Lucene search

K
suseSuseOPENSUSE-SU-2019:2458-1
HistoryNov 09, 2019 - 12:00 a.m.

Security update for samba (important)

2019-11-0900:00:00
lists.opensuse.org
177
samba
security update
vulnerabilities
fixes
ldap
path separators
password script
vfs_ceph
mac os x
smb2
libcephfs
posix acl
ftruncate
fallocate
opensuse leap 15.0
zypper patch

EPSS

0.003

Percentile

71.6%

An update that solves three vulnerabilities and has four
fixes is now available.

Description:

This update for samba fixes the following issues:

Security issues fixed:

  • CVE-2019-14847: User with “get changes” permission can crash AD DC LDAP
    server via dirsync (bsc#1154598).
  • CVE-2019-10218: Client code can return filenames containing path
    separators (bsc#1144902).
  • CVE-2019-14833: Fixed Accent with “check script password” where the
    Samba AD DC check password script does not receive the full password
    (bsc#1154289).

Other issues fixed:

  • Fix vfs_ceph realpath (bsc#1134452).
  • MacOS credit accounting breaks with async SESSION SETUP (bsc#1125601).
  • Mac OS X SMB2 implmenetation sees Input/output error or Resource
    temporarily unavailable and drops connection
  • Explicitly enable libcephfs POSIX ACL support (bsc#1130245).
  • Fix vfs_ceph ftruncate and fallocate handling (bsc#1127153). This update
    was imported from the SUSE:SLE-15:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.0:

    zypper in -t patch openSUSE-2019-2458=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.0i586< - openSUSE Leap 15.0 (i586 x86_64):- openSUSE Leap 15.0 (i586 x86_64):.i586.rpm
openSUSE Leap15.0x86_64< - openSUSE Leap 15.0 (i586 x86_64):- openSUSE Leap 15.0 (i586 x86_64):.x86_64.rpm
openSUSE Leap15.0x86_64< - openSUSE Leap 15.0 (x86_64):- openSUSE Leap 15.0 (x86_64):.x86_64.rpm
openSUSE Leap15.0noarch< - openSUSE Leap 15.0 (noarch):- openSUSE Leap 15.0 (noarch):.noarch.rpm