Security update for samba
Announcement ID: | SUSE-SU-2017:2704-1 |
---|---|
Rating: | moderate |
References: | |
Cross-References: | |
CVSS scores: |
|
Affected Products: |
|
An update that solves three vulnerabilities and has one security fix can now be installed.
Description:
This update for samba fixes several issues.
These security issues were fixed:
- CVE-2017-12163: Prevent client short SMB1 write from writing server memory to file, leaking information from the server to the client (bsc#1058624).
- CVE-2017-12150: Always enforce smb signing when it is configured (bsc#1058622).
- CVE-2017-12151: Keep required encryption across SMB3 dfs redirects (bsc#1058565).
These non-security issues were fixed:
- Fixed error where short name length was read as 2 bytes, should be 1 (bsc#1042419)
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
SUSE Linux Enterprise High Availability Extension 12
zypper in -t patch SUSE-SLE-HA-12-2017-1678=1
-
SUSE Linux Enterprise Server for SAP Applications 12
zypper in -t patch SUSE-SLE-HA-12-2017-1678=1
-
SUSE Linux Enterprise Server 12 LTSS 12
zypper in -t patch SUSE-SLE-SERVER-12-2017-1678=1
Package List:
-
SUSE Linux Enterprise High Availability Extension 12 (s390x x86_64)
- ctdb-debuginfo-4.2.4-18.44.2
- ctdb-4.2.4-18.44.2
-
SUSE Linux Enterprise Server for SAP Applications 12 (x86_64)
- ctdb-debuginfo-4.2.4-18.44.2
- ctdb-4.2.4-18.44.2
-
SUSE Linux Enterprise Server 12 LTSS 12 (ppc64le s390x x86_64)
- samba-client-debuginfo-4.2.4-18.44.2
- libsamba-hostconfig0-4.2.4-18.44.2
- samba-winbind-debuginfo-4.2.4-18.44.2
- libndr-standard0-4.2.4-18.44.2
- libnetapi0-debuginfo-4.2.4-18.44.2
- samba-winbind-4.2.4-18.44.2
- libsamba-util0-4.2.4-18.44.2
- samba-4.2.4-18.44.2
- samba-debuginfo-4.2.4-18.44.2
- libgensec0-debuginfo-4.2.4-18.44.2
- libsmbldap0-4.2.4-18.44.2
- libsmbclient-raw0-4.2.4-18.44.2
- libtevent-util0-4.2.4-18.44.2
- libsamba-credentials0-debuginfo-4.2.4-18.44.2
- ctdb-debuginfo-4.2.4-18.44.2
- libndr-standard0-debuginfo-4.2.4-18.44.2
- libnetapi0-4.2.4-18.44.2
- libsamba-credentials0-4.2.4-18.44.2
- libsamba-hostconfig0-debuginfo-4.2.4-18.44.2
- libsmbclient-raw0-debuginfo-4.2.4-18.44.2
- libsmbldap0-debuginfo-4.2.4-18.44.2
- ctdb-4.2.4-18.44.2
- libndr-krb5pac0-debuginfo-4.2.4-18.44.2
- libdcerpc-binding0-4.2.4-18.44.2
- libsmbclient0-debuginfo-4.2.4-18.44.2
- samba-debugsource-4.2.4-18.44.2
- libregistry0-debuginfo-4.2.4-18.44.2
- libgensec0-4.2.4-18.44.2
- libsmbclient0-4.2.4-18.44.2
- samba-libs-debuginfo-4.2.4-18.44.2
- libdcerpc0-4.2.4-18.44.2
- libdcerpc0-debuginfo-4.2.4-18.44.2
- libndr-nbt0-debuginfo-4.2.4-18.44.2
- libsamdb0-debuginfo-4.2.4-18.44.2
- libsmbconf0-4.2.4-18.44.2
- samba-client-4.2.4-18.44.2
- libsamba-util0-debuginfo-4.2.4-18.44.2
- libndr-krb5pac0-4.2.4-18.44.2
- libsamba-passdb0-4.2.4-18.44.2
