drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Samba
Name: |
Mehrere Probleme in Samba |
|
ID: |
202003-52 |
|
Distribution: |
Gentoo |
|
Plattformen: |
Keine Angabe |
|
Datum: |
Mi, 25. März 2020, 17:53 |
|
Referenzen: |
https://nvd.nist.gov/vuln/detail/CVE-2018-14629
https://nvd.nist.gov/vuln/detail/CVE-2019-14870
https://nvd.nist.gov/vuln/detail/CVE-2018-16857
https://nvd.nist.gov/vuln/detail/CVE-2018-16860
https://nvd.nist.gov/vuln/detail/CVE-2018-16841
https://nvd.nist.gov/vuln/detail/CVE-2019-10197
https://nvd.nist.gov/vuln/detail/CVE-2018-1140
https://nvd.nist.gov/vuln/detail/CVE-2018-10918
https://nvd.nist.gov/vuln/detail/CVE-2019-14861
https://nvd.nist.gov/vuln/detail/CVE-2019-14902
https://nvd.nist.gov/vuln/detail/CVE-2018-16851
https://nvd.nist.gov/vuln/detail/CVE-2018-16852
https://nvd.nist.gov/vuln/detail/CVE-2018-10858
https://nvd.nist.gov/vuln/detail/CVE-2019-14907
https://nvd.nist.gov/vuln/detail/CVE-2019-19344
https://nvd.nist.gov/vuln/detail/CVE-2018-16853
https://nvd.nist.gov/vuln/detail/CVE-2018-10919
https://nvd.nist.gov/vuln/detail/CVE-2018-1139 |
|
Applikationen: |
Samba |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --LiPZfyZ695VRenrAPv6y7Am5nPqgfzxON Content-Type: multipart/mixed; boundary="3MsuBs6cYfXsyyaWLIsTpushbNNeZ3ohE"
--3MsuBs6cYfXsyyaWLIsTpushbNNeZ3ohE Content-Type: text/plain; charset=utf-8 Content-Language: en-U Content-Transfer-Encoding: quoted-printable
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202003-52 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal Title: Samba: Multiple vulnerabilities Date: March 25, 2020 Bugs: #664316, #672140, #686036, #693558, #702928, #706144 ID: 202003-52
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis ========
Multiple vulnerabilities have been found in Samba, the worst of which could lead to remote code execution.
Background ==========
Samba is a suite of SMB and CIFS client/server programs.
Affected packages =================
------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-fs/samba < 4.11.6 *>= 4.9.18 *>= 4.10.13 *>= 4.11.6
Description ===========
Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details.
Impact ======
A remote attacker could possibly execute arbitrary code, cause a Denial of Service condition, conduct a man-in-the-middle attack, or obtain sensitive information.
Workaround ==========
There is no known workaround at this time.
Resolution ==========
All Samba 4.9.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-fs/samba-4.9.18"
All Samba 4.10.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-fs/samba-4.10.13"
All Samba 4.11.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-fs/samba-4.11.6"
References ==========
[ 1 ] CVE-2018-10858 https://nvd.nist.gov/vuln/detail/CVE-2018-10858 [ 2 ] CVE-2018-10918 https://nvd.nist.gov/vuln/detail/CVE-2018-10918 [ 3 ] CVE-2018-10919 https://nvd.nist.gov/vuln/detail/CVE-2018-10919 [ 4 ] CVE-2018-1139 https://nvd.nist.gov/vuln/detail/CVE-2018-1139 [ 5 ] CVE-2018-1140 https://nvd.nist.gov/vuln/detail/CVE-2018-1140 [ 6 ] CVE-2018-14629 https://nvd.nist.gov/vuln/detail/CVE-2018-14629 [ 7 ] CVE-2018-16841 https://nvd.nist.gov/vuln/detail/CVE-2018-16841 [ 8 ] CVE-2018-16851 https://nvd.nist.gov/vuln/detail/CVE-2018-16851 [ 9 ] CVE-2018-16852 https://nvd.nist.gov/vuln/detail/CVE-2018-16852 [ 10 ] CVE-2018-16853 https://nvd.nist.gov/vuln/detail/CVE-2018-16853 [ 11 ] CVE-2018-16857 https://nvd.nist.gov/vuln/detail/CVE-2018-16857 [ 12 ] CVE-2018-16860 https://nvd.nist.gov/vuln/detail/CVE-2018-16860 [ 13 ] CVE-2019-10197 https://nvd.nist.gov/vuln/detail/CVE-2019-10197 [ 14 ] CVE-2019-14861 https://nvd.nist.gov/vuln/detail/CVE-2019-14861 [ 15 ] CVE-2019-14870 https://nvd.nist.gov/vuln/detail/CVE-2019-14870 [ 16 ] CVE-2019-14902 https://nvd.nist.gov/vuln/detail/CVE-2019-14902 [ 17 ] CVE-2019-14907 https://nvd.nist.gov/vuln/detail/CVE-2019-14907 [ 18 ] CVE-2019-19344 https://nvd.nist.gov/vuln/detail/CVE-2019-19344
Availability ============
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202003-52
Concerns? =========
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License =======
Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
--3MsuBs6cYfXsyyaWLIsTpushbNNeZ3ohE--
--LiPZfyZ695VRenrAPv6y7Am5nPqgfzxON Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQGTBAEBCgB9FiEEExKRzo+LDXJgXHuURObr3Jv2BVkFAl57iCpfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDEz MTI5MUNFOEY4QjBENzI2MDVDN0I5NDQ0RTZFQkRDOUJGNjA1NTkACgkQRObr3Jv2 BVmp6gf/dgsQNbmU12dWVw+QBy12z9yfvDxlw+pduSxhvw6j8hoqvYntVxvY6buG z91D5Z/hr30pj8VR8O0YaeMfZnUwO4PlH2BPev0H9k2c3aajTvAfvt5ZUo/aVLzI Qym5COte4Zd0y8V3AERzT7UqVrrPueknGykIBN54YULF1W7aoLBROIMPAS4XOkdR 7oIQvxe5vwW5TDJXu4NcR6D1vJnW3xAbgMctRM4SMVt9ItpW9HBZvkztR3NSm+5C QMX36aV8OTJyyQ7mIGGzr03xpToae5dQQdhlT0LtBdK56YAX+HCSrr4Uvs2hxPDB AdhDx366W05Zt4RRzHYfa4kVjJkkdA== =FynC -----END PGP SIGNATURE-----
--LiPZfyZ695VRenrAPv6y7Am5nPqgfzxON--
|
|
|
|