openSUSE Security Update: Security update for ldb, samba, talloc, tdb, tevent
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2015:2354-1
Rating:             important
References:         #949022 #951660 #954658 #958581 #958582 #958583 
                    #958584 #958585 #958586 
Cross-References:   CVE-2015-3223 CVE-2015-5252 CVE-2015-5296
                    CVE-2015-5299 CVE-2015-5330 CVE-2015-8467
                   
Affected Products:
                    openSUSE Leap 42.1
______________________________________________________________________________

   An update that solves 6 vulnerabilities and has three fixes
   is now available.

Description:


   This update for ldb, samba, talloc, tdb, tevent fixes the following
   security issues and bugs:

   The Samba LDB was updated to version 1.1.24:

   - Fix ldap \00 search expression attack dos; CVE-2015-3223; (bso#11325)
   - Fix remote read memory exploit in ldb; CVE-2015-5330; (bso#11599)
   - Move ldb_(un)pack_data into ldb_module.h for testing
   - Fix installation of _ldb_text.py
   - Fix propagation of ldb errors through tdb
   - Fix bug triggered by having an empty message in database during search

   Samba was updated to fix these issues:

   - Malicious request can cause Samba LDAP server to hang, spinning using
     CPU; CVE-2015-3223; (bso#11325); (bnc#958581).
   - Remote read memory exploit in LDB; CVE-2015-5330; (bso#11599);
     (bnc#958586).
   - Insufficient symlink verification (file access outside the share);
     CVE-2015-5252; (bso#11395); (bnc#958582).
   - No man in the middle protection when forcing smb encryption on the
     client side; CVE-2015-5296; (bso#11536); (bnc#958584).
   - Currently the snapshot browsing is not secure thru windows previous
     version (shadow_copy2); CVE-2015-5299; (bso#11529); (bnc#958583).
   - Fix Microsoft MS15-096 to prevent machine accounts from being changed
     into user accounts; CVE-2015-8467; (bso#11552); (bnc#958585).
   - Changing log level of two entries to from 1 to 3; (bso#9912).
   - vfs_gpfs: Re-enable share modes; (bso#11243).
   - wafsamba: Also build libraries with RELRO protection; (bso#11346).
   - ctdb: Strip trailing spaces from nodes file; (bso#11365).
   - s3-smbd: Fix old DOS client doing wildcard delete - gives a attribute
     type
     of zero; (bso#11452).
   - nss_wins: Do not run into use after free issues when we access memory
     allocated on the globals and the global being reinitialized; (bso#11563).
   - async_req: Fix non-blocking connect(); (bso#11564).
   - auth: gensec: Fix a memory leak; (bso#11565).
   - lib: util: Make non-critical message a warning; (bso#11566).
   - Fix winbindd crashes with samlogon for trusted domain user; (bso#11569);
     (bnc#949022).
   - smbd: Send SMB2 oplock breaks unencrypted; (bso#11570).
   - ctdb: Open the RO tracking db with perms 0600 instead of 0000;
     (bso#11577).
   - manpage: Correct small typo error; (bso#11584).
   - s3: smbd: If EA's are turned off on a share don't allow an SMB2 create
     containing them; (bso#11589).
   - Backport some valgrind fixes from upstream master; (bso#11597).
   - s3: smbd: have_file_open_below() fails to enumerate open files below an
     open directory handle; (bso#11615).
   - docs: Fix some typos in the idmap config section of man 5 smb.conf;
     (bso#11619).
   - Cleanup and enhance the pidl sub package.
   - s3: smbd: Fix our access-based enumeration on "hide unreadable" to match
     Windows; (bso#10252).
   - smbd: Fix file name buflen and padding in notify repsonse; (bso#10634).
   - kerberos: Make sure we only use prompter type when available;
     (bso#11038).
   - s3:ctdbd_conn: Make sure we destroy tevent_fd before closing the socket;
     (bso#11316).
   - dcerpc.idl: accept invalid dcerpc_bind_nak pdus; (bso#11327).
   - Fix a deadlock in tdb; (bso#11381).
   - s3: smbd: Fix mkdir race condition; (bso#11486).
   - pam_winbind: Fix a segfault if initialization fails; (bso#11502).
   - s3: dfs: Fix a crash when the dfs targets are disabled; (bso#11509).
   - s3: smbd: Fix opening/creating :stream files on the root share
     directory; (bso#11522).
   - net: Fix a crash with 'net ads keytab create'; (bso#11528).
   - s3: smbd: Fix a crash in unix_convert() and a NULL pointer bug
     introduced by previous 'raw' stream fix (bso#11522); (bso#11535).
   - vfs_fruit: Return value of ad_pack in vfs_fruit.c; (bso#11543).
   - vfs_commit: Set the fd on open before calling SMB_VFS_FSTAT; (bso#11547).
   - Fix bug in smbstatus where the lease info is not printed; (bso#11549).
   - s3:smbstatus: Add stream name to share_entry_forall(); (bso#11550).
   - Prevent null pointer access in samlogon fallback when security
     credentials are null; (bnc#949022).
   - Fix 100% CPU in winbindd when logging in with "user must change password
     on next logon"; (bso#11038).

   talloc was updated to version 2.1.5; (bsc#954658) (bsc#951660).

   - Test that talloc magic differs between processes.
   - Increment minor version due to added talloc_test_get_magic.
   - Provide tests access to talloc_magic.
   - Test magic protection measures.

   tdb was updated to version 1.3.8; (bsc#954658).

   - Improved python3 bindings

   tevent was updated to 0.9.26; (bsc#954658).

   - New tevent_thread_proxy api
   - Minor build fixes This update was imported from the
     SUSE:SLE-12-SP1:Update update project.


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE Leap 42.1:

      zypper in -t patch openSUSE-2015-943=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE Leap 42.1 (i586 x86_64):

      ldb-debugsource-1.1.24-7.1
      ldb-tools-1.1.24-7.1
      ldb-tools-debuginfo-1.1.24-7.1
      libdcerpc-atsvc-devel-4.2.4-9.2
      libdcerpc-atsvc0-4.2.4-9.2
      libdcerpc-atsvc0-debuginfo-4.2.4-9.2
      libdcerpc-binding0-4.2.4-9.2
      libdcerpc-binding0-debuginfo-4.2.4-9.2
      libdcerpc-devel-4.2.4-9.2
      libdcerpc-samr-devel-4.2.4-9.2
      libdcerpc-samr0-4.2.4-9.2
      libdcerpc-samr0-debuginfo-4.2.4-9.2
      libdcerpc0-4.2.4-9.2
      libdcerpc0-debuginfo-4.2.4-9.2
      libgensec-devel-4.2.4-9.2
      libgensec0-4.2.4-9.2
      libgensec0-debuginfo-4.2.4-9.2
      libldb-devel-1.1.24-7.1
      libldb1-1.1.24-7.1
      libldb1-debuginfo-1.1.24-7.1
      libndr-devel-4.2.4-9.2
      libndr-krb5pac-devel-4.2.4-9.2
      libndr-krb5pac0-4.2.4-9.2
      libndr-krb5pac0-debuginfo-4.2.4-9.2
      libndr-nbt-devel-4.2.4-9.2
      libndr-nbt0-4.2.4-9.2
      libndr-nbt0-debuginfo-4.2.4-9.2
      libndr-standard-devel-4.2.4-9.2
      libndr-standard0-4.2.4-9.2
      libndr-standard0-debuginfo-4.2.4-9.2
      libndr0-4.2.4-9.2
      libndr0-debuginfo-4.2.4-9.2
      libnetapi-devel-4.2.4-9.2
      libnetapi0-4.2.4-9.2
      libnetapi0-debuginfo-4.2.4-9.2
      libregistry-devel-4.2.4-9.2
      libregistry0-4.2.4-9.2
      libregistry0-debuginfo-4.2.4-9.2
      libsamba-credentials-devel-4.2.4-9.2
      libsamba-credentials0-4.2.4-9.2
      libsamba-credentials0-debuginfo-4.2.4-9.2
      libsamba-hostconfig-devel-4.2.4-9.2
      libsamba-hostconfig0-4.2.4-9.2
      libsamba-hostconfig0-debuginfo-4.2.4-9.2
      libsamba-passdb-devel-4.2.4-9.2
      libsamba-passdb0-4.2.4-9.2
      libsamba-passdb0-debuginfo-4.2.4-9.2
      libsamba-policy-devel-4.2.4-9.2
      libsamba-policy0-4.2.4-9.2
      libsamba-policy0-debuginfo-4.2.4-9.2
      libsamba-util-devel-4.2.4-9.2
      libsamba-util0-4.2.4-9.2
      libsamba-util0-debuginfo-4.2.4-9.2
      libsamdb-devel-4.2.4-9.2
      libsamdb0-4.2.4-9.2
      libsamdb0-debuginfo-4.2.4-9.2
      libsmbclient-devel-4.2.4-9.2
      libsmbclient-raw-devel-4.2.4-9.2
      libsmbclient-raw0-4.2.4-9.2
      libsmbclient-raw0-debuginfo-4.2.4-9.2
      libsmbclient0-4.2.4-9.2
      libsmbclient0-debuginfo-4.2.4-9.2
      libsmbconf-devel-4.2.4-9.2
      libsmbconf0-4.2.4-9.2
      libsmbconf0-debuginfo-4.2.4-9.2
      libsmbldap-devel-4.2.4-9.2
      libsmbldap0-4.2.4-9.2
      libsmbldap0-debuginfo-4.2.4-9.2
      libtalloc-devel-2.1.5-7.1
      libtalloc2-2.1.5-7.1
      libtalloc2-debuginfo-2.1.5-7.1
      libtdb-devel-1.3.8-7.1
      libtdb1-1.3.8-7.1
      libtdb1-debuginfo-1.3.8-7.1
      libtevent-devel-0.9.26-7.1
      libtevent-util-devel-4.2.4-9.2
      libtevent-util0-4.2.4-9.2
      libtevent-util0-debuginfo-4.2.4-9.2
      libtevent0-0.9.26-7.1
      libtevent0-debuginfo-0.9.26-7.1
      libwbclient-devel-4.2.4-9.2
      libwbclient0-4.2.4-9.2
      libwbclient0-debuginfo-4.2.4-9.2
      pyldb-1.1.24-7.1
      pyldb-debuginfo-1.1.24-7.1
      pyldb-devel-1.1.24-7.1
      pytalloc-2.1.5-7.1
      pytalloc-debuginfo-2.1.5-7.1
      pytalloc-devel-2.1.5-7.1
      python-tdb-1.3.8-7.1
      python-tdb-debuginfo-1.3.8-7.1
      python-tevent-0.9.26-7.1
      python-tevent-debuginfo-0.9.26-7.1
      samba-4.2.4-9.2
      samba-client-4.2.4-9.2
      samba-client-debuginfo-4.2.4-9.2
      samba-core-devel-4.2.4-9.2
      samba-debuginfo-4.2.4-9.2
      samba-debugsource-4.2.4-9.2
      samba-libs-4.2.4-9.2
      samba-libs-debuginfo-4.2.4-9.2
      samba-pidl-4.2.4-9.2
      samba-python-4.2.4-9.2
      samba-python-debuginfo-4.2.4-9.2
      samba-test-4.2.4-9.2
      samba-test-debuginfo-4.2.4-9.2
      samba-test-devel-4.2.4-9.2
      samba-winbind-4.2.4-9.2
      samba-winbind-debuginfo-4.2.4-9.2
      talloc-debugsource-2.1.5-7.1
      tdb-debugsource-1.3.8-7.1
      tdb-tools-1.3.8-7.1
      tdb-tools-debuginfo-1.3.8-7.1
      tevent-debugsource-0.9.26-7.1

   - openSUSE Leap 42.1 (x86_64):

      libdcerpc-atsvc0-32bit-4.2.4-9.2
      libdcerpc-atsvc0-debuginfo-32bit-4.2.4-9.2
      libdcerpc-binding0-32bit-4.2.4-9.2
      libdcerpc-binding0-debuginfo-32bit-4.2.4-9.2
      libdcerpc-samr0-32bit-4.2.4-9.2
      libdcerpc-samr0-debuginfo-32bit-4.2.4-9.2
      libdcerpc0-32bit-4.2.4-9.2
      libdcerpc0-debuginfo-32bit-4.2.4-9.2
      libgensec0-32bit-4.2.4-9.2
      libgensec0-debuginfo-32bit-4.2.4-9.2
      libldb1-32bit-1.1.24-7.1
      libldb1-debuginfo-32bit-1.1.24-7.1
      libndr-krb5pac0-32bit-4.2.4-9.2
      libndr-krb5pac0-debuginfo-32bit-4.2.4-9.2
      libndr-nbt0-32bit-4.2.4-9.2
      libndr-nbt0-debuginfo-32bit-4.2.4-9.2
      libndr-standard0-32bit-4.2.4-9.2
      libndr-standard0-debuginfo-32bit-4.2.4-9.2
      libndr0-32bit-4.2.4-9.2
      libndr0-debuginfo-32bit-4.2.4-9.2
      libnetapi0-32bit-4.2.4-9.2
      libnetapi0-debuginfo-32bit-4.2.4-9.2
      libregistry0-32bit-4.2.4-9.2
      libregistry0-debuginfo-32bit-4.2.4-9.2
      libsamba-credentials0-32bit-4.2.4-9.2
      libsamba-credentials0-debuginfo-32bit-4.2.4-9.2
      libsamba-hostconfig0-32bit-4.2.4-9.2
      libsamba-hostconfig0-debuginfo-32bit-4.2.4-9.2
      libsamba-passdb0-32bit-4.2.4-9.2
      libsamba-passdb0-debuginfo-32bit-4.2.4-9.2
      libsamba-policy0-32bit-4.2.4-9.2
      libsamba-policy0-debuginfo-32bit-4.2.4-9.2
      libsamba-util0-32bit-4.2.4-9.2
      libsamba-util0-debuginfo-32bit-4.2.4-9.2
      libsamdb0-32bit-4.2.4-9.2
      libsamdb0-debuginfo-32bit-4.2.4-9.2
      libsmbclient-raw0-32bit-4.2.4-9.2
      libsmbclient-raw0-debuginfo-32bit-4.2.4-9.2
      libsmbclient0-32bit-4.2.4-9.2
      libsmbclient0-debuginfo-32bit-4.2.4-9.2
      libsmbconf0-32bit-4.2.4-9.2
      libsmbconf0-debuginfo-32bit-4.2.4-9.2
      libsmbldap0-32bit-4.2.4-9.2
      libsmbldap0-debuginfo-32bit-4.2.4-9.2
      libtalloc2-32bit-2.1.5-7.1
      libtalloc2-debuginfo-32bit-2.1.5-7.1
      libtdb1-32bit-1.3.8-7.1
      libtdb1-debuginfo-32bit-1.3.8-7.1
      libtevent-util0-32bit-4.2.4-9.2
      libtevent-util0-debuginfo-32bit-4.2.4-9.2
      libtevent0-32bit-0.9.26-7.1
      libtevent0-debuginfo-32bit-0.9.26-7.1
      libwbclient0-32bit-4.2.4-9.2
      libwbclient0-debuginfo-32bit-4.2.4-9.2
      pyldb-32bit-1.1.24-7.1
      pyldb-debuginfo-32bit-1.1.24-7.1
      pytalloc-32bit-2.1.5-7.1
      pytalloc-debuginfo-32bit-2.1.5-7.1
      python-tdb-32bit-1.3.8-7.1
      python-tdb-debuginfo-32bit-1.3.8-7.1
      python-tevent-32bit-0.9.26-7.1
      python-tevent-debuginfo-32bit-0.9.26-7.1
      samba-32bit-4.2.4-9.2
      samba-client-32bit-4.2.4-9.2
      samba-client-debuginfo-32bit-4.2.4-9.2
      samba-debuginfo-32bit-4.2.4-9.2
      samba-libs-32bit-4.2.4-9.2
      samba-libs-debuginfo-32bit-4.2.4-9.2
      samba-winbind-32bit-4.2.4-9.2
      samba-winbind-debuginfo-32bit-4.2.4-9.2

   - openSUSE Leap 42.1 (noarch):

      samba-doc-4.2.4-9.2


References:

   https://www.suse.com/security/cve/CVE-2015-3223.html
   https://www.suse.com/security/cve/CVE-2015-5252.html
   https://www.suse.com/security/cve/CVE-2015-5296.html
   https://www.suse.com/security/cve/CVE-2015-5299.html
   https://www.suse.com/security/cve/CVE-2015-5330.html
   https://www.suse.com/security/cve/CVE-2015-8467.html
   https://bugzilla.suse.com/949022
   https://bugzilla.suse.com/951660
   https://bugzilla.suse.com/954658
   https://bugzilla.suse.com/958581
   https://bugzilla.suse.com/958582
   https://bugzilla.suse.com/958583
   https://bugzilla.suse.com/958584
   https://bugzilla.suse.com/958585
   https://bugzilla.suse.com/958586

openSUSE: 2015:2354-1: important: ldb, samba, talloc, tdb, tevent

December 24, 2015
An update that solves 6 vulnerabilities and has three fixes An update that solves 6 vulnerabilities and has three fixes An update that solves 6 vulnerabilities and has three fixes ...

Description

This update for ldb, samba, talloc, tdb, tevent fixes the following security issues and bugs: The Samba LDB was updated to version 1.1.24: - Fix ldap \00 search expression attack dos; CVE-2015-3223; (bso#11325) - Fix remote read memory exploit in ldb; CVE-2015-5330; (bso#11599) - Move ldb_(un)pack_data into ldb_module.h for testing - Fix installation of _ldb_text.py - Fix propagation of ldb errors through tdb - Fix bug triggered by having an empty message in database during search Samba was updated to fix these issues: - Malicious request can cause Samba LDAP server to hang, spinning using CPU; CVE-2015-3223; (bso#11325); (bnc#958581). - Remote read memory exploit in LDB; CVE-2015-5330; (bso#11599); (bnc#958586). - Insufficient symlink verification (file access outside the share); CVE-2015-5252; (bso#11395); (bnc#958582). - No man in the middle protection when forcing smb encryption on the client side; CVE-2015-5296; (bso#11536); (bnc#958584). - Currently the snapshot browsing is not secure thru windows previous version (shadow_copy2); CVE-2015-5299; (bso#11529); (bnc#958583). - Fix Microsoft MS15-096 to prevent machine accounts from being changed into user accounts; CVE-2015-8467; (bso#11552); (bnc#958585). - Changing log level of two entries to from 1 to 3; (bso#9912). - vfs_gpfs: Re-enable share modes; (bso#11243). - wafsamba: Also build libraries with RELRO protection; (bso#11346). - ctdb: Strip trailing spaces from nodes file; (bso#11365). - s3-smbd: Fix old DOS client doing wildcard delete - gives a attribute type of zero; (bso#11452). - nss_wins: Do not run into use after free issues when we access memory allocated on the globals and the global being reinitialized; (bso#11563). - async_req: Fix non-blocking connect(); (bso#11564). - auth: gensec: Fix a memory leak; (bso#11565). - lib: util: Make non-critical message a warning; (bso#11566). - Fix winbindd crashes with samlogon for trusted domain user; (bso#11569); (bnc#949022). - smbd: Send SMB2 oplock breaks unencrypted; (bso#11570). - ctdb: Open the RO tracking db with perms 0600 instead of 0000; (bso#11577). - manpage: Correct small typo error; (bso#11584). - s3: smbd: If EA's are turned off on a share don't allow an SMB2 create containing them; (bso#11589). - Backport some valgrind fixes from upstream master; (bso#11597). - s3: smbd: have_file_open_below() fails to enumerate open files below an open directory handle; (bso#11615). - docs: Fix some typos in the idmap config section of man 5 smb.conf; (bso#11619). - Cleanup and enhance the pidl sub package. - s3: smbd: Fix our access-based enumeration on "hide unreadable" to match Windows; (bso#10252). - smbd: Fix file name buflen and padding in notify repsonse; (bso#10634). - kerberos: Make sure we only use prompter type when available; (bso#11038). - s3:ctdbd_conn: Make sure we destroy tevent_fd before closing the socket; (bso#11316). - dcerpc.idl: accept invalid dcerpc_bind_nak pdus; (bso#11327). - Fix a deadlock in tdb; (bso#11381). - s3: smbd: Fix mkdir race condition; (bso#11486). - pam_winbind: Fix a segfault if initialization fails; (bso#11502). - s3: dfs: Fix a crash when the dfs targets are disabled; (bso#11509). - s3: smbd: Fix opening/creating :stream files on the root share directory; (bso#11522). - net: Fix a crash with 'net ads keytab create'; (bso#11528). - s3: smbd: Fix a crash in unix_convert() and a NULL pointer bug introduced by previous 'raw' stream fix (bso#11522); (bso#11535). - vfs_fruit: Return value of ad_pack in vfs_fruit.c; (bso#11543). - vfs_commit: Set the fd on open before calling SMB_VFS_FSTAT; (bso#11547). - Fix bug in smbstatus where the lease info is not printed; (bso#11549). - s3:smbstatus: Add stream name to share_entry_forall(); (bso#11550). - Prevent null pointer access in samlogon fallback when security credentials are null; (bnc#949022). - Fix 100% CPU in winbindd when logging in with "user must change password on next logon"; (bso#11038). talloc was updated to version 2.1.5; (bsc#954658) (bsc#951660). - Test that talloc magic differs between processes. - Increment minor version due to added talloc_test_get_magic. - Provide tests access to talloc_magic. - Test magic protection measures. tdb was updated to version 1.3.8; (bsc#954658). - Improved python3 bindings tevent was updated to 0.9.26; (bsc#954658). - New tevent_thread_proxy api - Minor build fixes This update was imported from the SUSE:SLE-12-SP1:Update update project.

 

Patch

Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2015-943=1 To bring your system up-to-date, use "zypper patch".


Package List

- openSUSE Leap 42.1 (i586 x86_64): ldb-debugsource-1.1.24-7.1 ldb-tools-1.1.24-7.1 ldb-tools-debuginfo-1.1.24-7.1 libdcerpc-atsvc-devel-4.2.4-9.2 libdcerpc-atsvc0-4.2.4-9.2 libdcerpc-atsvc0-debuginfo-4.2.4-9.2 libdcerpc-binding0-4.2.4-9.2 libdcerpc-binding0-debuginfo-4.2.4-9.2 libdcerpc-devel-4.2.4-9.2 libdcerpc-samr-devel-4.2.4-9.2 libdcerpc-samr0-4.2.4-9.2 libdcerpc-samr0-debuginfo-4.2.4-9.2 libdcerpc0-4.2.4-9.2 libdcerpc0-debuginfo-4.2.4-9.2 libgensec-devel-4.2.4-9.2 libgensec0-4.2.4-9.2 libgensec0-debuginfo-4.2.4-9.2 libldb-devel-1.1.24-7.1 libldb1-1.1.24-7.1 libldb1-debuginfo-1.1.24-7.1 libndr-devel-4.2.4-9.2 libndr-krb5pac-devel-4.2.4-9.2 libndr-krb5pac0-4.2.4-9.2 libndr-krb5pac0-debuginfo-4.2.4-9.2 libndr-nbt-devel-4.2.4-9.2 libndr-nbt0-4.2.4-9.2 libndr-nbt0-debuginfo-4.2.4-9.2 libndr-standard-devel-4.2.4-9.2 libndr-standard0-4.2.4-9.2 libndr-standard0-debuginfo-4.2.4-9.2 libndr0-4.2.4-9.2 libndr0-debuginfo-4.2.4-9.2 libnetapi-devel-4.2.4-9.2 libnetapi0-4.2.4-9.2 libnetapi0-debuginfo-4.2.4-9.2 libregistry-devel-4.2.4-9.2 libregistry0-4.2.4-9.2 libregistry0-debuginfo-4.2.4-9.2 libsamba-credentials-devel-4.2.4-9.2 libsamba-credentials0-4.2.4-9.2 libsamba-credentials0-debuginfo-4.2.4-9.2 libsamba-hostconfig-devel-4.2.4-9.2 libsamba-hostconfig0-4.2.4-9.2 libsamba-hostconfig0-debuginfo-4.2.4-9.2 libsamba-passdb-devel-4.2.4-9.2 libsamba-passdb0-4.2.4-9.2 libsamba-passdb0-debuginfo-4.2.4-9.2 libsamba-policy-devel-4.2.4-9.2 libsamba-policy0-4.2.4-9.2 libsamba-policy0-debuginfo-4.2.4-9.2 libsamba-util-devel-4.2.4-9.2 libsamba-util0-4.2.4-9.2 libsamba-util0-debuginfo-4.2.4-9.2 libsamdb-devel-4.2.4-9.2 libsamdb0-4.2.4-9.2 libsamdb0-debuginfo-4.2.4-9.2 libsmbclient-devel-4.2.4-9.2 libsmbclient-raw-devel-4.2.4-9.2 libsmbclient-raw0-4.2.4-9.2 libsmbclient-raw0-debuginfo-4.2.4-9.2 libsmbclient0-4.2.4-9.2 libsmbclient0-debuginfo-4.2.4-9.2 libsmbconf-devel-4.2.4-9.2 libsmbconf0-4.2.4-9.2 libsmbconf0-debuginfo-4.2.4-9.2 libsmbldap-devel-4.2.4-9.2 libsmbldap0-4.2.4-9.2 libsmbldap0-debuginfo-4.2.4-9.2 libtalloc-devel-2.1.5-7.1 libtalloc2-2.1.5-7.1 libtalloc2-debuginfo-2.1.5-7.1 libtdb-devel-1.3.8-7.1 libtdb1-1.3.8-7.1 libtdb1-debuginfo-1.3.8-7.1 libtevent-devel-0.9.26-7.1 libtevent-util-devel-4.2.4-9.2 libtevent-util0-4.2.4-9.2 libtevent-util0-debuginfo-4.2.4-9.2 libtevent0-0.9.26-7.1 libtevent0-debuginfo-0.9.26-7.1 libwbclient-devel-4.2.4-9.2 libwbclient0-4.2.4-9.2 libwbclient0-debuginfo-4.2.4-9.2 pyldb-1.1.24-7.1 pyldb-debuginfo-1.1.24-7.1 pyldb-devel-1.1.24-7.1 pytalloc-2.1.5-7.1 pytalloc-debuginfo-2.1.5-7.1 pytalloc-devel-2.1.5-7.1 python-tdb-1.3.8-7.1 python-tdb-debuginfo-1.3.8-7.1 python-tevent-0.9.26-7.1 python-tevent-debuginfo-0.9.26-7.1 samba-4.2.4-9.2 samba-client-4.2.4-9.2 samba-client-debuginfo-4.2.4-9.2 samba-core-devel-4.2.4-9.2 samba-debuginfo-4.2.4-9.2 samba-debugsource-4.2.4-9.2 samba-libs-4.2.4-9.2 samba-libs-debuginfo-4.2.4-9.2 samba-pidl-4.2.4-9.2 samba-python-4.2.4-9.2 samba-python-debuginfo-4.2.4-9.2 samba-test-4.2.4-9.2 samba-test-debuginfo-4.2.4-9.2 samba-test-devel-4.2.4-9.2 samba-winbind-4.2.4-9.2 samba-winbind-debuginfo-4.2.4-9.2 talloc-debugsource-2.1.5-7.1 tdb-debugsource-1.3.8-7.1 tdb-tools-1.3.8-7.1 tdb-tools-debuginfo-1.3.8-7.1 tevent-debugsource-0.9.26-7.1 - openSUSE Leap 42.1 (x86_64): libdcerpc-atsvc0-32bit-4.2.4-9.2 libdcerpc-atsvc0-debuginfo-32bit-4.2.4-9.2 libdcerpc-binding0-32bit-4.2.4-9.2 libdcerpc-binding0-debuginfo-32bit-4.2.4-9.2 libdcerpc-samr0-32bit-4.2.4-9.2 libdcerpc-samr0-debuginfo-32bit-4.2.4-9.2 libdcerpc0-32bit-4.2.4-9.2 libdcerpc0-debuginfo-32bit-4.2.4-9.2 libgensec0-32bit-4.2.4-9.2 libgensec0-debuginfo-32bit-4.2.4-9.2 libldb1-32bit-1.1.24-7.1 libldb1-debuginfo-32bit-1.1.24-7.1 libndr-krb5pac0-32bit-4.2.4-9.2 libndr-krb5pac0-debuginfo-32bit-4.2.4-9.2 libndr-nbt0-32bit-4.2.4-9.2 libndr-nbt0-debuginfo-32bit-4.2.4-9.2 libndr-standard0-32bit-4.2.4-9.2 libndr-standard0-debuginfo-32bit-4.2.4-9.2 libndr0-32bit-4.2.4-9.2 libndr0-debuginfo-32bit-4.2.4-9.2 libnetapi0-32bit-4.2.4-9.2 libnetapi0-debuginfo-32bit-4.2.4-9.2 libregistry0-32bit-4.2.4-9.2 libregistry0-debuginfo-32bit-4.2.4-9.2 libsamba-credentials0-32bit-4.2.4-9.2 libsamba-credentials0-debuginfo-32bit-4.2.4-9.2 libsamba-hostconfig0-32bit-4.2.4-9.2 libsamba-hostconfig0-debuginfo-32bit-4.2.4-9.2 libsamba-passdb0-32bit-4.2.4-9.2 libsamba-passdb0-debuginfo-32bit-4.2.4-9.2 libsamba-policy0-32bit-4.2.4-9.2 libsamba-policy0-debuginfo-32bit-4.2.4-9.2 libsamba-util0-32bit-4.2.4-9.2 libsamba-util0-debuginfo-32bit-4.2.4-9.2 libsamdb0-32bit-4.2.4-9.2 libsamdb0-debuginfo-32bit-4.2.4-9.2 libsmbclient-raw0-32bit-4.2.4-9.2 libsmbclient-raw0-debuginfo-32bit-4.2.4-9.2 libsmbclient0-32bit-4.2.4-9.2 libsmbclient0-debuginfo-32bit-4.2.4-9.2 libsmbconf0-32bit-4.2.4-9.2 libsmbconf0-debuginfo-32bit-4.2.4-9.2 libsmbldap0-32bit-4.2.4-9.2 libsmbldap0-debuginfo-32bit-4.2.4-9.2 libtalloc2-32bit-2.1.5-7.1 libtalloc2-debuginfo-32bit-2.1.5-7.1 libtdb1-32bit-1.3.8-7.1 libtdb1-debuginfo-32bit-1.3.8-7.1 libtevent-util0-32bit-4.2.4-9.2 libtevent-util0-debuginfo-32bit-4.2.4-9.2 libtevent0-32bit-0.9.26-7.1 libtevent0-debuginfo-32bit-0.9.26-7.1 libwbclient0-32bit-4.2.4-9.2 libwbclient0-debuginfo-32bit-4.2.4-9.2 pyldb-32bit-1.1.24-7.1 pyldb-debuginfo-32bit-1.1.24-7.1 pytalloc-32bit-2.1.5-7.1 pytalloc-debuginfo-32bit-2.1.5-7.1 python-tdb-32bit-1.3.8-7.1 python-tdb-debuginfo-32bit-1.3.8-7.1 python-tevent-32bit-0.9.26-7.1 python-tevent-debuginfo-32bit-0.9.26-7.1 samba-32bit-4.2.4-9.2 samba-client-32bit-4.2.4-9.2 samba-client-debuginfo-32bit-4.2.4-9.2 samba-debuginfo-32bit-4.2.4-9.2 samba-libs-32bit-4.2.4-9.2 samba-libs-debuginfo-32bit-4.2.4-9.2 samba-winbind-32bit-4.2.4-9.2 samba-winbind-debuginfo-32bit-4.2.4-9.2 - openSUSE Leap 42.1 (noarch): samba-doc-4.2.4-9.2


