Описание
Security update for samba
This update for samba fixes the following issues:
Update to samba 4.11.14
- CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records (bsc#1177613).
- CVE-2020-14323: Unprivileged user can crash winbind (bsc#1173994).
- CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify (bsc#1173902).
- lib/util: Do not install /usr/bin/test_util
- smbd: don't log success as error
- idmap_ad does not deal properly with a RFC4511 section 4.4.1 response;
- winbind: Fix a memleak
- idmap_ad: Pass tldap debug messages on to DEBUG()
- lib/replace: Move lib/replace/closefrom.c from ROKEN_HOSTCC_SOURCE to REPLACE_HOSTCC_SOURCE
- ctdb disable/enable can fail due to race condition
Список пакетов
SUSE Linux Enterprise High Availability Extension 15 SP2
ctdb-4.11.14+git.202.344b137b75d-4.14.1
SUSE Linux Enterprise Module for Basesystem 15 SP2
libdcerpc-binding0-4.11.14+git.202.344b137b75d-4.14.1
libdcerpc-binding0-32bit-4.11.14+git.202.344b137b75d-4.14.1
libdcerpc-devel-4.11.14+git.202.344b137b75d-4.14.1
libdcerpc-samr-devel-4.11.14+git.202.344b137b75d-4.14.1
libdcerpc-samr0-4.11.14+git.202.344b137b75d-4.14.1
libdcerpc0-4.11.14+git.202.344b137b75d-4.14.1
libdcerpc0-32bit-4.11.14+git.202.344b137b75d-4.14.1
libndr-devel-4.11.14+git.202.344b137b75d-4.14.1
libndr-krb5pac-devel-4.11.14+git.202.344b137b75d-4.14.1
libndr-krb5pac0-4.11.14+git.202.344b137b75d-4.14.1
libndr-krb5pac0-32bit-4.11.14+git.202.344b137b75d-4.14.1
libndr-nbt-devel-4.11.14+git.202.344b137b75d-4.14.1
libndr-nbt0-4.11.14+git.202.344b137b75d-4.14.1
libndr-nbt0-32bit-4.11.14+git.202.344b137b75d-4.14.1
libndr-standard-devel-4.11.14+git.202.344b137b75d-4.14.1
libndr-standard0-4.11.14+git.202.344b137b75d-4.14.1
libndr-standard0-32bit-4.11.14+git.202.344b137b75d-4.14.1
libndr0-4.11.14+git.202.344b137b75d-4.14.1
libndr0-32bit-4.11.14+git.202.344b137b75d-4.14.1
libnetapi-devel-4.11.14+git.202.344b137b75d-4.14.1
libnetapi0-4.11.14+git.202.344b137b75d-4.14.1
libnetapi0-32bit-4.11.14+git.202.344b137b75d-4.14.1
libsamba-credentials-devel-4.11.14+git.202.344b137b75d-4.14.1
libsamba-credentials0-4.11.14+git.202.344b137b75d-4.14.1
libsamba-credentials0-32bit-4.11.14+git.202.344b137b75d-4.14.1
libsamba-errors-devel-4.11.14+git.202.344b137b75d-4.14.1
libsamba-errors0-4.11.14+git.202.344b137b75d-4.14.1
libsamba-errors0-32bit-4.11.14+git.202.344b137b75d-4.14.1
libsamba-hostconfig-devel-4.11.14+git.202.344b137b75d-4.14.1
libsamba-hostconfig0-4.11.14+git.202.344b137b75d-4.14.1
libsamba-hostconfig0-32bit-4.11.14+git.202.344b137b75d-4.14.1
libsamba-passdb-devel-4.11.14+git.202.344b137b75d-4.14.1
libsamba-passdb0-4.11.14+git.202.344b137b75d-4.14.1
libsamba-passdb0-32bit-4.11.14+git.202.344b137b75d-4.14.1
libsamba-policy-devel-4.11.14+git.202.344b137b75d-4.14.1
libsamba-policy-python3-devel-4.11.14+git.202.344b137b75d-4.14.1
libsamba-policy0-python3-4.11.14+git.202.344b137b75d-4.14.1
libsamba-util-devel-4.11.14+git.202.344b137b75d-4.14.1
libsamba-util0-4.11.14+git.202.344b137b75d-4.14.1
libsamba-util0-32bit-4.11.14+git.202.344b137b75d-4.14.1
libsamdb-devel-4.11.14+git.202.344b137b75d-4.14.1
libsamdb0-4.11.14+git.202.344b137b75d-4.14.1
libsamdb0-32bit-4.11.14+git.202.344b137b75d-4.14.1
libsmbclient-devel-4.11.14+git.202.344b137b75d-4.14.1
libsmbclient0-4.11.14+git.202.344b137b75d-4.14.1
