Описание
Security update for samba
This update for samba fixes the following issues:
Security issues fixed:
- CVE-2017-2619: Symlink race permits opening files outside share directory (bsc#1027147).
Bugfixes:
- Don't package man pages for VFS modules that aren't built (bsc#993707).
- sync_req: make async_connect_send() 'reentrant'; (bso#12105); (bsc#1024416).
- Document 'winbind: ignore domains' parameter; (bsc#1019416).
- Prevent core, make sure response->extra_data.data is always cleared out; (bsc#993692).
This update was imported from the SUSE:SLE-12-SP1:Update update project.
Список пакетов
openSUSE Leap 42.1
ctdb-4.2.4-27.1
ctdb-devel-4.2.4-27.1
ctdb-tests-4.2.4-27.1
libdcerpc-atsvc-devel-4.2.4-27.1
libdcerpc-atsvc0-4.2.4-27.1
libdcerpc-atsvc0-32bit-4.2.4-27.1
libdcerpc-binding0-4.2.4-27.1
libdcerpc-binding0-32bit-4.2.4-27.1
libdcerpc-devel-4.2.4-27.1
libdcerpc-samr-devel-4.2.4-27.1
libdcerpc-samr0-4.2.4-27.1
libdcerpc-samr0-32bit-4.2.4-27.1
libdcerpc0-4.2.4-27.1
libdcerpc0-32bit-4.2.4-27.1
libgensec-devel-4.2.4-27.1
libgensec0-4.2.4-27.1
libgensec0-32bit-4.2.4-27.1
libndr-devel-4.2.4-27.1
libndr-krb5pac-devel-4.2.4-27.1
libndr-krb5pac0-4.2.4-27.1
libndr-krb5pac0-32bit-4.2.4-27.1
libndr-nbt-devel-4.2.4-27.1
libndr-nbt0-4.2.4-27.1
libndr-nbt0-32bit-4.2.4-27.1
libndr-standard-devel-4.2.4-27.1
libndr-standard0-4.2.4-27.1
libndr-standard0-32bit-4.2.4-27.1
libndr0-4.2.4-27.1
libndr0-32bit-4.2.4-27.1
libnetapi-devel-4.2.4-27.1
libnetapi0-4.2.4-27.1
libnetapi0-32bit-4.2.4-27.1
libregistry-devel-4.2.4-27.1
libregistry0-4.2.4-27.1
libregistry0-32bit-4.2.4-27.1
libsamba-credentials-devel-4.2.4-27.1
libsamba-credentials0-4.2.4-27.1
libsamba-credentials0-32bit-4.2.4-27.1
libsamba-hostconfig-devel-4.2.4-27.1
libsamba-hostconfig0-4.2.4-27.1
libsamba-hostconfig0-32bit-4.2.4-27.1
libsamba-passdb-devel-4.2.4-27.1
libsamba-passdb0-4.2.4-27.1
libsamba-passdb0-32bit-4.2.4-27.1
libsamba-policy-devel-4.2.4-27.1
libsamba-policy0-4.2.4-27.1
libsamba-policy0-32bit-4.2.4-27.1
libsamba-util-devel-4.2.4-27.1
libsamba-util0-4.2.4-27.1
libsamba-util0-32bit-4.2.4-27.1
libsamdb-devel-4.2.4-27.1
libsamdb0-4.2.4-27.1
libsamdb0-32bit-4.2.4-27.1
libsmbclient-devel-4.2.4-27.1
libsmbclient-raw-devel-4.2.4-27.1
libsmbclient-raw0-4.2.4-27.1
libsmbclient-raw0-32bit-4.2.4-27.1
libsmbclient0-4.2.4-27.1
libsmbclient0-32bit-4.2.4-27.1
libsmbconf-devel-4.2.4-27.1
libsmbconf0-4.2.4-27.1
libsmbconf0-32bit-4.2.4-27.1
libsmbldap-devel-4.2.4-27.1
libsmbldap0-4.2.4-27.1
libsmbldap0-32bit-4.2.4-27.1
libtevent-util-devel-4.2.4-27.1
libtevent-util0-4.2.4-27.1
libtevent-util0-32bit-4.2.4-27.1
libwbclient-devel-4.2.4-27.1
libwbclient0-4.2.4-27.1
libwbclient0-32bit-4.2.4-27.1
samba-4.2.4-27.1
samba-32bit-4.2.4-27.1
samba-client-4.2.4-27.1
samba-client-32bit-4.2.4-27.1
samba-core-devel-4.2.4-27.1
samba-doc-4.2.4-27.1
samba-libs-4.2.4-27.1
samba-libs-32bit-4.2.4-27.1
samba-pidl-4.2.4-27.1
samba-python-4.2.4-27.1
samba-test-4.2.4-27.1
samba-test-devel-4.2.4-27.1
samba-winbind-4.2.4-27.1
samba-winbind-32bit-4.2.4-27.1
Ссылки
- E-Mail link for openSUSE-SU-2017:0935-1
- SUSE Security Ratings
Описание
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
Затронутые продукты
openSUSE Leap 42.1:ctdb-4.2.4-27.1
openSUSE Leap 42.1:ctdb-devel-4.2.4-27.1
openSUSE Leap 42.1:ctdb-tests-4.2.4-27.1
openSUSE Leap 42.1:libdcerpc-atsvc-devel-4.2.4-27.1
Ссылки
- CVE-2017-2619
- SUSE Bug 1027147
- SUSE Bug 1036283