(RHSA-2020:1878) Moderate: samba security, bug fix, and enhancement update

2020-04-2809:26:30

access.redhat.com

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS

0.006

Percentile

78.8%

JSON

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.

The following packages have been upgraded to a later upstream version: samba (4.11.2). (BZ#1754409)

Security Fix(es):

samba: Combination of parameters and permissions can allow user to escape from the share path definition (CVE-2019-10197)
samba: smb client vulnerable to filenames containing path separators (CVE-2019-10218)
samba: Crash after failed character conversion at log level 3 or above (CVE-2019-14907)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
RedHat8ppc64lesamba-test-libs-debuginfo< 4.11.2-13.el8samba-test-libs-debuginfo-4.11.2-13.el8.ppc64le.rpm
RedHat8s390xctdb< 4.11.2-13.el8ctdb-4.11.2-13.el8.s390x.rpm
RedHat8aarch64openchange-client-debuginfo< 2.3-24.el8openchange-client-debuginfo-2.3-24.el8.aarch64.rpm
RedHat8s390xctdb-tests< 4.11.2-13.el8ctdb-tests-4.11.2-13.el8.s390x.rpm
RedHat8i686openchange-debugsource< 2.3-24.el8openchange-debugsource-2.3-24.el8.i686.rpm
RedHat8aarch64samba-winbind-clients< 4.11.2-13.el8samba-winbind-clients-4.11.2-13.el8.aarch64.rpm
RedHat8x86_64libsmbclient-devel< 4.11.2-13.el8libsmbclient-devel-4.11.2-13.el8.x86_64.rpm
RedHat8aarch64samba-winbind-debuginfo< 4.11.2-13.el8samba-winbind-debuginfo-4.11.2-13.el8.aarch64.rpm
RedHat8aarch64samba-client-debuginfo< 4.11.2-13.el8samba-client-debuginfo-4.11.2-13.el8.aarch64.rpm
RedHat8s390xlibsmbclient< 4.11.2-13.el8libsmbclient-4.11.2-13.el8.s390x.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	ppc64le	samba-test-libs-debuginfo	< 4.11.2-13.el8	samba-test-libs-debuginfo-4.11.2-13.el8.ppc64le.rpm
RedHat	8	s390x	ctdb	< 4.11.2-13.el8	ctdb-4.11.2-13.el8.s390x.rpm
RedHat	8	aarch64	openchange-client-debuginfo	< 2.3-24.el8	openchange-client-debuginfo-2.3-24.el8.aarch64.rpm
RedHat	8	s390x	ctdb-tests	< 4.11.2-13.el8	ctdb-tests-4.11.2-13.el8.s390x.rpm
RedHat	8	i686	openchange-debugsource	< 2.3-24.el8	openchange-debugsource-2.3-24.el8.i686.rpm
RedHat	8	aarch64	samba-winbind-clients	< 4.11.2-13.el8	samba-winbind-clients-4.11.2-13.el8.aarch64.rpm
RedHat	8	x86_64	libsmbclient-devel	< 4.11.2-13.el8	libsmbclient-devel-4.11.2-13.el8.x86_64.rpm
RedHat	8	aarch64	samba-winbind-debuginfo	< 4.11.2-13.el8	samba-winbind-debuginfo-4.11.2-13.el8.aarch64.rpm
RedHat	8	aarch64	samba-client-debuginfo	< 4.11.2-13.el8	samba-client-debuginfo-4.11.2-13.el8.aarch64.rpm
RedHat	8	s390x	libsmbclient	< 4.11.2-13.el8	libsmbclient-4.11.2-13.el8.s390x.rpm