libsmbconf-devel-4.11.14+git.202.344b137b75d-4.14.1
libsmbconf0-4.11.14+git.202.344b137b75d-4.14.1
libsmbconf0-32bit-4.11.14+git.202.344b137b75d-4.14.1
libsmbldap-devel-4.11.14+git.202.344b137b75d-4.14.1
libsmbldap2-4.11.14+git.202.344b137b75d-4.14.1
libsmbldap2-32bit-4.11.14+git.202.344b137b75d-4.14.1
libtevent-util-devel-4.11.14+git.202.344b137b75d-4.14.1
libtevent-util0-4.11.14+git.202.344b137b75d-4.14.1
libtevent-util0-32bit-4.11.14+git.202.344b137b75d-4.14.1
libwbclient-devel-4.11.14+git.202.344b137b75d-4.14.1
libwbclient0-4.11.14+git.202.344b137b75d-4.14.1
libwbclient0-32bit-4.11.14+git.202.344b137b75d-4.14.1
samba-4.11.14+git.202.344b137b75d-4.14.1
samba-ceph-4.11.14+git.202.344b137b75d-4.14.1
samba-client-4.11.14+git.202.344b137b75d-4.14.1
samba-core-devel-4.11.14+git.202.344b137b75d-4.14.1
samba-libs-4.11.14+git.202.344b137b75d-4.14.1
samba-libs-32bit-4.11.14+git.202.344b137b75d-4.14.1
samba-libs-python3-4.11.14+git.202.344b137b75d-4.14.1
samba-python3-4.11.14+git.202.344b137b75d-4.14.1
samba-winbind-4.11.14+git.202.344b137b75d-4.14.1
samba-winbind-32bit-4.11.14+git.202.344b137b75d-4.14.1
SUSE Linux Enterprise Module for Python 2 15 SP2
samba-ad-dc-4.11.14+git.202.344b137b75d-4.14.1
samba-dsdb-modules-4.11.14+git.202.344b137b75d-4.14.1
Ссылки
- Link for SUSE-SU-2020:3081-1
- E-Mail link for SUSE-SU-2020:3081-1
- SUSE Security Ratings
- SUSE Bug 1173902
- SUSE Bug 1173994
- SUSE Bug 1177613
- SUSE CVE CVE-2020-14318 page
- SUSE CVE CVE-2020-14323 page
- SUSE CVE CVE-2020-14383 page
Описание
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.
Затронутые продукты
SUSE Linux Enterprise High Availability Extension 15 SP2:ctdb-4.11.14+git.202.344b137b75d-4.14.1
SUSE Linux Enterprise Module for Basesystem 15 SP2:libdcerpc-binding0-32bit-4.11.14+git.202.344b137b75d-4.14.1
SUSE Linux Enterprise Module for Basesystem 15 SP2:libdcerpc-binding0-4.11.14+git.202.344b137b75d-4.14.1
SUSE Linux Enterprise Module for Basesystem 15 SP2:libdcerpc-devel-4.11.14+git.202.344b137b75d-4.14.1
Ссылки
- CVE-2020-14318
- SUSE Bug 1173902
Описание
A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.
Затронутые продукты
SUSE Linux Enterprise High Availability Extension 15 SP2:ctdb-4.11.14+git.202.344b137b75d-4.14.1
SUSE Linux Enterprise Module for Basesystem 15 SP2:libdcerpc-binding0-32bit-4.11.14+git.202.344b137b75d-4.14.1
SUSE Linux Enterprise Module for Basesystem 15 SP2:libdcerpc-binding0-4.11.14+git.202.344b137b75d-4.14.1
SUSE Linux Enterprise Module for Basesystem 15 SP2:libdcerpc-devel-4.11.14+git.202.344b137b75d-4.14.1
Ссылки
- CVE-2020-14323
- SUSE Bug 1173994
Описание
A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again as soon as it returns. The Samba DNS server itself will continue to operate, but many RPC services will not.
Затронутые продукты
SUSE Linux Enterprise High Availability Extension 15 SP2:ctdb-4.11.14+git.202.344b137b75d-4.14.1
SUSE Linux Enterprise Module for Basesystem 15 SP2:libdcerpc-binding0-32bit-4.11.14+git.202.344b137b75d-4.14.1
SUSE Linux Enterprise Module for Basesystem 15 SP2:libdcerpc-binding0-4.11.14+git.202.344b137b75d-4.14.1
SUSE Linux Enterprise Module for Basesystem 15 SP2:libdcerpc-devel-4.11.14+git.202.344b137b75d-4.14.1
Ссылки
- CVE-2020-14383
- SUSE Bug 1177613