Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 443
Alerts This Week
Warning Icon 1 443

openSUSE Leap 42.2: 2017:1401-1 Important: Samba Remote Code Execution

opensuse
Calendar Grey May 24, 2017
Dist Opensuse Esm H88
Essential openSUSE patch addresses samba vulnerabilities, reducing risks associated with remote code execution due to user privilege exploits.
An update that fixes one vulnerability is now available

Description

This update for samba fixes the following issue:

- An unprivileged user with access to the samba server could cause smbd to

load a specially crafted shared library, which then had the ability to

execute arbitrary code on the server as 'root'. [CVE-2017-7494,

bso#12780, bsc#1038231]

This update was imported from the SUSE:SLE-12-SP2:Update update project.

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.2:

zypper in -t patch openSUSE-2017-613=1

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE Leap 42.2 (i586 x86_64):

ctdb-4.4.2-11.9.1

ctdb-debuginfo-4.4.2-11.9.1

ctdb-tests-4.4.2-11.9.1

ctdb-tests-debuginfo-4.4.2-11.9.1

libdcerpc-binding0-4.4.2-11.9.1

libdcerpc-binding0-debuginfo-4.4.2-11.9.1

libdcerpc-devel-4.4.2-11.9.1

libdcerpc-samr-devel-4.4.2-11.9.1

libdcerpc-samr0-4.4.2-11.9.1

libdcerpc-samr0-debuginfo-4.4.2-11.9.1

libdcerpc0-4.4.2-11.9.1

libdcerpc0-debuginfo-4.4.2-11.9.1

libndr-devel-4.4.2-11.9.1

libndr-krb5pac-devel-4.4.2-11.9.1

libndr-krb5pac0-4.4.2-11.9.1

libndr-krb5pac0-debuginfo-4.4.2-11.9.1

libndr-nbt-devel-4.4.2-11.9.1

libndr-nbt0-4.4.2-11.9.1

libndr-nbt0-debuginfo-4.4.2-11.9.1

libndr-standard-devel-4.4.2-11.9.1

libndr-standard0-4.4.2-11.9.1

libndr-standard0-debuginfo-4.4.2-11.9.1

libndr0-4.4.2-11.9.1

libndr0-debuginfo-4.4.2-11.9.1

libnetapi-devel-4.4.2-11.9.1

libnetapi0-4.4.2-11.9.1

libnetapi0-debuginfo-4.4.2-11.9.1

libsamba-credentials-devel-4.4.2-11.9.1

libsamba-credentials0-4.4.2-11.9.1

libsamba-credentials0-debuginfo-4.4.2-11.9.1

libsamba-errors-devel-4.4.2-11.9.1

libsamba-err...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2017-7494.html

https://bugzilla.suse.com/1038231

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2017:1401-1
Rating: important
Affected Products: openSUSE Leap 42.2 .

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.