Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

openSUSE 15.4: SUSE-SU-2023:3358-1 Moderate: Samba Security Advisory

opensuse
Calendar Grey August 18, 2023
Dist Opensuse Esm H88
A recent patch for samba tackles security vulnerabilities by addressing CVE-2022-2128, which is rated as moderate risk. Maintain your security!
This update for samba fixes the following issues: CVE-2022-2127: Fixed issue where lm_resp_len was not checked properly in winbindd_pam_auth_crap_send (bsc#1213174).

Description

This update for samba fixes the following issues:

* CVE-2022-2127: Fixed issue where lm_resp_len was not checked properly in

winbindd_pam_auth_crap_send (bsc#1213174).

Bugfixes:

* Fixed trust relationship failure (bsc#1213384)

Topics%20covered

Topics Covered

security advisory moderate update threat Samba openSUSE CVE-2022-2127

Patch

## Patch Instructions:

To install this SUSE Moderate update use the SUSE recommended installation

methods like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4

zypper in -t patch openSUSE-SLE-15.4-2023-3358=1

* SUSE Linux Enterprise High Availability Extension 15 SP2

zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2023-3358=1

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2

zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-3358=1

* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2

zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-3358=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP2

zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-3358=1

* SUSE Enterprise Storage 7

zypper in -t patch SUSE-Storage-7-2023-3358=1

Package List

* openSUSE Leap 15.4 (x86_64)

* libndr0-32bit-4.11.14+git.396.91f4f677472-150200.4.52.5

* libndr0-32bit-debuginfo-4.11.14+git.396.91f4f677472-150200.4.52.5

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)

* libndr0-debuginfo-4.11.14+git.396.91f4f677472-150200.4.52.5

* libndr0-4.11.14+git.396.91f4f677472-150200.4.52.5

* SUSE Linux Enterprise High Availability Extension 15 SP2 (aarch64 ppc64le

s390x x86_64)

* ctdb-4.11.14+git.396.91f4f677472-150200.4.52.5

* samba-debuginfo-4.11.14+git.396.91f4f677472-150200.4.52.5

* samba-debugsource-4.11.14+git.396.91f4f677472-150200.4.52.5

* ctdb-debuginfo-4.11.14+git.396.91f4f677472-150200.4.52.5

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64

x86_64)

* libdcerpc0-4.11.14+git.396.91f4f677472-150200.4.52.5

* samba-ad-dc-debuginfo-4.11.14+git.396.91f4f677472-150200.4.52.5

* libsamba-credentials-devel-4.11.14+git.396.91f4f677472-150200.4.52.5

* libsamdb0-4.11.14+git.396.91f4f677472-150200.4.52.5

*...

Read the Full Advisory

References

* #1213174

* #1213384

## References:

* https://www.suse.com/security/cve/CVE-2022-2127.html

* https://bugzilla.suse.com/show_bug.cgi?id=1213174

* https://bugzilla.suse.com/show_bug.cgi?id=1213384

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2023:3358-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate update threat Samba openSUSE CVE-2022-2127

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here