- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LUB
==========================================================================
Ubuntu Security Notice USN-4341-2
April 29, 2020
samba vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 14.04 ESM
Summary:
Samba could be made to consume resources if it received a specially
crafted LDAP query.
Software Description:
– samba: SMB/CIFS file, print, and login server for Unix
Details:
USN-4341-1 fixed a vulnerability in Samba. This update provides
the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that Samba incorrectly handled certain LDAP queries. A
remote attacker could possibly use this issue to cause Samba to consume
resources, resulting in a denial of service. (CVE-2020-10704)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 ESM:
samba 2:4.3.11+dfsg-0ubuntu0.14.04.20+esm6
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4341-2
https://usn.ubuntu.com/4341-1
CVE-2020-10704
—–BEGIN PGP SIGNATURE—–
iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl6pt2MACgkQRbznW4QL
H2mG2A/8CW8KGF8R4/u/jG3ShAd2+BEfec5obU/pC8xh1TJrXtdz+x4kXDg0WZ+3
rOKSIDhTuzr1lwzVu3NvpjjQB1lET+kWJVcsu+3uXoKC3XYHVCLFurY4dobnO2co
61fZyUq3vKVEGoAfdvR174Kz0qsIqOLXw5b8PYe4SuGpDn4XaoyAXB/Le4jambQG
LDMfzrgqvDPjHCChSBwPGs95KP0WWYUVd53AKQowSAWZW7if2Tu2J1+p9Ox0SobW
meTG9qD35bHlnSYkb3PUXOiuPzq/apTKf3tIk1QM33G+fXEs79nGqrmg3/kZn5Nf
97e+oep/gTCI1BJQVhbtuyvLORrM6vHjBLD8Oh0Gz+YEvtnFcwF6XRd9UResXtUm
hA24dRD4NCym28ZTXNXHuYGL2tB9EkHuAMc/t+RaNKaVgsxmXeWGNedg5EJSJ7B3
2d1o4LUeJrVnM/DS+pGCvVUU3htjONFH95pHQx+a7M9e019iu6p28wJzrsiR+qxi
CjjUddA/BLjxqhGrlhrxHhks1Q80pvoN5SlSHYVLiQtEAbfiwy3gsoPMoQZRGyDK
9sd1AbOG/w8CGF/4p3veY1O+lXNQ3x5gmolOWMnnt0JH5Jd61TV9LPZnFlz88Gsl
9yQcjPEsvW6QJra4StN0nkJvnsnLxEzLb31G3fMhBvKYRW2266U=
=PEmQ
—–END PGP SIGNATURE—–
—
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
==========================================================================
Ubuntu Security Notice USN-4341-3
April 29, 2020
samba regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 16.04 LTS
Summary:
USN-4341-1 introduced a regression in Samba.
Software Description:
– samba: SMB/CIFS file, print, and login server for Unix
Details:
USN-4341-1 fixed vulnerabilities in Samba. The updated packages for
Ubuntu 16.04 LTS introduced a regression when using LDAP. This update fixes
the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that Samba incorrectly handled certain LDAP queries. A
remote attacker could possibly use this issue to cause Samba to consume
resources, resulting in a denial of service. (CVE-2020-10704)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
samba 2:4.3.11+dfsg-0ubuntu0.16.04.27
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4341-3
https://usn.ubuntu.com/4341-1
https://launchpad.net/bugs/1875798
Package Information:
https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.27
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl6pmB0ACgkQZWnYVadE
vpM+kg/+PUYEmkKl4XtvZ7gvG1F6IKwY8VaVg5gDGOpV4UhBXwY/qajYmMLVyNoy
p9sABjnpEEZBVKavQle5Nf+w6LPa94CffK4bYdt5oJihGa2No3cKzqLX8LTqO+qV
CZ4mWSvYN3GucHxiKbL1JvneYe7I6WnO9BbAIo+YEeoT7Abc2paUk5u+1iDeukvx
yTt+ZKU+xqjCsPI5eUeE0N42oz8zdiQuZ44mBXQo2/QybYOFvJ+m/9hmFn3CxNB3
dxN3PD9ePZ5qrIILHJA3n9eRe/vuv+pdJpO4/De5KSAJ4lb5D0kKaQRSGdnV3hGa
5HQO9RItni+cn/pcJzBpC87Znsc/W31iT9Cmo3vvEXEUWDgHwkmby/3Dhu6Aety0
5sDNoxYiKSCuuHlFdWghZ7LzY9mO9WNhNsjHl8UMobPVmtuw8rSMIq7OcMMRCVxz
CzHrBgXeWB/Hb1pkHmPhnAWJ30IRsFpnQahpHZS9eOHnypzh+eZlb4PTerq+zHVC
380klvVT0on9LigiPN9zB/48ZPxv47/3KQD0//gFaZnTIJbgp8j34GVuN9hshaqM
CUe9V/Oj06uBHEqzKQuVwSIc+BMOWRUrvTyeM32rf5GJdWXoenUQ9x9jGqLKMMZC
u3npb9c9aDOFyzHJ08F97yW431c/I5y4qQFlkJVPQxF66gbo0kk=
=LcOY
—–END PGP SIGNATURE—–
—
| Autor | Vlatka Misic |
| Cert id | NCERT-REF-2020-04-0001-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | Adobe |
