Описание
Security update for samba
This update for samba fixes the following issues:
Security issues fixed:
- CVE-2017-14746: Use-after-free vulnerability (bsc#1060427).
- CVE-2017-15275: Server heap memory information leak (bsc#1063008).
Bug fixes:
- Update 'winbind expand groups' doc in smb.conf man page (bsc#1027593).
This update was imported from the SUSE:SLE-12-SP2:Update update project.
Список пакетов
openSUSE Leap 42.2
ctdb-4.4.2-11.15.1
ctdb-tests-4.4.2-11.15.1
libdcerpc-binding0-4.4.2-11.15.1
libdcerpc-binding0-32bit-4.4.2-11.15.1
libdcerpc-devel-4.4.2-11.15.1
libdcerpc-samr-devel-4.4.2-11.15.1
libdcerpc-samr0-4.4.2-11.15.1
libdcerpc-samr0-32bit-4.4.2-11.15.1
libdcerpc0-4.4.2-11.15.1
libdcerpc0-32bit-4.4.2-11.15.1
libndr-devel-4.4.2-11.15.1
libndr-krb5pac-devel-4.4.2-11.15.1
libndr-krb5pac0-4.4.2-11.15.1
libndr-krb5pac0-32bit-4.4.2-11.15.1
libndr-nbt-devel-4.4.2-11.15.1
libndr-nbt0-4.4.2-11.15.1
libndr-nbt0-32bit-4.4.2-11.15.1
libndr-standard-devel-4.4.2-11.15.1
libndr-standard0-4.4.2-11.15.1
libndr-standard0-32bit-4.4.2-11.15.1
libndr0-4.4.2-11.15.1
libndr0-32bit-4.4.2-11.15.1
libnetapi-devel-4.4.2-11.15.1
libnetapi0-4.4.2-11.15.1
libnetapi0-32bit-4.4.2-11.15.1
libsamba-credentials-devel-4.4.2-11.15.1
libsamba-credentials0-4.4.2-11.15.1
libsamba-credentials0-32bit-4.4.2-11.15.1
libsamba-errors-devel-4.4.2-11.15.1
libsamba-errors0-4.4.2-11.15.1
libsamba-errors0-32bit-4.4.2-11.15.1
libsamba-hostconfig-devel-4.4.2-11.15.1
libsamba-hostconfig0-4.4.2-11.15.1
libsamba-hostconfig0-32bit-4.4.2-11.15.1
libsamba-passdb-devel-4.4.2-11.15.1
libsamba-passdb0-4.4.2-11.15.1
libsamba-passdb0-32bit-4.4.2-11.15.1
libsamba-policy-devel-4.4.2-11.15.1
libsamba-policy0-4.4.2-11.15.1
libsamba-policy0-32bit-4.4.2-11.15.1
libsamba-util-devel-4.4.2-11.15.1
libsamba-util0-4.4.2-11.15.1
libsamba-util0-32bit-4.4.2-11.15.1
libsamdb-devel-4.4.2-11.15.1
libsamdb0-4.4.2-11.15.1
libsamdb0-32bit-4.4.2-11.15.1
libsmbclient-devel-4.4.2-11.15.1
libsmbclient0-4.4.2-11.15.1
libsmbclient0-32bit-4.4.2-11.15.1
libsmbconf-devel-4.4.2-11.15.1
libsmbconf0-4.4.2-11.15.1
libsmbconf0-32bit-4.4.2-11.15.1
libsmbldap-devel-4.4.2-11.15.1
libsmbldap0-4.4.2-11.15.1
libsmbldap0-32bit-4.4.2-11.15.1
libtevent-util-devel-4.4.2-11.15.1
libtevent-util0-4.4.2-11.15.1
libtevent-util0-32bit-4.4.2-11.15.1
libwbclient-devel-4.4.2-11.15.1
libwbclient0-4.4.2-11.15.1
libwbclient0-32bit-4.4.2-11.15.1
samba-4.4.2-11.15.1
samba-client-4.4.2-11.15.1
samba-client-32bit-4.4.2-11.15.1
samba-core-devel-4.4.2-11.15.1
samba-doc-4.4.2-11.15.1
samba-libs-4.4.2-11.15.1
samba-libs-32bit-4.4.2-11.15.1
samba-pidl-4.4.2-11.15.1
samba-python-4.4.2-11.15.1
samba-test-4.4.2-11.15.1
samba-winbind-4.4.2-11.15.1
samba-winbind-32bit-4.4.2-11.15.1
Ссылки
- E-Mail link for openSUSE-SU-2017:3141-1
- SUSE Security Ratings
Описание
Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request.
Затронутые продукты
openSUSE Leap 42.2:ctdb-4.4.2-11.15.1
openSUSE Leap 42.2:ctdb-tests-4.4.2-11.15.1
openSUSE Leap 42.2:libdcerpc-binding0-32bit-4.4.2-11.15.1
openSUSE Leap 42.2:libdcerpc-binding0-4.4.2-11.15.1
Ссылки
- CVE-2017-14746
- SUSE Bug 1060427
Описание
Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.
Затронутые продукты
openSUSE Leap 42.2:ctdb-4.4.2-11.15.1
openSUSE Leap 42.2:ctdb-tests-4.4.2-11.15.1
openSUSE Leap 42.2:libdcerpc-binding0-32bit-4.4.2-11.15.1
openSUSE Leap 42.2:libdcerpc-binding0-4.4.2-11.15.1
Ссылки
- CVE-2017-15275
- SUSE Bug 1063008