Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 37: FEDORA-2023-bcd91bfcd3 moderate: Samba Security Fixes

fedora
Calendar Grey August 5, 2023
Dist Fedora Esm H88
The latest Samba update on Fedora addresses various security vulnerabilities, improves integration with Windows systems, and resolves problems with error management.
Update to version 4.17.10, Security fixes for CVE-2022-2127, CVE-2023-3347, CVE-2023-34966, CVE-2023-34967 and CVE-2023-34968 ---- Fix netlogon LogonGetCapabilities level 2 error h...

Summary

Samba is the standard Windows interoperability suite of programs for Linux and

Unix.

Update Information:

Update to version 4.17.10, Security fixes for CVE-2022-2127, CVE-2023-3347, CVE-2023-34966, CVE-2023-34967 and CVE-2023-34968 ---- Fix netlogon LogonGetCapabilities level 2 error handling ---- Update to version 4.17.9

Topics%20covered

Topics Covered

security advisory Fedora samba security fix update information error handling

Change Log

* Thu Jul 20 2023 Guenther Deschner - 4.17.10-0 - Update to version 4.17.10 - resolves: #2222791, #2224254 - Security fix for CVE-2022-2127 - resolves: #2222792, #2224255 - Security fix for CVE-2023-3347 - resolves: #2222793, #2224253 - Security fix for CVE-2023-34966 - resolves: #2222794, #2224252 - Security fix for CVE-2023-34967 - resolves: #2222795, #2224250 - Security fix for CVE-2023-34968 * Sat Jul 15 2023 Guenther Deschner - 4.17.9-1 - resolves: #2223091 - Fix netlogon LogonGetCapabilities level 2 error handling * Thu Jul 6 2023 Guenther Deschner - 4.17.9-0 - Update to version 4.17.9

References


[ 1 ] Bug #2222791 - CVE-2022-2127 samba: out-of-bounds read in winbind AUTH_CRAP https://bugzilla.redhat.com/show_bug.cgi?id=2222791 [ 2 ] Bug #2222792 - CVE-2023-3347 samba: SMB2 packet signing is not enforced when "server signing = required" is set https://bugzilla.redhat.com/show_bug.cgi?id=2222792 [ 3 ] Bug #2222793 - CVE-2023-34966 samba: infinite loop in mdssvc RPC service for spotlight https://bugzilla.redhat.com/show_bug.cgi?id=2222793 [ 4 ] Bug #2222794 - CVE-2023-34967 samba: type confusion in mdssvc RPC service for spotlight https://bugzilla.redhat.com/show_bug.cgi?id=2222794 [ 5 ] Bug #2222795 - CVE-2023-34968 samba: spotlight server-side share path disclosure https://bugzilla.redhat.com/show_bug.cgi?id=2222795

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-bcd91bfcd3' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
important
Lowest
Low
Medium
High
Critical

Name: samba
Product: Fedora 37
Version: 4.17.10
Release: 0.fc37
URL:
Summary: Server and Client software to interoperate with Windows machines

Topics%20covered

Topics Covered

security advisory Fedora samba security fix update information error handling

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here