[SECURITY] [DSA 4513-1] samba security update

2019-09-0321:22:40

lists.debian.org

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

JSON

Debian Security Advisory DSA-4513-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
September 03, 2019 https://www.debian.org/security/faq

Package : samba
CVE ID : CVE-2019-10197

Stefan Metzmacher discovered a flaw in Samba, a SMB/CIFS file, print,
and login server for Unix. Specific combinations of parameters and
permissions can allow user to escape from the share path definition and
see the complete '/' filesystem. Unix permission checks in the kernel
are still enforced.

Details can be found in the upstream advisory at
https://www.samba.org/samba/security/CVE-2019-10197.html

For the stable distribution (buster), this problem has been fixed in
version 2:4.9.5+dfsg-5+deb10u1.

We recommend that you upgrade your samba packages.

For the detailed security status of samba please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/samba

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian10mips64ellibparse-pidl-perl< 4.9.5+dfsg-5+deb10u1+really0.02libparse-pidl-perl_4.9.5+dfsg-5+deb10u1+really0.02_mips64el.deb
Debian10mipslibwbclient-dev< 4.9.5+dfsg-5+deb10u1libwbclient-dev_4.9.5+dfsg-5+deb10u1_mips.deb
Debian10mips64elpython-samba< 4.9.5+dfsg-5+deb10u1python-samba_4.9.5+dfsg-5+deb10u1_mips64el.deb
Debian10mipselsamba-dsdb-modules< 4.9.5+dfsg-5+deb10u1samba-dsdb-modules_4.9.5+dfsg-5+deb10u1_mipsel.deb
Debian10armhflibnss-winbind< 4.9.5+dfsg-5+deb10u1libnss-winbind_4.9.5+dfsg-5+deb10u1_armhf.deb
Debian10mips64elsamba-common-bin< 4.9.5+dfsg-5+deb10u1samba-common-bin_4.9.5+dfsg-5+deb10u1_mips64el.deb
Debian10s390xlibparse-pidl-perl< 4.9.5+dfsg-5+deb10u1+really0.02libparse-pidl-perl_4.9.5+dfsg-5+deb10u1+really0.02_s390x.deb
Debian10i386samba-vfs-modules< 4.9.5+dfsg-5+deb10u1samba-vfs-modules_4.9.5+dfsg-5+deb10u1_i386.deb
Debian10ppc64elsamba-testsuite< 4.9.5+dfsg-5+deb10u1samba-testsuite_4.9.5+dfsg-5+deb10u1_ppc64el.deb
Debian10i386samba-libs< 4.9.5+dfsg-5+deb10u1samba-libs_4.9.5+dfsg-5+deb10u1_i386.deb

OS	Version	Architecture	Package	Version	Filename
Debian	10	mips64el	libparse-pidl-perl	< 4.9.5+dfsg-5+deb10u1+really0.02	libparse-pidl-perl_4.9.5+dfsg-5+deb10u1+really0.02_mips64el.deb
Debian	10	mips	libwbclient-dev	< 4.9.5+dfsg-5+deb10u1	libwbclient-dev_4.9.5+dfsg-5+deb10u1_mips.deb
Debian	10	mips64el	python-samba	< 4.9.5+dfsg-5+deb10u1	python-samba_4.9.5+dfsg-5+deb10u1_mips64el.deb
Debian	10	mipsel	samba-dsdb-modules	< 4.9.5+dfsg-5+deb10u1	samba-dsdb-modules_4.9.5+dfsg-5+deb10u1_mipsel.deb
Debian	10	armhf	libnss-winbind	< 4.9.5+dfsg-5+deb10u1	libnss-winbind_4.9.5+dfsg-5+deb10u1_armhf.deb
Debian	10	mips64el	samba-common-bin	< 4.9.5+dfsg-5+deb10u1	samba-common-bin_4.9.5+dfsg-5+deb10u1_mips64el.deb
Debian	10	s390x	libparse-pidl-perl	< 4.9.5+dfsg-5+deb10u1+really0.02	libparse-pidl-perl_4.9.5+dfsg-5+deb10u1+really0.02_s390x.deb
Debian	10	i386	samba-vfs-modules	< 4.9.5+dfsg-5+deb10u1	samba-vfs-modules_4.9.5+dfsg-5+deb10u1_i386.deb
Debian	10	ppc64el	samba-testsuite	< 4.9.5+dfsg-5+deb10u1	samba-testsuite_4.9.5+dfsg-5+deb10u1_ppc64el.deb
Debian	10	i386	samba-libs	< 4.9.5+dfsg-5+deb10u1	samba-libs_4.9.5+dfsg-5+deb10u1_i386.deb