openSUSE-SU-2020:0601-1

Опубликовано: 02 мая 2020

Источник: suse-cvrf

Описание

Security update for samba

This update for samba fixes the following issues:

Security issue fixed:

CVE-2020-10704: Fixed a stack overflow in the AD DC (C)LDAP server (bsc#1169851).

Non-security issues fixed:

Fixed spnego fallback from kerberos to ntlmssp in smbd server (bsc#1169473).
Fixed warning messages for non root users using smbclient (bsc#1167070).

This update was imported from the SUSE:SLE-15-SP1:Update update project.

Список пакетов

openSUSE Leap 15.1

ctdb-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

ctdb-pcp-pmda-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

ctdb-tests-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libdcerpc-binding0-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libdcerpc-binding0-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libdcerpc-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libdcerpc-samr-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libdcerpc-samr0-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libdcerpc-samr0-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libdcerpc0-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libdcerpc0-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libndr-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libndr-krb5pac-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libndr-krb5pac0-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libndr-krb5pac0-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libndr-nbt-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libndr-nbt0-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libndr-nbt0-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libndr-standard-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libndr-standard0-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libndr-standard0-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libndr0-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libndr0-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libnetapi-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libnetapi0-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libnetapi0-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-credentials-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-credentials0-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-credentials0-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-errors-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-errors0-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-errors0-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-hostconfig-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-hostconfig0-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-hostconfig0-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-passdb-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-passdb0-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-passdb0-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-policy-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-policy-python-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-policy-python3-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-policy0-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-policy0-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-policy0-python3-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-policy0-python3-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-util-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-util0-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamba-util0-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamdb-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamdb0-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsamdb0-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsmbclient-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsmbclient0-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsmbclient0-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsmbconf-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsmbconf0-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsmbconf0-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsmbldap-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsmbldap2-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libsmbldap2-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libtevent-util-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libtevent-util0-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libtevent-util0-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libwbclient-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libwbclient0-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

libwbclient0-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-ad-dc-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-ad-dc-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-ceph-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-client-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-client-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-core-devel-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-doc-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-dsdb-modules-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-libs-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-libs-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-libs-python-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-libs-python-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-libs-python3-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-libs-python3-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-pidl-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-python-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-python3-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-test-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-winbind-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

samba-winbind-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/I36TBKFL56EEB5NLND6G4XVHBEVSR6PU/
E-Mail link for openSUSE-SU-2020:0601-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1167070
SUSE Bug 1167070
https://bugzilla.suse.com/1169473
SUSE Bug 1169473
https://bugzilla.suse.com/1169851
SUSE Bug 1169851
https://www.suse.com/security/cve/CVE-2020-10704/
SUSE CVE CVE-2020-10704 page

Описание

A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from this vulnerability is to system availability. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.

Затронутые продукты

openSUSE Leap 15.1:ctdb-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

openSUSE Leap 15.1:ctdb-pcp-pmda-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

openSUSE Leap 15.1:ctdb-tests-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

openSUSE Leap 15.1:libdcerpc-binding0-32bit-4.9.5+git.317.6d82fb3918b-lp151.2.24.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-10704.html
CVE-2020-10704
https://bugzilla.suse.com/1169851
SUSE Bug 1169851
https://bugzilla.suse.com/1170771
SUSE Bug 1170771

openSUSE-SU-2020:0601-1

Описание

Список пакетов

openSUSE Leap 15.1

Ссылки

Уязвимость: CVE-2020-10704

Описание

Затронутые продукты

Ссылки