Denial of Service in Samba (Aktualisierung)
ID: | USN-4341-3 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 16.04 LTS |
Datum: | Do, 30. April 2020, 07:18 |
Referenzen: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10704 |
Applikationen: | Samba |
Update von: | Zwei Probleme in Samba |
Originalnachricht |
|
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============3368781137652604805== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="MDBzMAY0O50TSekJxOYgDIeIU1x3ez9TI" This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --MDBzMAY0O50TSekJxOYgDIeIU1x3ez9TI Content-Type: multipart/mixed; boundary="0Wu3K4ch6uFcNioDCgAKQh8BTKUGNg2Xi" --0Wu3K4ch6uFcNioDCgAKQh8BTKUGNg2Xi Content-Type: text/plain; charset=utf-8 Content-Language: en-C Content-Transfer-Encoding: quoted-printable ========================================================================== Ubuntu Security Notice USN-4341-3 April 29, 2020 samba regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: USN-4341-1 introduced a regression in Samba. Software Description: - samba: SMB/CIFS file, print, and login server for Unix Details: USN-4341-1 fixed vulnerabilities in Samba. The updated packages for Ubuntu 16.04 LTS introduced a regression when using LDAP. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could possibly use this issue to cause Samba to consume resources, resulting in a denial of service. (CVE-2020-10704) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: samba 2:4.3.11+dfsg-0ubuntu0.16.04.27 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4341-3 https://usn.ubuntu.com/4341-1 https://launchpad.net/bugs/1875798 Package Information: https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.27 --0Wu3K4ch6uFcNioDCgAKQh8BTKUGNg2Xi-- --MDBzMAY0O50TSekJxOYgDIeIU1x3ez9TI Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl6pmB0ACgkQZWnYVadE vpM+kg/+PUYEmkKl4XtvZ7gvG1F6IKwY8VaVg5gDGOpV4UhBXwY/qajYmMLVyNoy p9sABjnpEEZBVKavQle5Nf+w6LPa94CffK4bYdt5oJihGa2No3cKzqLX8LTqO+qV CZ4mWSvYN3GucHxiKbL1JvneYe7I6WnO9BbAIo+YEeoT7Abc2paUk5u+1iDeukvx yTt+ZKU+xqjCsPI5eUeE0N42oz8zdiQuZ44mBXQo2/QybYOFvJ+m/9hmFn3CxNB3 dxN3PD9ePZ5qrIILHJA3n9eRe/vuv+pdJpO4/De5KSAJ4lb5D0kKaQRSGdnV3hGa 5HQO9RItni+cn/pcJzBpC87Znsc/W31iT9Cmo3vvEXEUWDgHwkmby/3Dhu6Aety0 5sDNoxYiKSCuuHlFdWghZ7LzY9mO9WNhNsjHl8UMobPVmtuw8rSMIq7OcMMRCVxz CzHrBgXeWB/Hb1pkHmPhnAWJ30IRsFpnQahpHZS9eOHnypzh+eZlb4PTerq+zHVC 380klvVT0on9LigiPN9zB/48ZPxv47/3KQD0//gFaZnTIJbgp8j34GVuN9hshaqM CUe9V/Oj06uBHEqzKQuVwSIc+BMOWRUrvTyeM32rf5GJdWXoenUQ9x9jGqLKMMZC u3npb9c9aDOFyzHJ08F97yW431c/I5y4qQFlkJVPQxF66gbo0kk= =LcOY -----END PGP SIGNATURE----- --MDBzMAY0O50TSekJxOYgDIeIU1x3ez9TI-- --===============3368781137652604805== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK --===============3368781137652604805==-- |