Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 591
Alerts This Week
Warning Icon 1 591

openSUSE 42.3: 2017-2311-1 Important: Samba Access Control Issue

opensuse
Calendar Grey August 31, 2017
Dist Opensuse Esm H88
A significant announcement for openSUSE has been made which addresses a particular concern and incorporates seven corrections pertaining to Samba and various resource agents.
An update that solves one vulnerability and has 6 fixes is now available.

Description

This update provides Samba 4.6.7, which fixes the following issues:

- CVE-2017-11103: Metadata were being taken from the unauthenticated

plaintext (the Ticket) rather than the authenticated and encrypted KDC

response. (bsc#1048278)

- Fix cephwrap_chdir(). (bsc#1048790)

- Fix ctdb logs to /var/log/log.ctdb instead of /var/log/ctdb.

(bsc#1048339)

- Fix inconsistent ctdb socket path. (bsc#1048352)

- Fix non-admin cephx authentication. (bsc#1048387)

- CTDB cannot start when there is no persistent database. (bsc#1052577)

The CTDB resource agent was also fixed to not fail when the database is

empty.

This update was imported from the SUSE:SLE-12-SP3:Update update project.

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2017-987=1

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE Leap 42.3 (i586 x86_64):

ctdb-4.6.7+git.38.90b2cdb4f22-3.1

ctdb-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1

ctdb-tests-4.6.7+git.38.90b2cdb4f22-3.1

ctdb-tests-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1

ldirectord-4.0.1+git.1495055229.643177f1-3.1

libdcerpc-binding0-4.6.7+git.38.90b2cdb4f22-3.1

libdcerpc-binding0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1

libdcerpc-devel-4.6.7+git.38.90b2cdb4f22-3.1

libdcerpc-samr-devel-4.6.7+git.38.90b2cdb4f22-3.1

libdcerpc-samr0-4.6.7+git.38.90b2cdb4f22-3.1

libdcerpc-samr0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1

libdcerpc0-4.6.7+git.38.90b2cdb4f22-3.1

libdcerpc0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1

libndr-devel-4.6.7+git.38.90b2cdb4f22-3.1

libndr-krb5pac-devel-4.6.7+git.38.90b2cdb4f22-3.1

libndr-krb5pac0-4.6.7+git.38.90b2cdb4f22-3.1

libndr-krb5pac0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1

libndr-nbt-devel-4.6.7+git.38.90b2cdb4f22-3.1

libndr-nbt0-4.6.7+git.38.90b2cdb4f22-3.1

libndr-nbt0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1

libndr-standard-devel-4.6.7+git.38.90b2cdb4f22-3.1

l...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2017-11103.html

https://bugzilla.suse.com/1048278

https://bugzilla.suse.com/1048339

https://bugzilla.suse.com/1048352

https://bugzilla.suse.com/1048387

https://bugzilla.suse.com/1048790

https://bugzilla.suse.com/1052577

https://bugzilla.suse.com/1054017

--

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2017:2311-1
Rating: important
Affected Products: openSUSE Leap 42.3 le.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.