SUSE-SU-2018:2329-1

Опубликовано: 14 авг. 2018

Источник: suse-cvrf

Описание

Security update for samba

This update for samba fixes the following issues:

The following security issues were fixed:

CVE-2018-10858: Insufficient input validation on client directory listing in libsmbclient (bsc#1103411).

The following other bugs were fixed:

s3:winbindd: allow a fallback to NTLMSSP for LDAP connections (bsc#1079449)

Список пакетов

SUSE Linux Enterprise Point of Sale 11 SP3

ldapsmb-1.34b-94.14.2

libldb1-3.6.3-94.14.2

libsmbclient0-3.6.3-94.14.2

libtalloc2-3.6.3-94.14.2

libtdb1-3.6.3-94.14.2

libtevent0-3.6.3-94.14.2

libwbclient0-3.6.3-94.14.2

samba-3.6.3-94.14.2

samba-client-3.6.3-94.14.2

samba-doc-3.6.3-94.14.2

samba-krb-printing-3.6.3-94.14.2

samba-winbind-3.6.3-94.14.2

SUSE Linux Enterprise Server 11 SP3-LTSS

ldapsmb-1.34b-94.14.2

libldb1-3.6.3-94.14.2

libsmbclient0-3.6.3-94.14.2

libsmbclient0-32bit-3.6.3-94.14.2

libtalloc2-3.6.3-94.14.2

libtalloc2-32bit-3.6.3-94.14.2

libtdb1-3.6.3-94.14.2

libtdb1-32bit-3.6.3-94.14.2

libtevent0-3.6.3-94.14.2

libtevent0-32bit-3.6.3-94.14.2

libwbclient0-3.6.3-94.14.2

libwbclient0-32bit-3.6.3-94.14.2

samba-3.6.3-94.14.2

samba-32bit-3.6.3-94.14.2

samba-client-3.6.3-94.14.2

samba-client-32bit-3.6.3-94.14.2

samba-doc-3.6.3-94.14.2

samba-krb-printing-3.6.3-94.14.2

samba-winbind-3.6.3-94.14.2

samba-winbind-32bit-3.6.3-94.14.2

SUSE Linux Enterprise Server 11 SP3-TERADATA

ldapsmb-1.34b-94.14.2

libldb1-3.6.3-94.14.2

libsmbclient0-3.6.3-94.14.2

libsmbclient0-32bit-3.6.3-94.14.2

libtalloc2-3.6.3-94.14.2

libtalloc2-32bit-3.6.3-94.14.2

libtdb1-3.6.3-94.14.2

libtdb1-32bit-3.6.3-94.14.2

libtevent0-3.6.3-94.14.2

libtevent0-32bit-3.6.3-94.14.2

libwbclient0-3.6.3-94.14.2

libwbclient0-32bit-3.6.3-94.14.2

samba-3.6.3-94.14.2

samba-32bit-3.6.3-94.14.2

samba-client-3.6.3-94.14.2

samba-client-32bit-3.6.3-94.14.2

samba-doc-3.6.3-94.14.2

samba-krb-printing-3.6.3-94.14.2

samba-winbind-3.6.3-94.14.2

samba-winbind-32bit-3.6.3-94.14.2

SUSE Linux Enterprise Server 11 SP4

ldapsmb-1.34b-94.14.2

libldb1-3.6.3-94.14.2

libsmbclient0-3.6.3-94.14.2

libsmbclient0-32bit-3.6.3-94.14.2

libsmbclient0-x86-3.6.3-94.14.2

libtalloc2-3.6.3-94.14.2

libtalloc2-32bit-3.6.3-94.14.2

libtalloc2-x86-3.6.3-94.14.2

libtdb1-3.6.3-94.14.2

libtdb1-32bit-3.6.3-94.14.2

libtdb1-x86-3.6.3-94.14.2

libtevent0-3.6.3-94.14.2

libtevent0-32bit-3.6.3-94.14.2

libtevent0-x86-3.6.3-94.14.2

libwbclient0-3.6.3-94.14.2

libwbclient0-32bit-3.6.3-94.14.2

libwbclient0-x86-3.6.3-94.14.2

samba-3.6.3-94.14.2

samba-32bit-3.6.3-94.14.2

samba-client-3.6.3-94.14.2

samba-client-32bit-3.6.3-94.14.2

samba-client-x86-3.6.3-94.14.2

samba-doc-3.6.3-94.14.2

samba-krb-printing-3.6.3-94.14.2

samba-winbind-3.6.3-94.14.2

samba-winbind-32bit-3.6.3-94.14.2

samba-winbind-x86-3.6.3-94.14.2

samba-x86-3.6.3-94.14.2

SUSE Linux Enterprise Server for SAP Applications 11 SP4

ldapsmb-1.34b-94.14.2

libldb1-3.6.3-94.14.2

libsmbclient0-3.6.3-94.14.2

libsmbclient0-32bit-3.6.3-94.14.2

libsmbclient0-x86-3.6.3-94.14.2

libtalloc2-3.6.3-94.14.2

libtalloc2-32bit-3.6.3-94.14.2

libtalloc2-x86-3.6.3-94.14.2

libtdb1-3.6.3-94.14.2

libtdb1-32bit-3.6.3-94.14.2

libtdb1-x86-3.6.3-94.14.2

libtevent0-3.6.3-94.14.2

libtevent0-32bit-3.6.3-94.14.2

libtevent0-x86-3.6.3-94.14.2

libwbclient0-3.6.3-94.14.2

libwbclient0-32bit-3.6.3-94.14.2

libwbclient0-x86-3.6.3-94.14.2

samba-3.6.3-94.14.2

samba-32bit-3.6.3-94.14.2

samba-client-3.6.3-94.14.2

samba-client-32bit-3.6.3-94.14.2

samba-client-x86-3.6.3-94.14.2

samba-doc-3.6.3-94.14.2

samba-krb-printing-3.6.3-94.14.2

samba-winbind-3.6.3-94.14.2

samba-winbind-32bit-3.6.3-94.14.2

samba-winbind-x86-3.6.3-94.14.2

samba-x86-3.6.3-94.14.2

SUSE Linux Enterprise Software Development Kit 11 SP4

libldb-devel-3.6.3-94.14.2

libnetapi-devel-3.6.3-94.14.2

libnetapi0-3.6.3-94.14.2

libsmbclient-devel-3.6.3-94.14.2

libsmbsharemodes-devel-3.6.3-94.14.2

libsmbsharemodes0-3.6.3-94.14.2

libtalloc-devel-3.6.3-94.14.2

libtdb-devel-3.6.3-94.14.2

libtevent-devel-3.6.3-94.14.2

libwbclient-devel-3.6.3-94.14.2

samba-devel-3.6.3-94.14.2

samba-test-3.6.3-94.14.2

Ссылки

https://www.suse.com/support/update/announcement/2018/suse-su-20182329-1/
Link for SUSE-SU-2018:2329-1
https://lists.suse.com/pipermail/sle-security-updates/2018-August/004415.html
E-Mail link for SUSE-SU-2018:2329-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1079449
SUSE Bug 1079449
https://bugzilla.suse.com/1103411
SUSE Bug 1103411
https://www.suse.com/security/cve/CVE-2018-10858/
SUSE CVE CVE-2018-10858 page

Описание

A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.

Затронутые продукты

SUSE Linux Enterprise Point of Sale 11 SP3:ldapsmb-1.34b-94.14.2

SUSE Linux Enterprise Point of Sale 11 SP3:libldb1-3.6.3-94.14.2

SUSE Linux Enterprise Point of Sale 11 SP3:libsmbclient0-3.6.3-94.14.2

SUSE Linux Enterprise Point of Sale 11 SP3:libtalloc2-3.6.3-94.14.2

Ссылки

https://www.suse.com/security/cve/CVE-2018-10858.html
CVE-2018-10858
https://bugzilla.suse.com/1103411
SUSE Bug 1103411
https://bugzilla.suse.com/1110943
SUSE Bug 1110943

SUSE-SU-2018:2329-1

Описание

Список пакетов

SUSE Linux Enterprise Point of Sale 11 SP3

SUSE Linux Enterprise Server 11 SP3-LTSS

SUSE Linux Enterprise Server 11 SP3-TERADATA

SUSE Linux Enterprise Server 11 SP4

SUSE Linux Enterprise Server for SAP Applications 11 SP4

SUSE Linux Enterprise Software Development Kit 11 SP4

Ссылки

Уязвимость: CVE-2018-10858

Описание

Затронутые продукты

Ссылки