Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 31: 2019-be98a08835 Critical: Samba Security Fixes

fedora
Calendar Grey December 11, 2019
Dist Fedora Esm H88
The Fedora update for Samba version 4.11.3 includes essential security patches and best practices for usage.
Update to Samba 4.11.3 - Security fixes for CVE-2019-14861, CVE-2019-14870 ---- Restart winbindd on samba-winbind package upgrade

Summary

Samba is the standard Windows interoperability suite of programs for Linux and

Unix.

Update to Samba 4.11.3 - Security fixes for CVE-2019-14861, CVE-2019-14870 ----Restart winbindd on samba-winbind package upgrade

* Tue Dec 10 2019 Guenther Deschner - 4.11.3-0

- Update to Samba 4.11.3

- resolves: #1778586, #1781542 - Security fixes for CVE-2019-14861

- resolves: #1778589, #1781545 - Security fixes for CVE-2019-14870

* Thu Dec 5 2019 Andreas Schneider - 4.11.2-2

- Restart winbindd on samba-winbind package upgrade

* Wed Nov 6 2019 Alexander Bokovoy - 4.11.2-1

- Update DES removal patch

* Tue Oct 29 2019 Guenther Deschner - 4.11.2-0

- Update to Samba 4.11.2

- resolves: #1763137, #1766558 - Security fixes for CVE-2019-10218

- resolves: #1764126, #1766559 - Security fixes for CVE-2019-14833

* Sun Oct 27 2019 Alexander Bokovoy - 4.11.1-1

- resolves: #1757071 - Deploy new samba DC fails

* Fri Oct 18 2019 Guenther Deschner - 4.11.1-0

- Update to Samba 4.11.1

[ 1 ] Bug #1778586 - CVE-2019-14861 samba: An authenticated user can crash the DCE/RPC DNS management server by creating records with matching the zone name

https://bugzilla.redhat.com/show_bug.cgi?id=1778586

[ 2 ] Bug #1778589 - CVE-2019-14870 samba: The DelegationNotAllowed Kerberos feature restriction was not being applied when processing protocol transition requests (S4U2Self), in the AD DC KDC

https://bugzilla.redhat.com/show_bug.cgi?id=1778589

su -c 'dnf upgrade --advisory FEDORA-2019-be98a08835' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory Fedora samba security fixes network attack DOS

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 31
Version: 4.11.3
Release: 0.fc31
URL:
Summary: Server and Client software to interoperate with Windows machines

Topics%20covered

Topics Covered

security advisory Fedora samba security fixes network attack DOS

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here