb5pac0-32bit-4.4.2-38.20.1

libndr-nbt0-4.4.2-38.20.1

libndr-nbt0-32bit-4.4.2-38.20.1

libndr-standard0-4.4.2-38.20.1

libndr-standard0-32bit-4.4.2-38.20.1

libndr0-4.4.2-38.20.1

libndr0-32bit-4.4.2-38.20.1

libnetapi0-4.4.2-38.20.1

libnetapi0-32bit-4.4.2-38.20.1

libsamba-credentials0-4.4.2-38.20.1

libsamba-credentials0-32bit-4.4.2-38.20.1

libsamba-errors0-4.4.2-38.20.1

libsamba-errors0-32bit-4.4.2-38.20.1

libsamba-hostconfig0-4.4.2-38.20.1

libsamba-hostconfig0-32bit-4.4.2-38.20.1

libsamba-passdb0-4.4.2-38.20.1

libsamba-passdb0-32bit-4.4.2-38.20.1

libsamba-util0-4.4.2-38.20.1

libsamba-util0-32bit-4.4.2-38.20.1

libsamdb0-4.4.2-38.20.1

libsamdb0-32bit-4.4.2-38.20.1

libsmbclient0-4.4.2-38.20.1

libsmbclient0-32bit-4.4.2-38.20.1

libsmbconf0-4.4.2-38.20.1

libsmbconf0-32bit-4.4.2-38.20.1

libsmbldap0-4.4.2-38.20.1

libsmbldap0-32bit-4.4.2-38.20.1

libtevent-util0-4.4.2-38.20.1

libtevent-util0-32bit-4.4.2-38.20.1

libwbclient0-4.4.2-38.20.1

libwbclient0-32bit-4.4.2-38.20.1

samba-4.4.2-38.20.1

samba-client-4.4.2-38.20.1

samba-client-32bit-4.4.2-38.20.1

samba-doc-4.4.2-38.20.1

samba-libs-4.4.2-38.20.1

samba-libs-32bit-4.4.2-38.20.1

samba-winbind-4.4.2-38.20.1

samba-winbind-32bit-4.4.2-38.20.1

SUSE OpenStack Cloud 7

libdcerpc-binding0-4.4.2-38.20.1

libdcerpc-binding0-32bit-4.4.2-38.20.1

libdcerpc0-4.4.2-38.20.1

libdcerpc0-32bit-4.4.2-38.20.1

libndr-krb5pac0-4.4.2-38.20.1

libndr-krb5pac0-32bit-4.4.2-38.20.1

libndr-nbt0-4.4.2-38.20.1

libndr-nbt0-32bit-4.4.2-38.20.1

libndr-standard0-4.4.2-38.20.1

libndr-standard0-32bit-4.4.2-38.20.1

libndr0-4.4.2-38.20.1

libndr0-32bit-4.4.2-38.20.1

libnetapi0-4.4.2-38.20.1

libnetapi0-32bit-4.4.2-38.20.1

libsamba-credentials0-4.4.2-38.20.1

libsamba-credentials0-32bit-4.4.2-38.20.1

libsamba-errors0-4.4.2-38.20.1

libsamba-errors0-32bit-4.4.2-38.20.1

libsamba-hostconfig0-4.4.2-38.20.1

libsamba-hostconfig0-32bit-4.4.2-38.20.1

libsamba-passdb0-4.4.2-38.20.1

libsamba-passdb0-32bit-4.4.2-38.20.1

libsamba-util0-4.4.2-38.20.1

libsamba-util0-32bit-4.4.2-38.20.1

libsamdb0-4.4.2-38.20.1

libsamdb0-32bit-4.4.2-38.20.1

libsmbclient0-4.4.2-38.20.1

libsmbclient0-32bit-4.4.2-38.20.1

libsmbconf0-4.4.2-38.20.1

libsmbconf0-32bit-4.4.2-38.20.1

libsmbldap0-4.4.2-38.20.1

libsmbldap0-32bit-4.4.2-38.20.1

libtevent-util0-4.4.2-38.20.1

libtevent-util0-32bit-4.4.2-38.20.1

libwbclient0-4.4.2-38.20.1

libwbclient0-32bit-4.4.2-38.20.1

samba-4.4.2-38.20.1

samba-client-4.4.2-38.20.1

samba-client-32bit-4.4.2-38.20.1

samba-doc-4.4.2-38.20.1

samba-libs-4.4.2-38.20.1

samba-libs-32bit-4.4.2-38.20.1

samba-winbind-4.4.2-38.20.1

samba-winbind-32bit-4.4.2-38.20.1

Ссылки

https://www.suse.com/support/update/announcement/2018/suse-su-20182320-1/
Link for SUSE-SU-2018:2320-1
https://lists.suse.com/pipermail/sle-security-updates/2018-August/004409.html
E-Mail link for SUSE-SU-2018:2320-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1054849
SUSE Bug 1054849
https://bugzilla.suse.com/1103411
SUSE Bug 1103411
https://www.suse.com/security/cve/CVE-2018-10858/
SUSE CVE CVE-2018-10858 page

Описание

A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.

Затронутые продукты

SUSE Enterprise Storage 4:libdcerpc-binding0-32bit-4.4.2-38.20.1

SUSE Enterprise Storage 4:libdcerpc-binding0-4.4.2-38.20.1

SUSE Enterprise Storage 4:libdcerpc0-32bit-4.4.2-38.20.1

SUSE Enterprise Storage 4:libdcerpc0-4.4.2-38.20.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-10858.html
CVE-2018-10858
https://bugzilla.suse.com/1103411
SUSE Bug 1103411
https://bugzilla.suse.com/1110943
SUSE Bug 1110943

SUSE-SU-2018:2320-1

Описание

Список пакетов

SUSE Enterprise Storage 4

SUSE Linux Enterprise High Availability Extension 12 SP2

SUSE Linux Enterprise Server 12 SP2-LTSS

SUSE Linux Enterprise Server for SAP Applications 12 SP2

SUSE OpenStack Cloud 7

Ссылки

Уязвимость: CVE-2018-10858

Описание

Затронутые продукты

Ссылки