drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Unsichere Verwendung temporärer Dateien in Samba
Name: |
Unsichere Verwendung temporärer Dateien in Samba |
|
ID: |
USN-3242-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 16.10 |
|
Datum: |
Do, 23. März 2017, 14:42 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2619 |
|
Applikationen: |
Samba |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============4178788782381772266== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="l5nLgdTB5ESlERpo2Kd9qFGN5NMMt7jWk"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --l5nLgdTB5ESlERpo2Kd9qFGN5NMMt7jWk Content-Type: multipart/mixed; boundary="iF2Gi3xos5OXVsaoiOPXKoiMLjHGXFTaG" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: "ubuntu-security-announce@lists.ubuntu.com" <ubuntu-security-announce@lists.ubuntu.com> Message-ID: <75b13378-592b-a9fd-0ec1-691cc19619a3@canonical.com> Subject: [USN-3242-1] Samba vulnerability
--iF2Gi3xos5OXVsaoiOPXKoiMLjHGXFTaG Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3242-1 March 23, 2017
samba vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.10 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS
Summary:
Samba could be made to expose sensitive information over the network.
Software Description: - samba: SMB/CIFS file, print, and login server for Unix
Details:
Jann Horn discovered that Samba incorrectly handled symlinks. An authenticated remote attacker could use this issue to access files on the server outside of the exported directories.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.10: samba 2:4.4.5+dfsg-2ubuntu5.4
Ubuntu 16.04 LTS: samba 2:4.3.11+dfsg-0ubuntu0.16.04.5
Ubuntu 14.04 LTS: samba 2:4.3.11+dfsg-0ubuntu0.14.04.6
Ubuntu 12.04 LTS: samba 2:3.6.25-0ubuntu0.12.04.9
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-3242-1 CVE-2017-2619
Package Information: https://launchpad.net/ubuntu/+source/samba/2:4.4.5+dfsg-2ubuntu5.4 https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.5 https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.14.04.6 https://launchpad.net/ubuntu/+source/samba/2:3.6.25-0ubuntu0.12.04.9
--iF2Gi3xos5OXVsaoiOPXKoiMLjHGXFTaG--
--l5nLgdTB5ESlERpo2Kd9qFGN5NMMt7jWk Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAEBCgAGBQJY07vlAAoJEGVp2FWnRL6TDzEP/3L9bhNzvEPiSRhjbHD8qH73 bCRBsTGsk2T0eWODl7RF7k2+4s83xZEWu6yfXL068IiFaK1jOi7eHQNw+xbhYwMi w3HSnpoEum7dwW3eRa7JeNFVm5bbS4ebLMqtHziWgyp0OTqlQZut+8rrJsY0tAFR rbJmcXWnSNZkYcxWESQd/tPmDRijkFPSUYJ6hPLbVuEaZv8u7TzORd7Fue4QXbOZ NGRgTV+VsAvcnbwMRzbTNysBUXb8zJm1KCBrdZ5htC0PDvcKxYFjIgALy3rTH4xO GcoPSwmkw7PyvdAtr2/DQEj01cRc32BdIETAvds3AmjFAjCbJ/nT+C2j0jdR/zVu e9LBYAMUCDZ0lKDr3vygKOT8Q67N+Mq1BLGz7iZlWQMJcaWmMsJtt1W/8HWaoWEJ TJR9V1+C4NWZoXbi7eda8RizUkhZre8gC9yDMvjntbQSu6pwIEpHJOomlYBcKdbv W8IaGZbUfTC4o4fY9vAeb0vYGsH3OTaV/rIPh3438U58ZobxNoRlB753qmeolJi8 I+Fnwcil91WsfDzdDxCjBKx/cJmhUEcipIAYP4ANsIb0+c8C28jGFWrbneZ+KvJO aOFK+rX8dHobKvvM9ooOvyn+A0mwAmLZU3A4lUSKokxN1Qs3YC2p+uor1UBMojaH NMzS8AxmEVODA55V7FeB =O3lW -----END PGP SIGNATURE-----
--l5nLgdTB5ESlERpo2Kd9qFGN5NMMt7jWk--
--===============4178788782381772266== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============4178788782381772266==--
|
|
|
|