An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

====================================================================                   Red Hat Security Advisory

Synopsis:          Important: samba security update
Advisory ID:       RHSA-2017:3260-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2017:3260
Issue date:        2017-11-27
CVE Names:         CVE-2017-14746 CVE-2017-15275 
====================================================================
1. Summary:

An update for samba is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Resilient Storage (v. 7) - ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, noarch, ppc64le
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, noarch, ppc64le

3. Description:

Samba is an open-source implementation of the Server Message Block (SMB)
protocol and the related Common Internet File System (CIFS) protocol, which
allow PC-compatible machines to share files, printers, and various
information.

Security Fix(es):

* A use-after-free flaw was found in the way samba servers handled certain
SMB1 requests. An unauthenticated attacker could send specially-crafted
SMB1 requests to cause the server to crash or execute arbitrary code.
(CVE-2017-14746)

* A memory disclosure flaw was found in samba. An attacker could retrieve
parts of server memory, which could contain potentially sensitive data, by
sending specially-crafted requests to the samba server. (CVE-2017-15275)

Red Hat would like to thank the Samba project for reporting these issues.
Upstream acknowledges Yihan Lian and Zhibin Hu (Qihoo 360 GearTeam) as the
original reporter of CVE-2017-14746; and Volker Lendecke (SerNet and the
Samba Team) as the original reporter of CVE-2017-15275.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the smb service will be restarted
automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1511899 - CVE-2017-14746 samba: Use-after-free in processing SMB1 requests
1512465 - CVE-2017-15275 samba: Server heap-memory disclosure

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
samba-4.6.2-12.el7_4.src.rpm

noarch:
samba-common-4.6.2-12.el7_4.noarch.rpm

x86_64:
libsmbclient-4.6.2-12.el7_4.i686.rpm
libsmbclient-4.6.2-12.el7_4.x86_64.rpm
libwbclient-4.6.2-12.el7_4.i686.rpm
libwbclient-4.6.2-12.el7_4.x86_64.rpm
samba-client-4.6.2-12.el7_4.x86_64.rpm
samba-client-libs-4.6.2-12.el7_4.i686.rpm
samba-client-libs-4.6.2-12.el7_4.x86_64.rpm
samba-common-libs-4.6.2-12.el7_4.x86_64.rpm
samba-common-tools-4.6.2-12.el7_4.x86_64.rpm
samba-debuginfo-4.6.2-12.el7_4.i686.rpm
samba-debuginfo-4.6.2-12.el7_4.x86_64.rpm
samba-krb5-printing-4.6.2-12.el7_4.x86_64.rpm
samba-libs-4.6.2-12.el7_4.i686.rpm
samba-libs-4.6.2-12.el7_4.x86_64.rpm
samba-winbind-4.6.2-12.el7_4.x86_64.rpm
samba-winbind-clients-4.6.2-12.el7_4.x86_64.rpm
samba-winbind-modules-4.6.2-12.el7_4.i686.rpm
samba-winbind-modules-4.6.2-12.el7_4.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

noarch:
samba-pidl-4.6.2-12.el7_4.noarch.rpm

x86_64:
libsmbclient-devel-4.6.2-12.el7_4.i686.rpm
libsmbclient-devel-4.6.2-12.el7_4.x86_64.rpm
libwbclient-devel-4.6.2-12.el7_4.i686.rpm
libwbclient-devel-4.6.2-12.el7_4.x86_64.rpm
samba-4.6.2-12.el7_4.x86_64.rpm
samba-dc-4.6.2-12.el7_4.x86_64.rpm
samba-dc-libs-4.6.2-12.el7_4.x86_64.rpm
samba-debuginfo-4.6.2-12.el7_4.i686.rpm
samba-debuginfo-4.6.2-12.el7_4.x86_64.rpm
samba-devel-4.6.2-12.el7_4.i686.rpm
samba-devel-4.6.2-12.el7_4.x86_64.rpm
samba-python-4.6.2-12.el7_4.x86_64.rpm
samba-test-4.6.2-12.el7_4.x86_64.rpm
samba-test-libs-4.6.2-12.el7_4.i686.rpm
samba-test-libs-4.6.2-12.el7_4.x86_64.rpm
samba-vfs-glusterfs-4.6.2-12.el7_4.x86_64.rpm
samba-winbind-krb5-locator-4.6.2-12.el7_4.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
samba-4.6.2-12.el7_4.src.rpm

noarch:
samba-common-4.6.2-12.el7_4.noarch.rpm

x86_64:
libsmbclient-4.6.2-12.el7_4.i686.rpm
libsmbclient-4.6.2-12.el7_4.x86_64.rpm
libwbclient-4.6.2-12.el7_4.i686.rpm
libwbclient-4.6.2-12.el7_4.x86_64.rpm
samba-client-4.6.2-12.el7_4.x86_64.rpm
samba-client-libs-4.6.2-12.el7_4.i686.rpm
samba-client-libs-4.6.2-12.el7_4.x86_64.rpm
samba-common-libs-4.6.2-12.el7_4.x86_64.rpm
samba-common-tools-4.6.2-12.el7_4.x86_64.rpm
samba-debuginfo-4.6.2-12.el7_4.i686.rpm
samba-debuginfo-4.6.2-12.el7_4.x86_64.rpm
samba-libs-4.6.2-12.el7_4.i686.rpm
samba-libs-4.6.2-12.el7_4.x86_64.rpm
samba-winbind-4.6.2-12.el7_4.x86_64.rpm
samba-winbind-clients-4.6.2-12.el7_4.x86_64.rpm
samba-winbind-modules-4.6.2-12.el7_4.i686.rpm
samba-winbind-modules-4.6.2-12.el7_4.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

