Explore top 10 tips to secure your open-source projects now. Read More
×
This update for samba fixes the following issues:
Security issues fixed:
- CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP
server via dirsync (bsc#1154598).
- CVE-2019-10218: Client code can return filenames containing path
separators (bsc#1144902).
- CVE-2019-14833: Fixed Accent with "check script password" where the
Samba AD DC check password script does not receive the full password
(bsc#1154289).
Other issues fixed:
- Fix vfs_ceph realpath (bsc#1134452).
- MacOS credit accounting breaks with async SESSION SETUP (bsc#1125601).
- Mac OS X SMB2 implmenetation sees Input/output error or Resource
temporarily unavailable and drops connection
- Explicitly enable libcephfs POSIX ACL support (bsc#1130245).
- Fix vfs_ceph ftruncate and fallocate handling (bsc#1127153). This update
was imported from the SUSE:SLE-15:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.0:
zypper in -t patch openSUSE-2019-2458=1
- openSUSE Leap 15.0 (i586 x86_64):
ctdb-4.7.11+git.186.d75219614c3-lp150.3.18.2
ctdb-debuginfo-4.7.11+git.186.d75219614c3-lp150.3.18.2
ctdb-pcp-pmda-4.7.11+git.186.d75219614c3-lp150.3.18.2
ctdb-pcp-pmda-debuginfo-4.7.11+git.186.d75219614c3-lp150.3.18.2
ctdb-tests-4.7.11+git.186.d75219614c3-lp150.3.18.2
ctdb-tests-debuginfo-4.7.11+git.186.d75219614c3-lp150.3.18.2
libdcerpc-binding0-4.7.11+git.186.d75219614c3-lp150.3.18.2
libdcerpc-binding0-debuginfo-4.7.11+git.186.d75219614c3-lp150.3.18.2
libdcerpc-devel-4.7.11+git.186.d75219614c3-lp150.3.18.2
libdcerpc-samr-devel-4.7.11+git.186.d75219614c3-lp150.3.18.2
libdcerpc-samr0-4.7.11+git.186.d75219614c3-lp150.3.18.2
libdcerpc-samr0-debuginfo-4.7.11+git.186.d75219614c3-lp150.3.18.2
libdcerpc0-4.7.11+git.186.d75219614c3-lp150.3.18.2
libdcerpc0-debuginfo-4.7.11+git.186.d75219614c3-lp150.3.18.2
libndr-devel-4.7.11+git.186.d75219614c3-lp150.3.18.2
libndr-krb5pac-devel-4.7.11+git.186.d75219614c3-lp150.3.18.2
libndr-krb5pac0-4.7.11+git.186.d75219614c3-lp150.3.18.2
lib...
Read the Full Advisoryhttps://www.suse.com/security/cve/CVE-2019-10218.html
https://www.suse.com/security/cve/CVE-2019-14833.html
https://www.suse.com/security/cve/CVE-2019-14847.html
https://bugzilla.suse.com/1125601
https://bugzilla.suse.com/1127153
https://bugzilla.suse.com/1130245
https://bugzilla.suse.com/1134452
https://bugzilla.suse.com/1144902
https://bugzilla.suse.com/1154289
https://bugzilla.suse.com/1154598
--
Get the latest Linux and open source security news straight to your inbox.