Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in Samba (Aktualisierung)
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Samba (Aktualisierung)
ID: USN-5174-2
Distribution: Ubuntu
Plattformen: Ubuntu 18.04 LTS
Datum: Di, 14. Dezember 2021, 07:53
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717
https://bugzilla.samba.org/show_bug.cgi?id=14922
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722
Applikationen: Samba
Update von: Mehrere Probleme in Samba

Originalnachricht

 
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============5772198922031602994==
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="LChfqBJeaVdcDE7usfjzDdWF6byENBv7S"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--LChfqBJeaVdcDE7usfjzDdWF6byENBv7S
Content-Type: multipart/mixed;
 boundary="mWU1KwMAyLXSSCkcEwT7dTHMdPeoW84ci";
 protected-headers="v1"
From: Marc Deslauriers <marc.deslauriers@canonical.com>
Reply-To: Ubuntu Security <security@ubuntu.com>
To: "ubuntu-security-announce@lists.ubuntu.com"
 <ubuntu-security-announce@lists.ubuntu.com>
Message-ID: <b90fce49-111a-19a1-2129-91b0a1eca303@canonical.com>
Subject: [USN-5174-2] Samba regression

--mWU1KwMAyLXSSCkcEwT7dTHMdPeoW84ci
Content-Type: text/plain; charset=utf-8
Content-Language: en-C
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-5174-2
December 13, 2021

samba regression
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS

Summary:

USN-5174-1 introduced a regression in Samba.

Software Description:
- samba: SMB/CIFS file, print, and login server for Unix

Details:

USN-5174-1 fixed vulnerabilities in Samba. Some of the changes introduced a
regression in Kerberos authentication in certain environments.

Please see the following upstream bug for more information:
https://bugzilla.samba.org/show_bug.cgi?id=14922

This update fixes the problem.

Original advisory details:

 Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client
 connections. A remote attacker could possibly use this issue to downgrade
 connections to plaintext authentication. (CVE-2016-2124)
  Andrew Bartlett discovered that Samba incorrectly mapping domain users to
 local users. An authenticated attacker could possibly use this issue to
 become root on domain members. (CVE-2020-25717)
  Andrew Bartlett discovered that Samba did not properly check sensitive
 attributes. An authenticated attacker could possibly use this issue to
 escalate privileges. (CVE-2020-25722)
  Joseph Sutton discovered that Samba incorrectly handled certain TGS
 requests. An authenticated attacker could possibly use this issue to cause
 Samba to crash, resulting in a denial of service. (CVE-2021-3671)
  The fix for CVE-2020-25717 results in possible behaviour changes that could
 affect certain environments. Please see the upstream advisory for more
 information:
  https://www.samba.org/samba/security/CVE-2020-25717.html

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  samba                           2:4.7.6+dfsg~ubuntu-0ubuntu2.27

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-5174-2
  https://ubuntu.com/security/notices/USN-5174-1
  https://launchpad.net/bugs/1950363

Package Information:
  https://launchpad.net/ubuntu/+source/samba/2:4.7.6+dfsg~ubuntu-0ubuntu2.27


--mWU1KwMAyLXSSCkcEwT7dTHMdPeoW84ci--

--LChfqBJeaVdcDE7usfjzDdWF6byENBv7S
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmG3rS0ACgkQZWnYVadE
vpPZlQ/9FLON3mYUi3kiCHFF5t2RJEMAlXB2EmabIoE0BMC1+iP6QoPyIpjNIAHm
SoNuxnNg4fTB4FsUEuTWWmY5cOZpJg05r+Wt97gXlXcTFmF/Ihf/9IVr+hKdzfJI
7IBTg0Oqj7PaAKlAGuJThc68gEV6EuXtFew1XzwiDhWEn48dDJog4mbqWx/ZKqrj
DU5eg5cTmhaXcYg7TJCjZGio46a7NC9tes7xtHxEypvP1fyj8Bm5/6GSl+rzB7dS
pQYNMuZz9cW7fawK5b14O0nvsew4o2GLhM8+FZoMey1YN0eNFGhSjB/3vHtqiq7B
5OzJUaPVyfvngXTGmYF0a+Ra0Ipc6ihJExHREuV0ysd/tIQt2azHbBSFo8aHj0My
dAqSLDl4iQK0TkY5YDefU226r5KA7Z9om9U5plKekX+aD+kuFR6wgkg2pcLsWWRW
aIE4oSp/cjsRrPjeR6MSTjs7zlNOKVu9rj093+fGxw5UbDzIdU0eBiFKByPnsbnY
ZZ2SHUsMGFLwrAvSxm2gZjoMP620tsqLoBzSOv6B+QeIHgrMcBkBDDS9QSJ3dAYP
tXu/wfS87R0xR5gPTZrTXS9kpN8fwJn7JOFaHmICdyc5Fo4ob+nz516VWEbzlveB
8hp5z3zbtKamAd/sIOgl6aUJYaeoet39wYrkfY510dbhD6b1ooo=
=GRAq
-----END PGP SIGNATURE-----

--LChfqBJeaVdcDE7usfjzDdWF6byENBv7S--


--===============5772198922031602994==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK

--===============5772198922031602994==--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung