Preisgabe von Informationen in Samba
ID: | USN-4121-1 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 19.04 |
Datum: | Mi, 4. September 2019, 07:11 |
Referenzen: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10197 |
Applikationen: | Samba |
Originalnachricht |
|
--===============2488921467659119758== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="KR/qxknboQ7+Tpez" Content-Disposition: inline --KR/qxknboQ7+Tpez Content-Type: text/plain; charset=us-ascii Content-Disposition: inline ========================================================================== Ubuntu Security Notice USN-4121-1 September 03, 2019 samba vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.04 Summary: Samba would allow unintended access to files over the network. Software Description: - samba: SMB/CIFS file, print, and login server for Unix Details: Stefan Metzmacher discovered that the Samba SMB server did not properly prevent clients from escaping outside the share root directory in some situations. An attacker could use this to gain access to files outside of the Samba share, where allowed by the permissions of the underlying filesystem. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: samba 2:4.10.0+dfsg-0ubuntu2.4 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4121-1 CVE-2019-10197 Package Information: https://launchpad.net/ubuntu/+source/samba/2:4.10.0+dfsg-0ubuntu2.4 --KR/qxknboQ7+Tpez Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAl1u1hAACgkQLwmejQBe gfSzRA/+KaYufuJU7HU+Mzqk003UMSlLmdG6NgBHwJV6oST1074egDuMW6A24oun RszuJ7AyeNce7kTt0D5DTA/Ybc+8iQeZH5EVpj4JZJx5AOKsNbi7BGFWcBkyNKw2 N0dyWT8bGnbGiVMXrpqz7mn3dqvrZbmhxegxfTFYAcCpLxFuVYYuXxTPtpOXW9q3 eQGyVB9SZw7mHGXKV+UQerkQmP8oB0NO3f3/f89tkwJzZ/1/eYFVPe3MPE15He60 moiz7VojcgNODMo/s0R5UiYGc1Pwp4u6szbClBbQOiKhXe8v+n0LpQ1eivJEKJ8/ eoMd3xBFk1rxtzlF/4Phi8VuBUU4+h2CfQDItiQh2KR3QIRjQ5N2EUfINQnZ3Mt0 8+xN1j7ikqOXbG/c2mQDeIc73MGJ2Aj3OhKQHS6Wzs7eS4pHp6oYfNQHuK1HeczQ vpYCRCX3tnHFX0XGapBuDkUyf3lOZvW+Y8qnVcfw83oAt162M87zbkbTyTfyWqF8 luZ6T/AeFg17eXZgdqJvTXih1+CWsqx7RdhrGW1HU5Y4F1mrkXYS/D3XQ2H+BKAg pkgpHlDkmv1MMAo1btFs8ZTNaUn30hy47F7mHvQSpq+ERf7Vyy3yj3vXxGg+EJZt 6rCkdH8JgGI/DfhlJ4H676gfr/0Q7DcAIo7P30csGd7aTrEIZhg= =34nx -----END PGP SIGNATURE----- --KR/qxknboQ7+Tpez-- --===============2488921467659119758== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce |