Security update for Samba (important)

2013-03-2215:04:30

lists.opensuse.org

0.042 Low

EPSS

Percentile

91.3%

JSON

The Samba Web Administration Tool (SWAT) in Samba versions
3.0.x to 4.0.1 was affected by a cross-site request
forgery; CVE-2013-0214; (bnc#799641).

The Samba Web Administration Tool (SWAT) in Samba versions
3.0.x to 4.0.1 could possibly be used in clickjacking
attacks; CVE-2013-0213; (bnc#800982).

Also the following bugs have been fixed:

Don’t clutter the spec file diff view; (bnc#783384).
s3: Fix uninitialized memory read in talloc_free();
(bnc#764577).
Attempt to use samlogon validation level 6;
(bso#7945); (bnc#741623).
Add PreReq /etc/init.d/nscd to the winbind package;
(bnc#759731).
Recover from ncacn_ip_tcp ACCESS_DENIED/SEC_PKG_ERROR
lsa errors; (bso#7944); (bnc#755663).
Fix lsa_LookupSids3 and lsa_LookupNames4 arguments.

OSVersionArchitecturePackageVersionFilename
SUSE Linux Enterprise Server GPLv3 Extras10x86_64libwbclient-devel< 3.4.3-0.47.3libwbclient-devel-3.4.3-0.47.3.x86_64.rpm
SUSE Linux Enterprise Server GPLv3 Extras10ia64libnetapi0< 3.4.3-0.47.3libnetapi0-3.4.3-0.47.3.ia64.rpm
SUSE Linux Enterprise Server GPLv3 Extras10i586samba-gplv3-winbind< 3.4.3-0.47.3samba-gplv3-winbind-3.4.3-0.47.3.i586.rpm
SUSE Linux Enterprise Server GPLv3 Extras10s390xsamba-gplv3< 3.4.3-0.47.3samba-gplv3-3.4.3-0.47.3.s390x.rpm
SUSE Linux Enterprise Server GPLv3 Extras10ia64samba-gplv3-winbind< 3.4.3-0.47.3samba-gplv3-winbind-3.4.3-0.47.3.ia64.rpm
SUSE Linux Enterprise Server GPLv3 Extras10i586samba-gplv3-client< 3.4.3-0.47.3samba-gplv3-client-3.4.3-0.47.3.i586.rpm
SUSE Linux Enterprise Server GPLv3 Extras10ppclibwbclient0< 3.4.3-0.47.3libwbclient0-3.4.3-0.47.3.ppc.rpm
SUSE Linux Enterprise Server GPLv3 Extras10s390xlibwbclient-devel< 3.4.3-0.47.3libwbclient-devel-3.4.3-0.47.3.s390x.rpm
SUSE Linux Enterprise Server GPLv3 Extras10ppclibtdb-devel< 3.4.3-0.47.3libtdb-devel-3.4.3-0.47.3.ppc.rpm
SUSE Linux Enterprise Server GPLv3 Extras10s390xlibwbclient0< 3.4.3-0.47.3libwbclient0-3.4.3-0.47.3.s390x.rpm

OS	Version	Architecture	Package	Version	Filename
SUSE Linux Enterprise Server GPLv3 Extras	10	x86_64	libwbclient-devel	< 3.4.3-0.47.3	libwbclient-devel-3.4.3-0.47.3.x86_64.rpm
SUSE Linux Enterprise Server GPLv3 Extras	10	ia64	libnetapi0	< 3.4.3-0.47.3	libnetapi0-3.4.3-0.47.3.ia64.rpm
SUSE Linux Enterprise Server GPLv3 Extras	10	i586	samba-gplv3-winbind	< 3.4.3-0.47.3	samba-gplv3-winbind-3.4.3-0.47.3.i586.rpm
SUSE Linux Enterprise Server GPLv3 Extras	10	s390x	samba-gplv3	< 3.4.3-0.47.3	samba-gplv3-3.4.3-0.47.3.s390x.rpm
SUSE Linux Enterprise Server GPLv3 Extras	10	ia64	samba-gplv3-winbind	< 3.4.3-0.47.3	samba-gplv3-winbind-3.4.3-0.47.3.ia64.rpm
SUSE Linux Enterprise Server GPLv3 Extras	10	i586	samba-gplv3-client	< 3.4.3-0.47.3	samba-gplv3-client-3.4.3-0.47.3.i586.rpm
SUSE Linux Enterprise Server GPLv3 Extras	10	ppc	libwbclient0	< 3.4.3-0.47.3	libwbclient0-3.4.3-0.47.3.ppc.rpm
SUSE Linux Enterprise Server GPLv3 Extras	10	s390x	libwbclient-devel	< 3.4.3-0.47.3	libwbclient-devel-3.4.3-0.47.3.s390x.rpm
SUSE Linux Enterprise Server GPLv3 Extras	10	ppc	libtdb-devel	< 3.4.3-0.47.3	libtdb-devel-3.4.3-0.47.3.ppc.rpm
SUSE Linux Enterprise Server GPLv3 Extras	10	s390x	libwbclient0	< 3.4.3-0.47.3	libwbclient0-3.4.3-0.47.3.s390x.rpm