Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

openSUSE Leap 15.1: 2020:0122-1 Moderate Samba Server Issues

opensuse
Calendar Grey January 29, 2020
Dist Opensuse Esm H88
Scheduled Security Patch for Samba on openSUSE Leap 15.1 Addresses Multiple Vulnerabilities
An update that solves three vulnerabilities and has one errata is now available.

Description

This update for samba fixes the following issues:

Security issues fixed:

- CVE-2019-14907: Fixed a Server-side crash after charset conversion

failure during NTLMSSP processing (bsc#1160888).

- CVE-2019-14902: Fixed an issue where automatic replication of ACLs down

subtree on AD Directory is not working (bsc#1160850).

- CVE-2019-19344: Fixed a server crash when using dns zone scavenging yes (bsc#1160852).

Non-security issue fixed:

- Fixed Ceph snapshot path handling relative to root (bsc#1141320).

This update was imported from the SUSE:SLE-15-SP1:Update update project.

Topics%20covered

Topics Covered

security advisory moderate software update samba security fix server crash openSUSE

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2020-122=1

Package List

- openSUSE Leap 15.1 (i586 x86_64):

ctdb-4.9.5+git.243.e76c5cb3d97-lp151.2.15.1

ctdb-debuginfo-4.9.5+git.243.e76c5cb3d97-lp151.2.15.1

ctdb-pcp-pmda-4.9.5+git.243.e76c5cb3d97-lp151.2.15.1

ctdb-pcp-pmda-debuginfo-4.9.5+git.243.e76c5cb3d97-lp151.2.15.1

ctdb-tests-4.9.5+git.243.e76c5cb3d97-lp151.2.15.1

ctdb-tests-debuginfo-4.9.5+git.243.e76c5cb3d97-lp151.2.15.1

libdcerpc-binding0-4.9.5+git.243.e76c5cb3d97-lp151.2.15.1

libdcerpc-binding0-debuginfo-4.9.5+git.243.e76c5cb3d97-lp151.2.15.1

libdcerpc-devel-4.9.5+git.243.e76c5cb3d97-lp151.2.15.1

libdcerpc-samr-devel-4.9.5+git.243.e76c5cb3d97-lp151.2.15.1

libdcerpc-samr0-4.9.5+git.243.e76c5cb3d97-lp151.2.15.1

libdcerpc-samr0-debuginfo-4.9.5+git.243.e76c5cb3d97-lp151.2.15.1

libdcerpc0-4.9.5+git.243.e76c5cb3d97-lp151.2.15.1

libdcerpc0-debuginfo-4.9.5+git.243.e76c5cb3d97-lp151.2.15.1

libndr-devel-4.9.5+git.243.e76c5cb3d97-lp151.2.15.1

libndr-krb5pac-devel-4.9.5+git.243.e76c5cb3d97-lp151.2.15.1

libndr-krb5pac0-4.9.5+git.243.e76c5cb3d97-lp151.2.15.1

libndr-krb5pac0-debu...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2019-14902.html

https://www.suse.com/security/cve/CVE-2019-14907.html

https://www.suse.com/security/cve/CVE-2019-19344.html

https://bugzilla.suse.com/1141320

https://bugzilla.suse.com/1160850

https://bugzilla.suse.com/1160852

https://bugzilla.suse.com/1160888

--

Announcement ID: openSUSE-SU-2020:0122-1
Rating: moderate
Affected Products: openSUSE Leap 15.1 le.

Topics%20covered

Topics Covered

security advisory moderate software update samba security fix server crash openSUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here