openSUSE-SU-2018:3211-1

Опубликовано: 17 окт. 2018

Источник: suse-cvrf

Описание

Security update for samba

Samba was updated to 4.6.15, bringing bug and security fixes. (bsc#1110943)

Following security issues were fixed:

CVE-2018-10919: Fix unauthorized attribute access via searches. (bsc#1095057);

Non-security bugs fixed:

Fix ctdb_mutex_ceph_rados_helper deadlock (bsc#1102230).
Allow idmap_rid to have primary group other than 'Domain Users' (bsc#1087931).
winbind: avoid using fstrcpy in _dual_init_connection.
Fix ntlm authentications with 'winbind use default domain = yes' (bsc#1068059).

This update was imported from the SUSE:SLE-12-SP3:Update update project.

Список пакетов

openSUSE Leap 42.3

ctdb-4.6.16+git.124.aee309c5c18-21.1

ctdb-tests-4.6.16+git.124.aee309c5c18-21.1

libdcerpc-binding0-4.6.16+git.124.aee309c5c18-21.1

libdcerpc-binding0-32bit-4.6.16+git.124.aee309c5c18-21.1

libdcerpc-devel-4.6.16+git.124.aee309c5c18-21.1

libdcerpc-samr-devel-4.6.16+git.124.aee309c5c18-21.1

libdcerpc-samr0-4.6.16+git.124.aee309c5c18-21.1

libdcerpc-samr0-32bit-4.6.16+git.124.aee309c5c18-21.1

libdcerpc0-4.6.16+git.124.aee309c5c18-21.1

libdcerpc0-32bit-4.6.16+git.124.aee309c5c18-21.1

libndr-devel-4.6.16+git.124.aee309c5c18-21.1

libndr-krb5pac-devel-4.6.16+git.124.aee309c5c18-21.1

libndr-krb5pac0-4.6.16+git.124.aee309c5c18-21.1

libndr-krb5pac0-32bit-4.6.16+git.124.aee309c5c18-21.1

libndr-nbt-devel-4.6.16+git.124.aee309c5c18-21.1

libndr-nbt0-4.6.16+git.124.aee309c5c18-21.1

libndr-nbt0-32bit-4.6.16+git.124.aee309c5c18-21.1

libndr-standard-devel-4.6.16+git.124.aee309c5c18-21.1

libndr-standard0-4.6.16+git.124.aee309c5c18-21.1

libndr-standard0-32bit-4.6.16+git.124.aee309c5c18-21.1

libndr0-4.6.16+git.124.aee309c5c18-21.1

libndr0-32bit-4.6.16+git.124.aee309c5c18-21.1

libnetapi-devel-4.6.16+git.124.aee309c5c18-21.1

libnetapi0-4.6.16+git.124.aee309c5c18-21.1

libnetapi0-32bit-4.6.16+git.124.aee309c5c18-21.1

libsamba-credentials-devel-4.6.16+git.124.aee309c5c18-21.1

libsamba-credentials0-4.6.16+git.124.aee309c5c18-21.1

libsamba-credentials0-32bit-4.6.16+git.124.aee309c5c18-21.1

libsamba-errors-devel-4.6.16+git.124.aee309c5c18-21.1

libsamba-errors0-4.6.16+git.124.aee309c5c18-21.1

libsamba-errors0-32bit-4.6.16+git.124.aee309c5c18-21.1

libsamba-hostconfig-devel-4.6.16+git.124.aee309c5c18-21.1

libsamba-hostconfig0-4.6.16+git.124.aee309c5c18-21.1

libsamba-hostconfig0-32bit-4.6.16+git.124.aee309c5c18-21.1

libsamba-passdb-devel-4.6.16+git.124.aee309c5c18-21.1

libsamba-passdb0-4.6.16+git.124.aee309c5c18-21.1

libsamba-passdb0-32bit-4.6.16+git.124.aee309c5c18-21.1

libsamba-policy-devel-4.6.16+git.124.aee309c5c18-21.1

libsamba-policy0-4.6.16+git.124.aee309c5c18-21.1

libsamba-policy0-32bit-4.6.16+git.124.aee309c5c18-21.1

libsamba-util-devel-4.6.16+git.124.aee309c5c18-21.1

libsamba-util0-4.6.16+git.124.aee309c5c18-21.1

libsamba-util0-32bit-4.6.16+git.124.aee309c5c18-21.1

libsamdb-devel-4.6.16+git.124.aee309c5c18-21.1

libsamdb0-4.6.16+git.124.aee309c5c18-21.1

libsamdb0-32bit-4.6.16+git.124.aee309c5c18-21.1

libsmbclient-devel-4.6.16+git.124.aee309c5c18-21.1

libsmbclient0-4.6.16+git.124.aee309c5c18-21.1

libsmbclient0-32bit-4.6.16+git.124.aee309c5c18-21.1

libsmbconf-devel-4.6.16+git.124.aee309c5c18-21.1

libsmbconf0-4.6.16+git.124.aee309c5c18-21.1

libsmbconf0-32bit-4.6.16+git.124.aee309c5c18-21.1

libsmbldap-devel-4.6.16+git.124.aee309c5c18-21.1

libsmbldap0-4.6.16+git.124.aee309c5c18-21.1

libsmbldap0-32bit-4.6.16+git.124.aee309c5c18-21.1

libtevent-util-devel-4.6.16+git.124.aee309c5c18-21.1

libtevent-util0-4.6.16+git.124.aee309c5c18-21.1

libtevent-util0-32bit-4.6.16+git.124.aee309c5c18-21.1

libwbclient-devel-4.6.16+git.124.aee309c5c18-21.1

libwbclient0-4.6.16+git.124.aee309c5c18-21.1

libwbclient0-32bit-4.6.16+git.124.aee309c5c18-21.1

samba-4.6.16+git.124.aee309c5c18-21.1

samba-ceph-4.6.16+git.124.aee309c5c18-21.1

samba-client-4.6.16+git.124.aee309c5c18-21.1

samba-client-32bit-4.6.16+git.124.aee309c5c18-21.1

samba-core-devel-4.6.16+git.124.aee309c5c18-21.1

samba-doc-4.6.16+git.124.aee309c5c18-21.1

samba-libs-4.6.16+git.124.aee309c5c18-21.1

samba-libs-32bit-4.6.16+git.124.aee309c5c18-21.1

samba-pidl-4.6.16+git.124.aee309c5c18-21.1

samba-python-4.6.16+git.124.aee309c5c18-21.1

samba-test-4.6.16+git.124.aee309c5c18-21.1

samba-winbind-4.6.16+git.124.aee309c5c18-21.1

samba-winbind-32bit-4.6.16+git.124.aee309c5c18-21.1

Ссылки

https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00036.html
E-Mail link for openSUSE-SU-2018:3211-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.

Затронутые продукты

openSUSE Leap 42.3:ctdb-4.6.16+git.124.aee309c5c18-21.1

openSUSE Leap 42.3:ctdb-tests-4.6.16+git.124.aee309c5c18-21.1

openSUSE Leap 42.3:libdcerpc-binding0-32bit-4.6.16+git.124.aee309c5c18-21.1

openSUSE Leap 42.3:libdcerpc-binding0-4.6.16+git.124.aee309c5c18-21.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-10919.html
CVE-2018-10919
https://bugzilla.suse.com/1095057
SUSE Bug 1095057

openSUSE-SU-2018:3211-1

Описание

Список пакетов

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2018-10919

Описание

Затронутые продукты

Ссылки