openSUSE Security Update: update for samba
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2013:1349-1
Rating:             important
References:         #765270 #798856 #804822 #806501 #812929 #816647 
                    #817919 #820531 #821889 #823549 #824833 #829969 
                    
Cross-References:   CVE-2013-4124
Affected Products:
                    openSUSE 12.3
______________________________________________________________________________

   An update that solves one vulnerability and has 11 fixes is
   now available.

Description:

   This update of samba fixed the following issues:

   - The pam_winbind require_membership_of option allows for a
   list of SID, but currently only provides buffer space for
   ~20; (bnc#806501).

   - Samba 3.0.x to 4.0.7 are affected by a denial of service
   attack on authenticated or guest connections;
   CVE-2013-4124; (bnc#829969).

   - PIDL: fix parsing linemarkers in preprocessor output;
   (bso#9636).
   - build:autoconf: fix output of syslog-facility check;
   (bso#9983).
   - libreplace: add a missing "eval" to the
   AC_VERIFY_C_PROTOTYPE macro.

   - Remove ldapsmb from the main spec file.

   - Don't bzip2 the main tar ball, use the upstream gziped
   one instead.

   - Fix crash bug during Win8 sync; (bso#9822).
   - Check for system libtevent and link dbwrap_tool and
   dbwrap_torture against it; (bso#9881).
   - errno gets overwritten in call to check_parent_exists();
   (bso#9927).
   - Fix a bug of drvupgrade of smbcontrol; (bso#9941).

   - Document idmap_ad rfc2307 attribute requirements;
   (bso#9880); (bnc#820531).

   - Don't package the SWAT man page while its build is
   disabled; (bnc#816647).

   - Don't install the tdb utilities man pages on post-12.1
   systems; (bnc#823549).

   - Fix libreplace license ambiguity; (bso#8997);
   (bnc#765270).

   - s3-docs: Remove "experimental" label on "max
   protocol=SMB2" parameter; (bso#9688).
   - Remove the compound_related_in_progress state from the
   smb2 global state; (bso#9722).
   - Makefile: Don't know how to make LIBNDR_PREG_OBJ;
   (bso#9868).

   - Fix is_printer_published GUID retrieval; (bso#9900);
   (bnc#798856).

   - Fix 'map untrusted to domain' with NTLMv2; (bso#9817);
   (bnc#817919).
   - Don't modify the pidfile name when a custom config file
   path is used; (bnc#812929).

   - Add extra attributes for AD printer publishing;
   (bso#9378); (bnc#798856).
   - Fix vfs_catia module; (bso#9701); (bnc#824833). systems;
   (bnc#804822); (bnc#821889).

   - Fix AD printer publishing; (bso#9378); (bnc#798856).


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 12.3:

      zypper in -t patch openSUSE-2013-651

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 12.3 (i586 x86_64):

      libnetapi-devel-3.6.12-59.9.1
      libnetapi0-3.6.12-59.9.1
      libnetapi0-debuginfo-3.6.12-59.9.1
      libsmbclient-devel-3.6.12-59.9.1
      libsmbclient0-3.6.12-59.9.1
      libsmbclient0-debuginfo-3.6.12-59.9.1
      libsmbsharemodes-devel-3.6.12-59.9.1
      libsmbsharemodes0-3.6.12-59.9.1
      libsmbsharemodes0-debuginfo-3.6.12-59.9.1
      libwbclient-devel-3.6.12-59.9.1
      libwbclient0-3.6.12-59.9.1
      libwbclient0-debuginfo-3.6.12-59.9.1
      samba-3.6.12-59.9.1
      samba-client-3.6.12-59.9.1
      samba-client-debuginfo-3.6.12-59.9.1
      samba-debuginfo-3.6.12-59.9.1
      samba-debugsource-3.6.12-59.9.1
      samba-devel-3.6.12-59.9.1
      samba-krb-printing-3.6.12-59.9.1
      samba-krb-printing-debuginfo-3.6.12-59.9.1
      samba-winbind-3.6.12-59.9.1
      samba-winbind-debuginfo-3.6.12-59.9.1

   - openSUSE 12.3 (x86_64):

      libsmbclient0-32bit-3.6.12-59.9.1
      libsmbclient0-debuginfo-32bit-3.6.12-59.9.1
      libwbclient0-32bit-3.6.12-59.9.1
      libwbclient0-debuginfo-32bit-3.6.12-59.9.1
      samba-32bit-3.6.12-59.9.1
      samba-client-32bit-3.6.12-59.9.1
      samba-client-debuginfo-32bit-3.6.12-59.9.1
      samba-debuginfo-32bit-3.6.12-59.9.1
      samba-winbind-32bit-3.6.12-59.9.1
      samba-winbind-debuginfo-32bit-3.6.12-59.9.1

   - openSUSE 12.3 (noarch):

      samba-doc-3.6.12-59.9.1


References:

   https://www.suse.com/security/cve/CVE-2013-4124.html
   https://bugzilla.novell.com/765270
   https://bugzilla.novell.com/798856
   https://bugzilla.novell.com/804822
   https://bugzilla.novell.com/806501
   https://bugzilla.novell.com/812929
   https://bugzilla.novell.com/816647
   https://bugzilla.novell.com/817919
   https://bugzilla.novell.com/820531
   https://bugzilla.novell.com/821889
   https://bugzilla.novell.com/823549
   https://bugzilla.novell.com/824833
   https://bugzilla.novell.com/829969

openSUSE: 2013:1349-1: important: samba

August 16, 2013
An update that solves one vulnerability and has 11 fixes is An update that solves one vulnerability and has 11 fixes is An update that solves one vulnerability and has 11 fixes is ...

Description

This update of samba fixed the following issues: - The pam_winbind require_membership_of option allows for a list of SID, but currently only provides buffer space for ~20; (bnc#806501). - Samba 3.0.x to 4.0.7 are affected by a denial of service attack on authenticated or guest connections; CVE-2013-4124; (bnc#829969). - PIDL: fix parsing linemarkers in preprocessor output; (bso#9636). - build:autoconf: fix output of syslog-facility check; (bso#9983). - libreplace: add a missing "eval" to the AC_VERIFY_C_PROTOTYPE macro. - Remove ldapsmb from the main spec file. - Don't bzip2 the main tar ball, use the upstream gziped one instead. - Fix crash bug during Win8 sync; (bso#9822). - Check for system libtevent and link dbwrap_tool and dbwrap_torture against it; (bso#9881). - errno gets overwritten in call to check_parent_exists(); (bso#9927). - Fix a bug of drvupgrade of smbcontrol; (bso#9941). - Document idmap_ad rfc2307 attribute requirements; (bso#9880); (bnc#820531). - Don't package the SWAT man page while its build is disabled; (bnc#816647). - Don't install the tdb utilities man pages on post-12.1 systems; (bnc#823549). - Fix libreplace license ambiguity; (bso#8997); (bnc#765270). - s3-docs: Remove "experimental" label on "max protocol=SMB2" parameter; (bso#9688). - Remove the compound_related_in_progress state from the smb2 global state; (bso#9722). - Makefile: Don't know how to make LIBNDR_PREG_OBJ; (bso#9868). - Fix is_printer_published GUID retrieval; (bso#9900); (bnc#798856). - Fix 'map untrusted to domain' with NTLMv2; (bso#9817); (bnc#817919). - Don't modify the pidfile name when a custom config file path is used; (bnc#812929). - Add extra attributes for AD printer publishing; (bso#9378); (bnc#798856). - Fix vfs_catia module; (bso#9701); (bnc#824833). systems; (bnc#804822); (bnc#821889). - Fix AD printer publishing; (bso#9378); (bnc#798856).

 

Patch

Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 12.3: zypper in -t patch openSUSE-2013-651 To bring your system up-to-date, use "zypper patch".


Package List

- openSUSE 12.3 (i586 x86_64): libnetapi-devel-3.6.12-59.9.1 libnetapi0-3.6.12-59.9.1 libnetapi0-debuginfo-3.6.12-59.9.1 libsmbclient-devel-3.6.12-59.9.1 libsmbclient0-3.6.12-59.9.1 libsmbclient0-debuginfo-3.6.12-59.9.1 libsmbsharemodes-devel-3.6.12-59.9.1 libsmbsharemodes0-3.6.12-59.9.1 libsmbsharemodes0-debuginfo-3.6.12-59.9.1 libwbclient-devel-3.6.12-59.9.1 libwbclient0-3.6.12-59.9.1 libwbclient0-debuginfo-3.6.12-59.9.1 samba-3.6.12-59.9.1 samba-client-3.6.12-59.9.1 samba-client-debuginfo-3.6.12-59.9.1 samba-debuginfo-3.6.12-59.9.1 samba-debugsource-3.6.12-59.9.1 samba-devel-3.6.12-59.9.1 samba-krb-printing-3.6.12-59.9.1 samba-krb-printing-debuginfo-3.6.12-59.9.1 samba-winbind-3.6.12-59.9.1 samba-winbind-debuginfo-3.6.12-59.9.1 - openSUSE 12.3 (x86_64): libsmbclient0-32bit-3.6.12-59.9.1 libsmbclient0-debuginfo-32bit-3.6.12-59.9.1 libwbclient0-32bit-3.6.12-59.9.1 libwbclient0-debuginfo-32bit-3.6.12-59.9.1 samba-32bit-3.6.12-59.9.1 samba-client-32bit-3.6.12-59.9.1 samba-client-debuginfo-32bit-3.6.12-59.9.1 samba-debuginfo-32bit-3.6.12-59.9.1 samba-winbind-32bit-3.6.12-59.9.1 samba-winbind-debuginfo-32bit-3.6.12-59.9.1 - openSUSE 12.3 (noarch): samba-doc-3.6.12-59.9.1


References

https://www.suse.com/security/cve/CVE-2013-4124.html https://bugzilla.novell.com/765270 https://bugzilla.novell.com/798856 https://bugzilla.novell.com/804822 https://bugzilla.novell.com/806501 https://bugzilla.novell.com/812929 https://bugzilla.novell.com/816647 https://bugzilla.novell.com/817919 https://bugzilla.novell.com/820531 https://bugzilla.novell.com/821889 https://bugzilla.novell.com/823549 https://bugzilla.novell.com/824833 https://bugzilla.novell.com/829969


Severity
Announcement ID: openSUSE-SU-2013:1349-1
Rating: important
Affected Products: openSUSE 12.3

Related News

Fighting Back Against Hadooken Malware by Strengthening WebLogic Security
2 - 4 min read
Cybercriminals have been relentlessly attacking the digital landscape, aiming to exploit vulnerabilities in well-known systems. One such exploit is
CISA Sounds Alarm on Newly Exploited Vulnerabilities: Is Your System at Risk?
3 - 5 min read
CISA regularly publishes updates regarding vulnerabilities that present severe threats to global cybersecurity. Recently, CISA added three
Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power
8 Expert-Recommended Security Practices to Fortify Your Linux Systems
4 - 8 min read
As a Linux admin or an infosec professional, you understand how the security landscape changes due to evolving threats, newly discovered

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved