drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in Samba
Name: |
Zwei Probleme in Samba |
|
ID: |
openSUSE-SU-2015:0375-1 |
|
Distribution: |
SUSE |
|
Plattformen: |
openSUSE 13.1, openSUSE 13.2 |
|
Datum: |
Mi, 25. Februar 2015, 16:35 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8143
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0240 |
|
Applikationen: |
Samba |
|
Originalnachricht |
openSUSE Security Update: Security update for samba ______________________________________________________________________________
Announcement ID: openSUSE-SU-2015:0375-1 Rating: important References: #914279 #917376 Cross-References: CVE-2014-8143 CVE-2015-0240 Affected Products: openSUSE 13.2 openSUSE 13.1 ______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
samba was updated to fix two security issues.
These security issues were fixed: - CVE-2015-0240: Ensure we don't call talloc_free on an uninitialized pointer (bnc#917376). - CVE-2014-8143: Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured, allowed remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by leveraging delegation of authority for user-account or computer-account creation (bnc#914279).
Several non-security issues were fixed, please refer to the changes file.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product:
- openSUSE 13.2:
zypper in -t patch openSUSE-2015-179=1
- openSUSE 13.1:
zypper in -t patch openSUSE-2015-179=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 13.2 (i586 x86_64):
libdcerpc-atsvc-devel-4.1.17-5.1 libdcerpc-atsvc0-4.1.17-5.1 libdcerpc-atsvc0-debuginfo-4.1.17-5.1 libdcerpc-binding0-4.1.17-5.1 libdcerpc-binding0-debuginfo-4.1.17-5.1 libdcerpc-devel-4.1.17-5.1 libdcerpc-samr-devel-4.1.17-5.1 libdcerpc-samr0-4.1.17-5.1 libdcerpc-samr0-debuginfo-4.1.17-5.1 libdcerpc0-4.1.17-5.1 libdcerpc0-debuginfo-4.1.17-5.1 libgensec-devel-4.1.17-5.1 libgensec0-4.1.17-5.1 libgensec0-debuginfo-4.1.17-5.1 libndr-devel-4.1.17-5.1 libndr-krb5pac-devel-4.1.17-5.1 libndr-krb5pac0-4.1.17-5.1 libndr-krb5pac0-debuginfo-4.1.17-5.1 libndr-nbt-devel-4.1.17-5.1 libndr-nbt0-4.1.17-5.1 libndr-nbt0-debuginfo-4.1.17-5.1 libndr-standard-devel-4.1.17-5.1 libndr-standard0-4.1.17-5.1 libndr-standard0-debuginfo-4.1.17-5.1 libndr0-4.1.17-5.1 libndr0-debuginfo-4.1.17-5.1 libnetapi-devel-4.1.17-5.1 libnetapi0-4.1.17-5.1 libnetapi0-debuginfo-4.1.17-5.1 libpdb-devel-4.1.17-5.1 libpdb0-4.1.17-5.1 libpdb0-debuginfo-4.1.17-5.1 libregistry-devel-4.1.17-5.1 libregistry0-4.1.17-5.1 libregistry0-debuginfo-4.1.17-5.1 libsamba-credentials-devel-4.1.17-5.1 libsamba-credentials0-4.1.17-5.1 libsamba-credentials0-debuginfo-4.1.17-5.1 libsamba-hostconfig-devel-4.1.17-5.1 libsamba-hostconfig0-4.1.17-5.1 libsamba-hostconfig0-debuginfo-4.1.17-5.1 libsamba-policy-devel-4.1.17-5.1 libsamba-policy0-4.1.17-5.1 libsamba-policy0-debuginfo-4.1.17-5.1 libsamba-util-devel-4.1.17-5.1 libsamba-util0-4.1.17-5.1 libsamba-util0-debuginfo-4.1.17-5.1 libsamdb-devel-4.1.17-5.1 libsamdb0-4.1.17-5.1 libsamdb0-debuginfo-4.1.17-5.1 libsmbclient-devel-4.1.17-5.1 libsmbclient-raw-devel-4.1.17-5.1 libsmbclient-raw0-4.1.17-5.1 libsmbclient-raw0-debuginfo-4.1.17-5.1 libsmbclient0-4.1.17-5.1 libsmbclient0-debuginfo-4.1.17-5.1 libsmbconf-devel-4.1.17-5.1 libsmbconf0-4.1.17-5.1 libsmbconf0-debuginfo-4.1.17-5.1 libsmbldap-devel-4.1.17-5.1 libsmbldap0-4.1.17-5.1 libsmbldap0-debuginfo-4.1.17-5.1 libsmbsharemodes-devel-4.1.17-5.1 libsmbsharemodes0-4.1.17-5.1 libsmbsharemodes0-debuginfo-4.1.17-5.1 libtevent-util-devel-4.1.17-5.1 libtevent-util0-4.1.17-5.1 libtevent-util0-debuginfo-4.1.17-5.1 libwbclient-devel-4.1.17-5.1 libwbclient0-4.1.17-5.1 libwbclient0-debuginfo-4.1.17-5.1 samba-4.1.17-5.1 samba-client-4.1.17-5.1 samba-client-debuginfo-4.1.17-5.1 samba-core-devel-4.1.17-5.1 samba-debuginfo-4.1.17-5.1 samba-debugsource-4.1.17-5.1 samba-libs-4.1.17-5.1 samba-libs-debuginfo-4.1.17-5.1 samba-pidl-4.1.17-5.1 samba-python-4.1.17-5.1 samba-python-debuginfo-4.1.17-5.1 samba-test-4.1.17-5.1 samba-test-debuginfo-4.1.17-5.1 samba-test-devel-4.1.17-5.1 samba-winbind-4.1.17-5.1 samba-winbind-debuginfo-4.1.17-5.1
- openSUSE 13.2 (x86_64):
libdcerpc-atsvc0-32bit-4.1.17-5.1 libdcerpc-atsvc0-debuginfo-32bit-4.1.17-5.1 libdcerpc-binding0-32bit-4.1.17-5.1 libdcerpc-binding0-debuginfo-32bit-4.1.17-5.1 libdcerpc-samr0-32bit-4.1.17-5.1 libdcerpc-samr0-debuginfo-32bit-4.1.17-5.1 libdcerpc0-32bit-4.1.17-5.1 libdcerpc0-debuginfo-32bit-4.1.17-5.1 libgensec0-32bit-4.1.17-5.1 libgensec0-debuginfo-32bit-4.1.17-5.1 libndr-krb5pac0-32bit-4.1.17-5.1 libndr-krb5pac0-debuginfo-32bit-4.1.17-5.1 libndr-nbt0-32bit-4.1.17-5.1 libndr-nbt0-debuginfo-32bit-4.1.17-5.1 libndr-standard0-32bit-4.1.17-5.1 libndr-standard0-debuginfo-32bit-4.1.17-5.1 libndr0-32bit-4.1.17-5.1 libndr0-debuginfo-32bit-4.1.17-5.1 libnetapi0-32bit-4.1.17-5.1 libnetapi0-debuginfo-32bit-4.1.17-5.1 libpdb0-32bit-4.1.17-5.1 libpdb0-debuginfo-32bit-4.1.17-5.1 libregistry0-32bit-4.1.17-5.1 libregistry0-debuginfo-32bit-4.1.17-5.1 libsamba-credentials0-32bit-4.1.17-5.1 libsamba-credentials0-debuginfo-32bit-4.1.17-5.1 libsamba-hostconfig0-32bit-4.1.17-5.1 libsamba-hostconfig0-debuginfo-32bit-4.1.17-5.1 libsamba-policy0-32bit-4.1.17-5.1 libsamba-policy0-debuginfo-32bit-4.1.17-5.1 libsamba-util0-32bit-4.1.17-5.1 libsamba-util0-debuginfo-32bit-4.1.17-5.1 libsamdb0-32bit-4.1.17-5.1 libsamdb0-debuginfo-32bit-4.1.17-5.1 libsmbclient-raw0-32bit-4.1.17-5.1 libsmbclient-raw0-debuginfo-32bit-4.1.17-5.1 libsmbclient0-32bit-4.1.17-5.1 libsmbclient0-debuginfo-32bit-4.1.17-5.1 libsmbconf0-32bit-4.1.17-5.1 libsmbconf0-debuginfo-32bit-4.1.17-5.1 libsmbldap0-32bit-4.1.17-5.1 libsmbldap0-debuginfo-32bit-4.1.17-5.1 libtevent-util0-32bit-4.1.17-5.1 libtevent-util0-debuginfo-32bit-4.1.17-5.1 libwbclient0-32bit-4.1.17-5.1 libwbclient0-debuginfo-32bit-4.1.17-5.1 samba-32bit-4.1.17-5.1 samba-client-32bit-4.1.17-5.1 samba-client-debuginfo-32bit-4.1.17-5.1 samba-debuginfo-32bit-4.1.17-5.1 samba-libs-32bit-4.1.17-5.1 samba-libs-debuginfo-32bit-4.1.17-5.1 samba-winbind-32bit-4.1.17-5.1 samba-winbind-debuginfo-32bit-4.1.17-5.1
- openSUSE 13.2 (noarch):
samba-doc-4.1.17-5.1
- openSUSE 13.1 (i586 x86_64):
libdcerpc-atsvc-devel-4.1.17-3.30.1 libdcerpc-atsvc0-4.1.17-3.30.1 libdcerpc-atsvc0-debuginfo-4.1.17-3.30.1 libdcerpc-binding0-4.1.17-3.30.1 libdcerpc-binding0-debuginfo-4.1.17-3.30.1 libdcerpc-devel-4.1.17-3.30.1 libdcerpc-samr-devel-4.1.17-3.30.1 libdcerpc-samr0-4.1.17-3.30.1 libdcerpc-samr0-debuginfo-4.1.17-3.30.1 libdcerpc0-4.1.17-3.30.1 libdcerpc0-debuginfo-4.1.17-3.30.1 libgensec-devel-4.1.17-3.30.1 libgensec0-4.1.17-3.30.1 libgensec0-debuginfo-4.1.17-3.30.1 libndr-devel-4.1.17-3.30.1 libndr-krb5pac-devel-4.1.17-3.30.1 libndr-krb5pac0-4.1.17-3.30.1 libndr-krb5pac0-debuginfo-4.1.17-3.30.1 libndr-nbt-devel-4.1.17-3.30.1 libndr-nbt0-4.1.17-3.30.1 libndr-nbt0-debuginfo-4.1.17-3.30.1 libndr-standard-devel-4.1.17-3.30.1 libndr-standard0-4.1.17-3.30.1 libndr-standard0-debuginfo-4.1.17-3.30.1 libndr0-4.1.17-3.30.1 libndr0-debuginfo-4.1.17-3.30.1 libnetapi-devel-4.1.17-3.30.1 libnetapi0-4.1.17-3.30.1 libnetapi0-debuginfo-4.1.17-3.30.1 libpdb-devel-4.1.17-3.30.1 libpdb0-4.1.17-3.30.1 libpdb0-debuginfo-4.1.17-3.30.1 libregistry-devel-4.1.17-3.30.1 libregistry0-4.1.17-3.30.1 libregistry0-debuginfo-4.1.17-3.30.1 libsamba-credentials-devel-4.1.17-3.30.1 libsamba-credentials0-4.1.17-3.30.1 libsamba-credentials0-debuginfo-4.1.17-3.30.1 libsamba-hostconfig-devel-4.1.17-3.30.1 libsamba-hostconfig0-4.1.17-3.30.1 libsamba-hostconfig0-debuginfo-4.1.17-3.30.1 libsamba-policy-devel-4.1.17-3.30.1 libsamba-policy0-4.1.17-3.30.1 libsamba-policy0-debuginfo-4.1.17-3.30.1 libsamba-util-devel-4.1.17-3.30.1 libsamba-util0-4.1.17-3.30.1 libsamba-util0-debuginfo-4.1.17-3.30.1 libsamdb-devel-4.1.17-3.30.1 libsamdb0-4.1.17-3.30.1 libsamdb0-debuginfo-4.1.17-3.30.1 libsmbclient-devel-4.1.17-3.30.1 libsmbclient-raw-devel-4.1.17-3.30.1 libsmbclient-raw0-4.1.17-3.30.1 libsmbclient-raw0-debuginfo-4.1.17-3.30.1 libsmbclient0-4.1.17-3.30.1 libsmbclient0-debuginfo-4.1.17-3.30.1 libsmbconf-devel-4.1.17-3.30.1 libsmbconf0-4.1.17-3.30.1 libsmbconf0-debuginfo-4.1.17-3.30.1 libsmbldap-devel-4.1.17-3.30.1 libsmbldap0-4.1.17-3.30.1 libsmbldap0-debuginfo-4.1.17-3.30.1 libsmbsharemodes-devel-4.1.17-3.30.1 libsmbsharemodes0-4.1.17-3.30.1 libsmbsharemodes0-debuginfo-4.1.17-3.30.1 libtevent-util-devel-4.1.17-3.30.1 libtevent-util0-4.1.17-3.30.1 libtevent-util0-debuginfo-4.1.17-3.30.1 libwbclient-devel-4.1.17-3.30.1 libwbclient0-4.1.17-3.30.1 libwbclient0-debuginfo-4.1.17-3.30.1 samba-4.1.17-3.30.1 samba-client-4.1.17-3.30.1 samba-client-debuginfo-4.1.17-3.30.1 samba-core-devel-4.1.17-3.30.1 samba-debuginfo-4.1.17-3.30.1 samba-debugsource-4.1.17-3.30.1 samba-libs-4.1.17-3.30.1 samba-libs-debuginfo-4.1.17-3.30.1 samba-pidl-4.1.17-3.30.1 samba-python-4.1.17-3.30.1 samba-python-debuginfo-4.1.17-3.30.1 samba-test-4.1.17-3.30.1 samba-test-debuginfo-4.1.17-3.30.1 samba-test-devel-4.1.17-3.30.1 samba-winbind-4.1.17-3.30.1 samba-winbind-debuginfo-4.1.17-3.30.1
- openSUSE 13.1 (x86_64):
libdcerpc-atsvc0-32bit-4.1.17-3.30.1 libdcerpc-atsvc0-debuginfo-32bit-4.1.17-3.30.1 libdcerpc-binding0-32bit-4.1.17-3.30.1 libdcerpc-binding0-debuginfo-32bit-4.1.17-3.30.1 libdcerpc-samr0-32bit-4.1.17-3.30.1 libdcerpc-samr0-debuginfo-32bit-4.1.17-3.30.1 libdcerpc0-32bit-4.1.17-3.30.1 libdcerpc0-debuginfo-32bit-4.1.17-3.30.1 libgensec0-32bit-4.1.17-3.30.1 libgensec0-debuginfo-32bit-4.1.17-3.30.1 libndr-krb5pac0-32bit-4.1.17-3.30.1 libndr-krb5pac0-debuginfo-32bit-4.1.17-3.30.1 libndr-nbt0-32bit-4.1.17-3.30.1 libndr-nbt0-debuginfo-32bit-4.1.17-3.30.1 libndr-standard0-32bit-4.1.17-3.30.1 libndr-standard0-debuginfo-32bit-4.1.17-3.30.1 libndr0-32bit-4.1.17-3.30.1 libndr0-debuginfo-32bit-4.1.17-3.30.1 libnetapi0-32bit-4.1.17-3.30.1 libnetapi0-debuginfo-32bit-4.1.17-3.30.1 libpdb0-32bit-4.1.17-3.30.1 libpdb0-debuginfo-32bit-4.1.17-3.30.1 libregistry0-32bit-4.1.17-3.30.1 libregistry0-debuginfo-32bit-4.1.17-3.30.1 libsamba-credentials0-32bit-4.1.17-3.30.1 libsamba-credentials0-debuginfo-32bit-4.1.17-3.30.1 libsamba-hostconfig0-32bit-4.1.17-3.30.1 libsamba-hostconfig0-debuginfo-32bit-4.1.17-3.30.1 libsamba-policy0-32bit-4.1.17-3.30.1 libsamba-policy0-debuginfo-32bit-4.1.17-3.30.1 libsamba-util0-32bit-4.1.17-3.30.1 libsamba-util0-debuginfo-32bit-4.1.17-3.30.1 libsamdb0-32bit-4.1.17-3.30.1 libsamdb0-debuginfo-32bit-4.1.17-3.30.1 libsmbclient-raw0-32bit-4.1.17-3.30.1 libsmbclient-raw0-debuginfo-32bit-4.1.17-3.30.1 libsmbclient0-32bit-4.1.17-3.30.1 libsmbclient0-debuginfo-32bit-4.1.17-3.30.1 libsmbconf0-32bit-4.1.17-3.30.1 libsmbconf0-debuginfo-32bit-4.1.17-3.30.1 libsmbldap0-32bit-4.1.17-3.30.1 libsmbldap0-debuginfo-32bit-4.1.17-3.30.1 libtevent-util0-32bit-4.1.17-3.30.1 libtevent-util0-debuginfo-32bit-4.1.17-3.30.1 libwbclient0-32bit-4.1.17-3.30.1 libwbclient0-debuginfo-32bit-4.1.17-3.30.1 samba-32bit-4.1.17-3.30.1 samba-client-32bit-4.1.17-3.30.1 samba-client-debuginfo-32bit-4.1.17-3.30.1 samba-debuginfo-32bit-4.1.17-3.30.1 samba-libs-32bit-4.1.17-3.30.1 samba-libs-debuginfo-32bit-4.1.17-3.30.1 samba-winbind-32bit-4.1.17-3.30.1 samba-winbind-debuginfo-32bit-4.1.17-3.30.1
- openSUSE 13.1 (noarch):
samba-doc-4.1.17-3.30.1
References:
http://support.novell.com/security/cve/CVE-2014-8143.html http://support.novell.com/security/cve/CVE-2015-0240.html https://bugzilla.suse.com/914279 https://bugzilla.suse.com/917376
-- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
|
|
|
|