SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2018:1687-1)

"Samba was updated to 4.6.14, fixing bugs and security issues: Version update to 4.6.14 bsc1093664 : + vfsceph: add fake async pwrite/pread send/recv hooks; bso13425. + Fix memory leak in vfsceph; bso13424. + winbind: avoid using fstrcpydcname,... in dualinitconnection; bso13294. + s3:smb2server:...

SUSE-SU-2017:3086-1 Security update for samba

This update for samba fixes the following issues: Security issues fixed: - CVE-2017-14746: Fixed a use-after-free vulnerability that could be used to crash smbd or potentially execute code bsc1060427. - CVE-2017-15275: Fixed a server heap memory information leak bsc1063008. Non-security issues...

openSUSE Security Update : samba (openSUSE-2017-1146)

This update for samba fixes several issues. These security issues were fixed : - CVE-2017-12163: Prevent client short SMB1 write from writing server memory to file, leaking information from the server to the client bsc1058624. - CVE-2017-12150: Always enforce smb signing when it is configured...

libsmbclient, samba security update

CentOS Errata and Security Advisory CESA-2017:2789 An update for samba is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

openSUSE Security Update : samba (openSUSE-2017-437)

"This update for samba fixes the following issues : Security issues fixed : - CVE-2017-2619: Symlink race permits opening files outside share directory bsc1027147. Bugfixes : - Force usage of ncurses6-config thru NCURSESCONFIG env var bsc1023847. - Add missing ldb module directory bsc1012092. -...

openSUSE Security Update : samba (openSUSE-2017-439)

"This update for samba fixes the following issues : Security issues fixed : - CVE-2017-2619: Symlink race permits opening files outside share directory bsc1027147. Bugfixes : - Don't package man pages for VFS modules that aren't built bsc993707. - syncreq: make asyncconnectsend 'reentrant';...

SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2017:0858-1)

"This update for samba fixes the following issues: Security issues fixed : - CVE-2017-2619: Symlink race permits opening files outside share directory bsc1027147. Bugfixes : - Force usage of ncurses6-config thru NCURSESCONFIG env var bsc1023847. - Add missing ldb module directory bsc1012092. -...

SUSE-SU-2017:0862-1 Security update for samba

This update for samba fixes the following issues: Security issues fixed: - CVE-2017-2619: Symlink race permits opening files outside share directory bsc1027147. Bugfixes: - Don't package man pages for VFS modules that aren't built bsc993707. - syncreq: make asyncconnectsend 'reentrant'; bso12105;...

SUSE-SU-2017:0859-1 Security update for samba

This update for samba fixes the following issues: Security issues fixed: - CVE-2017-2619: Symlink race permits opening files outside share directory bsc1027147. Bugfixes: - Don't package man pages for VFS modules that aren't built bsc993707. - syncreq: make asyncconnectsend 'reentrant'; bso12105;...

SUSE-SU-2017:0858-1 Security update for samba

This update for samba fixes the following issues: Security issues fixed: - CVE-2017-2619: Symlink race permits opening files outside share directory bsc1027147. Bugfixes: - Force usage of ncurses6-config thru NCURSESCONFIG env var bsc1023847. - Add missing ldb module directory bsc1012092. - Don't...

SUSE-SU-2016:3299-1 Security update for samba

This update for samba fixes the following issues: Security issues fixed: - CVE-2016-2125: Don't send delegated credentials to all servers. bsc1014441. - CVE-2016-2126: Denial of service due to a client triggered crash in the winbindd parent process. bsc1014442. - CVE-2016-2123: Heap-based Buffer...

SUSE-SU-2016:2570-1 Security update for samba

This update for samba provides the following fix: Following security issue was fixed: - CVE-2016-2119: Prevent client-side SMB2 signing downgrade. bsc986869 Also the following bugs were fixed: - Fix possible ctdb crash when opening sockets with htonsIPPROTORAW. bsc969522 - Honor smb.conf socket...

openSUSE Security Update : samba (openSUSE-2016-1111)

This update for samba provides the following fixes : - CVE-2016-2119: Prevent client-side SMB2 signing downgrade. bsc986869 - Fix possible ctdb crash when opening sockets with htonsIPPROTORAW. bsc969522 - Honor smb.conf socket options in winbind. bsc975131 - Fix ntlm-auth segmentation fault with...

SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2016:2306-1)

This update for samba provides the following fixes : - CVE-2016-2119: Prevent client-side SMB2 signing downgrade. bsc986869 - Fix possible ctdb crash when opening sockets with htonsIPPROTORAW. bsc969522 - Honor smb.conf socket options in winbind. bsc975131 - Fix ntlm-auth segmentation fault with...

SUSE-SU-2016:2306-1 Security update for samba

This update for samba provides the following fixes: - CVE-2016-2119: Prevent client-side SMB2 signing downgrade. bsc986869 - Fix possible ctdb crash when opening sockets with htonsIPPROTORAW. bsc969522 - Honor smb.conf socket options in winbind. bsc975131 - Fix ntlm-auth segmentation fault with...

The vulnerability of Samba software allows a remote attacker to compromise the confidentiality and integrity of protected information.

A vulnerability exists in the winbindnamelisttosidstringlist function in nsswitch/pamwinbind.c of Samba, due to the handling of incorrect group names like requiremembershipof. This allows authentication for any user. Exploiting this vulnerability enables remote users to circumvent access...

SUSE SLES11 Security Update : samba (SUSE-SU-2016:0905-1)

"This update for samba fixes the following issues : Security issue fixed : - CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link target; bso11648 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

Security update for samba (important)

This update for the samba server fixes the following issues: Security issue fixed: - CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link target; bso11648; bsc968222. Other bugs fixed: - Enable clustering CTDB support; bsc966271. - s3: smbd: Fix timestamp...

SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2016:0816-1)

"This update for the samba server fixes the following issues : Security issue fixed : - CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link target; bso11648 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2016:0814-1)

"This update for samba fixes the following issues : - CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link target. bso11648 bsc968222 Also the following bugs were fixed : - Add quotes around path of update-apparmor-samba-profile; bsc962177. - Prevent access...