Login
Newsletter
Werbung

Sicherheit: Preisgabe von Informationen in Samba
Aktuelle Meldungen Distributionen
Name: Preisgabe von Informationen in Samba
ID: USN-4121-1
Distribution: Ubuntu
Plattformen: Ubuntu 19.04
Datum: Mi, 4. September 2019, 07:11
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10197
Applikationen: Samba

Originalnachricht


--===============2488921467659119758==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="KR/qxknboQ7+Tpez"
Content-Disposition: inline


--KR/qxknboQ7+Tpez
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

==========================================================================
Ubuntu Security Notice USN-4121-1
September 03, 2019

samba vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 19.04

Summary:

Samba would allow unintended access to files over the network.

Software Description:
- samba: SMB/CIFS file, print, and login server for Unix

Details:

Stefan Metzmacher discovered that the Samba SMB server did not properly
prevent clients from escaping outside the share root directory in
some situations. An attacker could use this to gain access to files
outside of the Samba share, where allowed by the permissions of the
underlying filesystem.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.04:
samba 2:4.10.0+dfsg-0ubuntu2.4

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4121-1
CVE-2019-10197

Package Information:
https://launchpad.net/ubuntu/+source/samba/2:4.10.0+dfsg-0ubuntu2.4


--KR/qxknboQ7+Tpez
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAl1u1hAACgkQLwmejQBe
gfSzRA/+KaYufuJU7HU+Mzqk003UMSlLmdG6NgBHwJV6oST1074egDuMW6A24oun
RszuJ7AyeNce7kTt0D5DTA/Ybc+8iQeZH5EVpj4JZJx5AOKsNbi7BGFWcBkyNKw2
N0dyWT8bGnbGiVMXrpqz7mn3dqvrZbmhxegxfTFYAcCpLxFuVYYuXxTPtpOXW9q3
eQGyVB9SZw7mHGXKV+UQerkQmP8oB0NO3f3/f89tkwJzZ/1/eYFVPe3MPE15He60
moiz7VojcgNODMo/s0R5UiYGc1Pwp4u6szbClBbQOiKhXe8v+n0LpQ1eivJEKJ8/
eoMd3xBFk1rxtzlF/4Phi8VuBUU4+h2CfQDItiQh2KR3QIRjQ5N2EUfINQnZ3Mt0
8+xN1j7ikqOXbG/c2mQDeIc73MGJ2Aj3OhKQHS6Wzs7eS4pHp6oYfNQHuK1HeczQ
vpYCRCX3tnHFX0XGapBuDkUyf3lOZvW+Y8qnVcfw83oAt162M87zbkbTyTfyWqF8
luZ6T/AeFg17eXZgdqJvTXih1+CWsqx7RdhrGW1HU5Y4F1mrkXYS/D3XQ2H+BKAg
pkgpHlDkmv1MMAo1btFs8ZTNaUn30hy47F7mHvQSpq+ERf7Vyy3yj3vXxGg+EJZt
6rCkdH8JgGI/DfhlJ4H676gfr/0Q7DcAIo7P30csGd7aTrEIZhg=
=34nx
-----END PGP SIGNATURE-----

--KR/qxknboQ7+Tpez--


--===============2488921467659119758==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung