Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

openSUSE Leap 42.1 Security Advisory: 2016:0877-1 Important Samba Risks

opensuse
Calendar Grey March 24, 2016
Dist Opensuse Esm H88
A critical patch for samba addresses a significant security flaw and introduces multiple enhancements for openSUSE platforms.
An update that solves one vulnerability and has 6 fixes is An update that solves one vulnerability and has 6 fixes is An update that solves one vulnerability and has 6 fixes is now...

Description

This update for the samba server fixes the following issues:

Security issue fixed:

- CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change

permissions on link target; (bso#11648); (bsc#968222).

Other bugs fixed:

- Enable clustering (CTDB) support; (bsc#966271).

- s3: smbd: Fix timestamp rounding inside SMB2 create; (bso#11703);

(bsc#964023).

- vfs_fruit: Fix renaming directories with open files; (bso#11065).

- Fix MacOS finder error 36 when copying folder to Samba; (bso#11347).

- s3:smbd/oplock: Obey kernel oplock setting when releasing oplocks;

(bso#11400).

- Fix copying files with vfs_fruit when using vfs_streams_xattr without

stream prefix and type suffix; (bso#11466).

- s3:libsmb: Correctly initialize the list head when keeping a list of

primary followed by DFS connections; (bso#11624).

- Reduce the memory footprint of empty string options; (bso#11625).

- lib/async_req: Do not install...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory update samba patch important openSUSE permisssion issue

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.1:

zypper in -t patch openSUSE-2016-399=1

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE Leap 42.1 (i586 x86_64):

ctdb-4.2.4-12.1

ctdb-debuginfo-4.2.4-12.1

ctdb-devel-4.2.4-12.1

ctdb-tests-4.2.4-12.1

ctdb-tests-debuginfo-4.2.4-12.1

libdcerpc-atsvc-devel-4.2.4-12.1

libdcerpc-atsvc0-4.2.4-12.1

libdcerpc-atsvc0-debuginfo-4.2.4-12.1

libdcerpc-binding0-4.2.4-12.1

libdcerpc-binding0-debuginfo-4.2.4-12.1

libdcerpc-devel-4.2.4-12.1

libdcerpc-samr-devel-4.2.4-12.1

libdcerpc-samr0-4.2.4-12.1

libdcerpc-samr0-debuginfo-4.2.4-12.1

libdcerpc0-4.2.4-12.1

libdcerpc0-debuginfo-4.2.4-12.1

libgensec-devel-4.2.4-12.1

libgensec0-4.2.4-12.1

libgensec0-debuginfo-4.2.4-12.1

libndr-devel-4.2.4-12.1

libndr-krb5pac-devel-4.2.4-12.1

libndr-krb5pac0-4.2.4-12.1

libndr-krb5pac0-debuginfo-4.2.4-12.1

libndr-nbt-devel-4.2.4-12.1

libndr-nbt0-4.2.4-12.1

libndr-nbt0-debuginfo-4.2.4-12.1

libndr-standard-devel-4.2.4-12.1

libndr-standard0-4.2.4-12.1

libndr-standard0-debuginfo-4.2.4-12.1

libndr0-4.2.4-12.1

libndr0-debuginfo-4.2.4-12.1

libnetapi-devel-4.2.4-12.1

libnetapi0-4.2.4-12.1

libnetapi0-debuginfo-4.2.4-12.1

libregistry-devel-4.2....

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2015-7560.html

https://bugzilla.suse.com/953382

https://bugzilla.suse.com/953972

https://bugzilla.suse.com/960249

https://bugzilla.suse.com/962177

https://bugzilla.suse.com/964023

https://bugzilla.suse.com/966271

https://bugzilla.suse.com/968222

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2016:0877-1
Rating: important
Affected Products: openSUSE Leap 42.1

Topics%20covered

Topics Covered

security advisory update samba patch important openSUSE permisssion issue

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here