References

https://www.suse.com/security/cve/CVE-2015-3223.html https://www.suse.com/security/cve/CVE-2015-5252.html https://www.suse.com/security/cve/CVE-2015-5296.html https://www.suse.com/security/cve/CVE-2015-5299.html https://www.suse.com/security/cve/CVE-2015-5330.html https://www.suse.com/security/cve/CVE-2015-8467.html https://bugzilla.suse.com/949022 https://bugzilla.suse.com/951660 https://bugzilla.suse.com/954658 https://bugzilla.suse.com/958581 https://bugzilla.suse.com/958582 https://bugzilla.suse.com/958583 https://bugzilla.suse.com/958584 https://bugzilla.suse.com/958585 https://bugzilla.suse.com/958586


Severity
Announcement ID: openSUSE-SU-2015:2354-1
Rating: important
Affected Products: openSUSE Leap 42.1

Related News

Google Chrome 129: Addressing Crucial Vulnerabilities and Enhancing Security
2 - 4 min read
Google Chrome remains the crown jewel in the browser market, with an impressive user base of approximately 3.45 billion. However, this immense
Fighting Back Against Hadooken Malware by Strengthening WebLogic Security
2 - 4 min read
Cybercriminals have been relentlessly attacking the digital landscape, aiming to exploit vulnerabilities in well-known systems. One such exploit is
CISA Sounds Alarm on Newly Exploited Vulnerabilities: Is Your System at Risk?
3 - 5 min read
CISA regularly publishes updates regarding vulnerabilities that present severe threats to global cybersecurity. Recently, CISA added three
Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved