2 matches found
SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2020:3092-1)
This update for samba fixes the following issues : CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records bsc1177613. CVE-2020-14323: Unprivileged user can crash winbind bsc1173994. CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify bsc1173902...
SMB1/2/3 connections may not require signing where they should
Description There are several code paths where the code doesn't enforce SMB signing: The fixes for CVE-2015-5296 didn't apply the implied signing protection when enforcing encryption for commands like 'smb2mount -e', 'smbcacls -e' and 'smbcquotas -e'. The python binding exported as...