Описание
Security update for samba
This update for samba provides the following fixes:
- CVE-2016-2119: Prevent client-side SMB2 signing downgrade. (bsc#986869)
- Fix possible ctdb crash when opening sockets with htons(IPPROTO_RAW). (bsc#969522)
- Honor smb.conf socket options in winbind. (bsc#975131)
- Fix ntlm-auth segmentation fault with squid. (bsc#986228)
- Implement new '--no-dns-updates' option in 'net ads' command. (bsc#991564)
- Fix population of ctdb sysconfig after source merge. (bsc#981566)
This update was imported from the SUSE:SLE-12-SP1:Update project.
Список пакетов
openSUSE Leap 42.1
ctdb-4.2.4-21.3
ctdb-devel-4.2.4-21.3
ctdb-tests-4.2.4-21.3
libdcerpc-atsvc-devel-4.2.4-21.3
libdcerpc-atsvc0-4.2.4-21.3
libdcerpc-atsvc0-32bit-4.2.4-21.3
libdcerpc-binding0-4.2.4-21.3
libdcerpc-binding0-32bit-4.2.4-21.3
libdcerpc-devel-4.2.4-21.3
libdcerpc-samr-devel-4.2.4-21.3
libdcerpc-samr0-4.2.4-21.3
libdcerpc-samr0-32bit-4.2.4-21.3
libdcerpc0-4.2.4-21.3
libdcerpc0-32bit-4.2.4-21.3
libgensec-devel-4.2.4-21.3
libgensec0-4.2.4-21.3
libgensec0-32bit-4.2.4-21.3
libndr-devel-4.2.4-21.3
libndr-krb5pac-devel-4.2.4-21.3
libndr-krb5pac0-4.2.4-21.3
libndr-krb5pac0-32bit-4.2.4-21.3
libndr-nbt-devel-4.2.4-21.3
libndr-nbt0-4.2.4-21.3
libndr-nbt0-32bit-4.2.4-21.3
libndr-standard-devel-4.2.4-21.3
libndr-standard0-4.2.4-21.3
libndr-standard0-32bit-4.2.4-21.3
libndr0-4.2.4-21.3
libndr0-32bit-4.2.4-21.3
libnetapi-devel-4.2.4-21.3
libnetapi0-4.2.4-21.3
libnetapi0-32bit-4.2.4-21.3
libregistry-devel-4.2.4-21.3
libregistry0-4.2.4-21.3
libregistry0-32bit-4.2.4-21.3
libsamba-credentials-devel-4.2.4-21.3
libsamba-credentials0-4.2.4-21.3
libsamba-credentials0-32bit-4.2.4-21.3
libsamba-hostconfig-devel-4.2.4-21.3
libsamba-hostconfig0-4.2.4-21.3
libsamba-hostconfig0-32bit-4.2.4-21.3
libsamba-passdb-devel-4.2.4-21.3
libsamba-passdb0-4.2.4-21.3
libsamba-passdb0-32bit-4.2.4-21.3
libsamba-policy-devel-4.2.4-21.3
libsamba-policy0-4.2.4-21.3
libsamba-policy0-32bit-4.2.4-21.3
libsamba-util-devel-4.2.4-21.3
libsamba-util0-4.2.4-21.3
libsamba-util0-32bit-4.2.4-21.3
libsamdb-devel-4.2.4-21.3
libsamdb0-4.2.4-21.3
libsamdb0-32bit-4.2.4-21.3
libsmbclient-devel-4.2.4-21.3
libsmbclient-raw-devel-4.2.4-21.3
libsmbclient-raw0-4.2.4-21.3
libsmbclient-raw0-32bit-4.2.4-21.3
libsmbclient0-4.2.4-21.3
libsmbclient0-32bit-4.2.4-21.3
libsmbconf-devel-4.2.4-21.3
libsmbconf0-4.2.4-21.3
libsmbconf0-32bit-4.2.4-21.3
libsmbldap-devel-4.2.4-21.3
libsmbldap0-4.2.4-21.3
libsmbldap0-32bit-4.2.4-21.3
libtevent-util-devel-4.2.4-21.3
libtevent-util0-4.2.4-21.3
libtevent-util0-32bit-4.2.4-21.3
libwbclient-devel-4.2.4-21.3
libwbclient0-4.2.4-21.3
libwbclient0-32bit-4.2.4-21.3
samba-4.2.4-21.3
samba-32bit-4.2.4-21.3
samba-client-4.2.4-21.3
samba-client-32bit-4.2.4-21.3
samba-core-devel-4.2.4-21.3
samba-doc-4.2.4-21.3
samba-libs-4.2.4-21.3
samba-libs-32bit-4.2.4-21.3
samba-pidl-4.2.4-21.3
samba-python-4.2.4-21.3
samba-test-4.2.4-21.3
samba-test-devel-4.2.4-21.3
samba-winbind-4.2.4-21.3
samba-winbind-32bit-4.2.4-21.3
Ссылки
- E-Mail link for openSUSE-SU-2016:2371-1
- SUSE Security Ratings
Описание
libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the (1) SMB2_SESSION_FLAG_IS_GUEST or (2) SMB2_SESSION_FLAG_IS_NULL flag.
Затронутые продукты
openSUSE Leap 42.1:ctdb-4.2.4-21.3
openSUSE Leap 42.1:ctdb-devel-4.2.4-21.3
openSUSE Leap 42.1:ctdb-tests-4.2.4-21.3
openSUSE Leap 42.1:libdcerpc-atsvc-devel-4.2.4-21.3
Ссылки
- CVE-2016-2119
- SUSE Bug 986869