Alerts This Week
Warning Icon 1 562
Alerts This Week
Warning Icon 1 562

openSUSE 12.2: 2013:1339-1 Critical Denial Of Service In Samba

opensuse
Calendar Grey August 14, 2013
Dist Opensuse Esm H88
Addresses a critical vulnerability and various issues in Samba for openSUSE, vital for maintaining security patches.
An update that solves one vulnerability and has 8 fixes is An update that solves one vulnerability and has 8 fixes is An update that solves one vulnerability and has 8 fixes is now...

Description

This update of samba fixed the following issues:

- The pam_winbind require_membership_of option allows for a

list of SID, but currently only provides buffer space for

~20; (bnc#806501).

- Samba 3.0.x to 4.0.7 are affected by a denial of service

attack on authenticated or guest connections;

CVE-2013-4124; (bnc#829969).

- PIDL: fix parsing linemarkers in preprocessor output;

(bso#9636).

- build:autoconf: fix output of syslog-facility check;

(bso#9983).

- libreplace: add a missing "eval" to the

AC_VERIFY_C_PROTOTYPE macro.

- Remove ldapsmb from the main spec file.

- Don't bzip2 the main tar ball, use the upstream gziped

one instead.

- Fix crash bug during Win8 sync; (bso#9822).

- Check for system libtevent and link dbwrap_tool and

dbwrap_torture against it; (bso#9881).

- errno gets overwritten in call to check_parent_exists();

(bso#9927).

- Fix a bug of drvupgrade of smbcontrol; (bso#9941).

- Document idmap_ad...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory denial of service critical samba patch important openSUSE

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 12.2:

zypper in -t patch openSUSE-2013-644

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 12.2 (i586 x86_64):

libnetapi-devel-3.6.7-48.24.1

libnetapi0-3.6.7-48.24.1

libnetapi0-debuginfo-3.6.7-48.24.1

libsmbclient-devel-3.6.7-48.24.1

libsmbclient0-3.6.7-48.24.1

libsmbclient0-debuginfo-3.6.7-48.24.1

libsmbsharemodes-devel-3.6.7-48.24.1

libsmbsharemodes0-3.6.7-48.24.1

libsmbsharemodes0-debuginfo-3.6.7-48.24.1

libwbclient-devel-3.6.7-48.24.1

libwbclient0-3.6.7-48.24.1

libwbclient0-debuginfo-3.6.7-48.24.1

samba-3.6.7-48.24.1

samba-client-3.6.7-48.24.1

samba-client-debuginfo-3.6.7-48.24.1

samba-debuginfo-3.6.7-48.24.1

samba-debugsource-3.6.7-48.24.1

samba-devel-3.6.7-48.24.1

samba-krb-printing-3.6.7-48.24.1

samba-krb-printing-debuginfo-3.6.7-48.24.1

samba-winbind-3.6.7-48.24.1

samba-winbind-debuginfo-3.6.7-48.24.1

- openSUSE 12.2 (x86_64):

libsmbclient0-32bit-3.6.7-48.24.1

libsmbclient0-debuginfo-32bit-3.6.7-48.24.1

libwbclient0-32bit-3.6.7-48.24.1

libwbclient0-debuginfo-32bit-3.6.7-48.24.1

samba-32bit-3.6.7-48.24.1

samba-client-32bit-3.6.7-48.24.1

samba-client-debuginfo-32bit-3.6.7-48.24.1

samba-de...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2013-4124.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2013:1339-1
Rating: important
Affected Products: openSUSE 12.2

Topics%20covered

Topics Covered

security advisory denial of service critical samba patch important openSUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here