- libsamba-passdb0-debuginfo-4.2.4-18.44.2
- libtevent-util0-debuginfo-4.2.4-18.44.2
- libwbclient0-4.2.4-18.44.2
- libndr-nbt0-4.2.4-18.44.2
- libndr0-4.2.4-18.44.2
- samba-libs-4.2.4-18.44.2
- libdcerpc-binding0-debuginfo-4.2.4-18.44.2
- libwbclient0-debuginfo-4.2.4-18.44.2
- libsmbconf0-debuginfo-4.2.4-18.44.2
- libndr0-debuginfo-4.2.4-18.44.2
- libsamdb0-4.2.4-18.44.2
- libregistry0-4.2.4-18.44.2
-
SUSE Linux Enterprise Server 12 LTSS 12 (noarch)
- samba-doc-4.2.4-18.44.2
-
SUSE Linux Enterprise Server 12 LTSS 12 (s390x x86_64)
- libnetapi0-debuginfo-32bit-4.2.4-18.44.2
- libsmbclient-raw0-debuginfo-32bit-4.2.4-18.44.2
- libndr0-debuginfo-32bit-4.2.4-18.44.2
- libsmbconf0-debuginfo-32bit-4.2.4-18.44.2
- samba-winbind-32bit-4.2.4-18.44.2
- libsmbldap0-debuginfo-32bit-4.2.4-18.44.2
- libwbclient0-32bit-4.2.4-18.44.2
- libgensec0-32bit-4.2.4-18.44.2
- libnetapi0-32bit-4.2.4-18.44.2
- libsmbclient0-32bit-4.2.4-18.44.2
- libtevent-util0-debuginfo-32bit-4.2.4-18.44.2
- samba-client-debuginfo-32bit-4.2.4-18.44.2
- libsamba-credentials0-32bit-4.2.4-18.44.2
- libwbclient0-debuginfo-32bit-4.2.4-18.44.2
- libdcerpc-binding0-32bit-4.2.4-18.44.2
- libgensec0-debuginfo-32bit-4.2.4-18.44.2
- libndr-standard0-debuginfo-32bit-4.2.4-18.44.2
- libdcerpc0-debuginfo-32bit-4.2.4-18.44.2
- samba-winbind-debuginfo-32bit-4.2.4-18.44.2
- libndr-nbt0-debuginfo-32bit-4.2.4-18.44.2
- samba-debuginfo-32bit-4.2.4-18.44.2
- libsmbclient-raw0-32bit-4.2.4-18.44.2
- libsamdb0-debuginfo-32bit-4.2.4-18.44.2
- libsmbconf0-32bit-4.2.4-18.44.2
- libdcerpc-binding0-debuginfo-32bit-4.2.4-18.44.2
- libsamba-util0-debuginfo-32bit-4.2.4-18.44.2
- libsamba-util0-32bit-4.2.4-18.44.2
- libndr-krb5pac0-debuginfo-32bit-4.2.4-18.44.2
- libndr-nbt0-32bit-4.2.4-18.44.2
- libndr-krb5pac0-32bit-4.2.4-18.44.2
- libsamba-credentials0-debuginfo-32bit-4.2.4-18.44.2
- libsmbldap0-32bit-4.2.4-18.44.2
- libsamba-hostconfig0-32bit-4.2.4-18.44.2
- libndr0-32bit-4.2.4-18.44.2
- libndr-standard0-32bit-4.2.4-18.44.2
- samba-libs-32bit-4.2.4-18.44.2
- libsamba-passdb0-debuginfo-32bit-4.2.4-18.44.2
- libsamdb0-32bit-4.2.4-18.44.2
- samba-client-32bit-4.2.4-18.44.2
- samba-libs-debuginfo-32bit-4.2.4-18.44.2
- libdcerpc0-32bit-4.2.4-18.44.2
- libtevent-util0-32bit-4.2.4-18.44.2
- libsamba-passdb0-32bit-4.2.4-18.44.2
- libsmbclient0-debuginfo-32bit-4.2.4-18.44.2
- samba-32bit-4.2.4-18.44.2
- libsamba-hostconfig0-debuginfo-32bit-4.2.4-18.44.2
References:
- https://www.suse.com/security/cve/CVE-2017-12150.html
- https://www.suse.com/security/cve/CVE-2017-12151.html
- https://www.suse.com/security/cve/CVE-2017-12163.html
- https://bugzilla.suse.com/show_bug.cgi?id=1042419
- https://bugzilla.suse.com/show_bug.cgi?id=1058565
- https://bugzilla.suse.com/show_bug.cgi?id=1058622
- https://bugzilla.suse.com/show_bug.cgi?id=1058624