Sigurnosni nedostaci programskog paketa samba

Preporuke

by - 2. studenoga 2020.0

Detalji os-a: WN7
Važnost: IMP
Operativni sustavi: L
Kategorije: LSU

openSUSE Security Update: Security update for samba
______________________________________________________________________________

Announcement ID: openSUSE-SU-2020:1819-1
Rating: important
References: #1173902 #1173994 #1177613
Cross-References: CVE-2020-14318 CVE-2020-14323 CVE-2020-14383

Affected Products:
openSUSE Leap 15.2
______________________________________________________________________________

An update that fixes three vulnerabilities is now available.

Description:

This update for samba fixes the following issues:

Update to samba 4.11.14

– CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with
easily crafted records (bsc#1177613).
– CVE-2020-14323: Unprivileged user can crash winbind (bsc#1173994).
– CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify
(bsc#1173902).
– lib/util: Do not install /usr/bin/test_util
– smbd: don’t log success as error
– idmap_ad does not deal properly with a RFC4511 section 4.4.1 response;
– winbind: Fix a memleak
– idmap_ad: Pass tldap debug messages on to DEBUG()
– lib/replace: Move lib/replace/closefrom.c from ROKEN_HOSTCC_SOURCE to
REPLACE_HOSTCC_SOURCE
– ctdb disable/enable can fail due to race condition

This update was imported from the SUSE:SLE-15-SP2:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

– openSUSE Leap 15.2:

zypper in -t patch openSUSE-2020-1819=1

Package List:

– openSUSE Leap 15.2 (i586 x86_64):

ctdb-4.11.14+git.202.344b137b75d-lp152.3.16.1
ctdb-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
ctdb-pcp-pmda-4.11.14+git.202.344b137b75d-lp152.3.16.1
ctdb-pcp-pmda-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
ctdb-tests-4.11.14+git.202.344b137b75d-lp152.3.16.1
ctdb-tests-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libdcerpc-binding0-4.11.14+git.202.344b137b75d-lp152.3.16.1
libdcerpc-binding0-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libdcerpc-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
libdcerpc-samr-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
libdcerpc-samr0-4.11.14+git.202.344b137b75d-lp152.3.16.1
libdcerpc-samr0-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libdcerpc0-4.11.14+git.202.344b137b75d-lp152.3.16.1
libdcerpc0-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libndr-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
libndr-krb5pac-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
libndr-krb5pac0-4.11.14+git.202.344b137b75d-lp152.3.16.1
libndr-krb5pac0-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libndr-nbt-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
libndr-nbt0-4.11.14+git.202.344b137b75d-lp152.3.16.1
libndr-nbt0-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libndr-standard-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
libndr-standard0-4.11.14+git.202.344b137b75d-lp152.3.16.1
libndr-standard0-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libndr0-4.11.14+git.202.344b137b75d-lp152.3.16.1
libndr0-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libnetapi-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
libnetapi0-4.11.14+git.202.344b137b75d-lp152.3.16.1
libnetapi0-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-credentials-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-credentials0-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-credentials0-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-errors-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-errors0-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-errors0-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-hostconfig-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-hostconfig0-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-hostconfig0-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-passdb-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-passdb0-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-passdb0-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-policy-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-policy-python3-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-policy0-python3-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-policy0-python3-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-util-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-util0-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-util0-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamdb-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamdb0-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamdb0-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsmbclient-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsmbclient0-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsmbclient0-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsmbconf-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsmbconf0-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsmbconf0-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsmbldap-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsmbldap2-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsmbldap2-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libtevent-util-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
libtevent-util0-4.11.14+git.202.344b137b75d-lp152.3.16.1
libtevent-util0-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libwbclient-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
libwbclient0-4.11.14+git.202.344b137b75d-lp152.3.16.1
libwbclient0-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-ad-dc-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-ad-dc-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-client-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-client-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-core-devel-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-debugsource-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-dsdb-modules-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-dsdb-modules-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-libs-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-libs-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-libs-python3-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-libs-python3-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-python3-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-python3-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-test-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-test-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-winbind-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-winbind-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1

– openSUSE Leap 15.2 (noarch):

samba-doc-4.11.14+git.202.344b137b75d-lp152.3.16.1

– openSUSE Leap 15.2 (x86_64):

libdcerpc-binding0-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libdcerpc-binding0-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libdcerpc-samr0-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libdcerpc-samr0-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libdcerpc0-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libdcerpc0-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libndr-krb5pac0-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libndr-krb5pac0-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libndr-nbt0-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libndr-nbt0-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libndr-standard0-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libndr-standard0-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libndr0-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libndr0-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libnetapi-devel-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libnetapi0-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libnetapi0-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-credentials0-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-credentials0-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-errors0-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-errors0-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-hostconfig0-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-hostconfig0-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-passdb0-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-passdb0-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-policy0-python3-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-policy0-python3-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-util0-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamba-util0-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamdb0-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsamdb0-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsmbclient0-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsmbclient0-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsmbconf0-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsmbconf0-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsmbldap2-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libsmbldap2-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libtevent-util0-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libtevent-util0-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
libwbclient0-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
libwbclient0-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-ad-dc-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-ad-dc-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-ceph-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-ceph-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-client-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-client-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-libs-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-libs-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-libs-python3-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-libs-python3-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-winbind-32bit-4.11.14+git.202.344b137b75d-lp152.3.16.1
samba-winbind-32bit-debuginfo-4.11.14+git.202.344b137b75d-lp152.3.16.1

References:

https://protect2.fireeye.com/v1/url?k=22e6f1cd-7d7aebd3-22e16c01-000babd90757-33ec2b1cc474011d&q=1&e=fd6a0f48-f8bf-48b2-9056-895d9042205d&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-14318.html
https://protect2.fireeye.com/v1/url?k=1c03db4b-439fc155-1c044687-000babd90757-95ddc6fd27870a0a&q=1&e=fd6a0f48-f8bf-48b2-9056-895d9042205d&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-14323.html
https://protect2.fireeye.com/v1/url?k=172fda2e-48b3c030-172847e2-000babd90757-73080db22b98aa10&q=1&e=fd6a0f48-f8bf-48b2-9056-895d9042205d&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-14383.html
https://protect2.fireeye.com/v1/url?k=baafcca8-e533d6b6-baa85164-000babd90757-bf51f8e839d2caa2&q=1&e=fd6a0f48-f8bf-48b2-9056-895d9042205d&u=https%3A%2F%2Fbugzilla.suse.com%2F1173902
https://protect2.fireeye.com/v1/url?k=2e9c6a03-7100701d-2e9bf7cf-000babd90757-64cf8eae499ba6ab&q=1&e=fd6a0f48-f8bf-48b2-9056-895d9042205d&u=https%3A%2F%2Fbugzilla.suse.com%2F1173994
https://protect2.fireeye.com/v1/url?k=34e37efe-6b7f64e0-34e4e332-000babd90757-0357f0c9790cc360&q=1&e=fd6a0f48-f8bf-48b2-9056-895d9042205d&u=https%3A%2F%2Fbugzilla.suse.com%2F1177613

—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

Autor	Bruno Varga
Cert id	NCERT-REF-2020-11-0001-ADV
Cve	CERT-CVE-DUMMY
ID izvornika	CERT-ORIGID-DUMMY
Proizvod	CERT-DUMMY-PRODUCT
Izvor	Adobe

Sigurnosni nedostaci programskog paketa samba

Archives

More in Preporuke

Sigurnosni nedostatak programskog paketa singularity