openSUSE-SU-2017:1401-1

Опубликовано: 24 мая 2017

Источник: suse-cvrf

Описание

Security update for samba

This update for samba fixes the following issue:

An unprivileged user with access to the samba server could cause smbd to load a specially crafted shared library, which then had the ability to execute arbitrary code on the server as 'root'. [CVE-2017-7494, bso#12780, bsc#1038231]

This update was imported from the SUSE:SLE-12-SP2:Update update project.

Список пакетов

openSUSE Leap 42.2

ctdb-4.4.2-11.9.1

ctdb-tests-4.4.2-11.9.1

libdcerpc-binding0-4.4.2-11.9.1

libdcerpc-binding0-32bit-4.4.2-11.9.1

libdcerpc-devel-4.4.2-11.9.1

libdcerpc-samr-devel-4.4.2-11.9.1

libdcerpc-samr0-4.4.2-11.9.1

libdcerpc-samr0-32bit-4.4.2-11.9.1

libdcerpc0-4.4.2-11.9.1

libdcerpc0-32bit-4.4.2-11.9.1

libndr-devel-4.4.2-11.9.1

libndr-krb5pac-devel-4.4.2-11.9.1

libndr-krb5pac0-4.4.2-11.9.1

libndr-krb5pac0-32bit-4.4.2-11.9.1

libndr-nbt-devel-4.4.2-11.9.1

libndr-nbt0-4.4.2-11.9.1

libndr-nbt0-32bit-4.4.2-11.9.1

libndr-standard-devel-4.4.2-11.9.1

libndr-standard0-4.4.2-11.9.1

libndr-standard0-32bit-4.4.2-11.9.1

libndr0-4.4.2-11.9.1

libndr0-32bit-4.4.2-11.9.1

libnetapi-devel-4.4.2-11.9.1

libnetapi0-4.4.2-11.9.1

libnetapi0-32bit-4.4.2-11.9.1

libsamba-credentials-devel-4.4.2-11.9.1

libsamba-credentials0-4.4.2-11.9.1

libsamba-credentials0-32bit-4.4.2-11.9.1

libsamba-errors-devel-4.4.2-11.9.1

libsamba-errors0-4.4.2-11.9.1

libsamba-errors0-32bit-4.4.2-11.9.1

libsamba-hostconfig-devel-4.4.2-11.9.1

libsamba-hostconfig0-4.4.2-11.9.1

libsamba-hostconfig0-32bit-4.4.2-11.9.1

libsamba-passdb-devel-4.4.2-11.9.1

libsamba-passdb0-4.4.2-11.9.1

libsamba-passdb0-32bit-4.4.2-11.9.1

libsamba-policy-devel-4.4.2-11.9.1

libsamba-policy0-4.4.2-11.9.1

libsamba-policy0-32bit-4.4.2-11.9.1

libsamba-util-devel-4.4.2-11.9.1

libsamba-util0-4.4.2-11.9.1

libsamba-util0-32bit-4.4.2-11.9.1

libsamdb-devel-4.4.2-11.9.1

libsamdb0-4.4.2-11.9.1

libsamdb0-32bit-4.4.2-11.9.1

libsmbclient-devel-4.4.2-11.9.1

libsmbclient0-4.4.2-11.9.1

libsmbclient0-32bit-4.4.2-11.9.1

libsmbconf-devel-4.4.2-11.9.1

libsmbconf0-4.4.2-11.9.1

libsmbconf0-32bit-4.4.2-11.9.1

libsmbldap-devel-4.4.2-11.9.1

libsmbldap0-4.4.2-11.9.1

libsmbldap0-32bit-4.4.2-11.9.1

libtevent-util-devel-4.4.2-11.9.1

libtevent-util0-4.4.2-11.9.1

libtevent-util0-32bit-4.4.2-11.9.1

libwbclient-devel-4.4.2-11.9.1

libwbclient0-4.4.2-11.9.1

libwbclient0-32bit-4.4.2-11.9.1

samba-4.4.2-11.9.1

samba-client-4.4.2-11.9.1

samba-client-32bit-4.4.2-11.9.1

samba-core-devel-4.4.2-11.9.1

samba-doc-4.4.2-11.9.1

samba-libs-4.4.2-11.9.1

samba-libs-32bit-4.4.2-11.9.1

samba-pidl-4.4.2-11.9.1

samba-python-4.4.2-11.9.1

samba-test-4.4.2-11.9.1

samba-winbind-4.4.2-11.9.1

samba-winbind-32bit-4.4.2-11.9.1

Ссылки

https://lists.opensuse.org/opensuse-security-announce/2017-05/msg00069.html
E-Mail link for openSUSE-SU-2017:1401-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.

Затронутые продукты

openSUSE Leap 42.2:ctdb-4.4.2-11.9.1

openSUSE Leap 42.2:ctdb-tests-4.4.2-11.9.1

openSUSE Leap 42.2:libdcerpc-binding0-32bit-4.4.2-11.9.1

openSUSE Leap 42.2:libdcerpc-binding0-4.4.2-11.9.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-7494.html
CVE-2017-7494
https://bugzilla.suse.com/1038231
SUSE Bug 1038231
https://bugzilla.suse.com/1040816
SUSE Bug 1040816

openSUSE-SU-2017:1401-1

Описание

Список пакетов

openSUSE Leap 42.2

Ссылки

Уязвимость: CVE-2017-7494

Описание

Затронутые продукты

Ссылки