noarch:
samba-pidl-4.6.2-12.el7_4.noarch.rpm

x86_64:
libsmbclient-devel-4.6.2-12.el7_4.i686.rpm
libsmbclient-devel-4.6.2-12.el7_4.x86_64.rpm
libwbclient-devel-4.6.2-12.el7_4.i686.rpm
libwbclient-devel-4.6.2-12.el7_4.x86_64.rpm
samba-4.6.2-12.el7_4.x86_64.rpm
samba-dc-4.6.2-12.el7_4.x86_64.rpm
samba-dc-libs-4.6.2-12.el7_4.x86_64.rpm
samba-debuginfo-4.6.2-12.el7_4.i686.rpm
samba-debuginfo-4.6.2-12.el7_4.x86_64.rpm
samba-devel-4.6.2-12.el7_4.i686.rpm
samba-devel-4.6.2-12.el7_4.x86_64.rpm
samba-krb5-printing-4.6.2-12.el7_4.x86_64.rpm
samba-python-4.6.2-12.el7_4.x86_64.rpm
samba-test-4.6.2-12.el7_4.x86_64.rpm
samba-test-libs-4.6.2-12.el7_4.i686.rpm
samba-test-libs-4.6.2-12.el7_4.x86_64.rpm
samba-vfs-glusterfs-4.6.2-12.el7_4.x86_64.rpm
samba-winbind-krb5-locator-4.6.2-12.el7_4.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
samba-4.6.2-12.el7_4.src.rpm

noarch:
samba-common-4.6.2-12.el7_4.noarch.rpm

ppc64:
libsmbclient-4.6.2-12.el7_4.ppc.rpm
libsmbclient-4.6.2-12.el7_4.ppc64.rpm
libwbclient-4.6.2-12.el7_4.ppc.rpm
libwbclient-4.6.2-12.el7_4.ppc64.rpm
samba-4.6.2-12.el7_4.ppc64.rpm
samba-client-4.6.2-12.el7_4.ppc64.rpm
samba-client-libs-4.6.2-12.el7_4.ppc.rpm
samba-client-libs-4.6.2-12.el7_4.ppc64.rpm
samba-common-libs-4.6.2-12.el7_4.ppc64.rpm
samba-common-tools-4.6.2-12.el7_4.ppc64.rpm
samba-debuginfo-4.6.2-12.el7_4.ppc.rpm
samba-debuginfo-4.6.2-12.el7_4.ppc64.rpm
samba-krb5-printing-4.6.2-12.el7_4.ppc64.rpm
samba-libs-4.6.2-12.el7_4.ppc.rpm
samba-libs-4.6.2-12.el7_4.ppc64.rpm
samba-winbind-4.6.2-12.el7_4.ppc64.rpm
samba-winbind-clients-4.6.2-12.el7_4.ppc64.rpm
samba-winbind-modules-4.6.2-12.el7_4.ppc.rpm
samba-winbind-modules-4.6.2-12.el7_4.ppc64.rpm

ppc64le:
libsmbclient-4.6.2-12.el7_4.ppc64le.rpm
libwbclient-4.6.2-12.el7_4.ppc64le.rpm
samba-4.6.2-12.el7_4.ppc64le.rpm
samba-client-4.6.2-12.el7_4.ppc64le.rpm
samba-client-libs-4.6.2-12.el7_4.ppc64le.rpm
samba-common-libs-4.6.2-12.el7_4.ppc64le.rpm
samba-common-tools-4.6.2-12.el7_4.ppc64le.rpm
samba-debuginfo-4.6.2-12.el7_4.ppc64le.rpm
samba-krb5-printing-4.6.2-12.el7_4.ppc64le.rpm
samba-libs-4.6.2-12.el7_4.ppc64le.rpm
samba-winbind-4.6.2-12.el7_4.ppc64le.rpm
samba-winbind-clients-4.6.2-12.el7_4.ppc64le.rpm
samba-winbind-modules-4.6.2-12.el7_4.ppc64le.rpm

s390x:
libsmbclient-4.6.2-12.el7_4.s390.rpm
libsmbclient-4.6.2-12.el7_4.s390x.rpm
libwbclient-4.6.2-12.el7_4.s390.rpm
libwbclient-4.6.2-12.el7_4.s390x.rpm
samba-4.6.2-12.el7_4.s390x.rpm
samba-client-4.6.2-12.el7_4.s390x.rpm
samba-client-libs-4.6.2-12.el7_4.s390.rpm
samba-client-libs-4.6.2-12.el7_4.s390x.rpm
samba-common-libs-4.6.2-12.el7_4.s390x.rpm
samba-common-tools-4.6.2-12.el7_4.s390x.rpm
samba-debuginfo-4.6.2-12.el7_4.s390.rpm
samba-debuginfo-4.6.2-12.el7_4.s390x.rpm
samba-krb5-printing-4.6.2-12.el7_4.s390x.rpm
samba-libs-4.6.2-12.el7_4.s390.rpm
samba-libs-4.6.2-12.el7_4.s390x.rpm
samba-winbind-4.6.2-12.el7_4.s390x.rpm
samba-winbind-clients-4.6.2-12.el7_4.s390x.rpm
samba-winbind-modules-4.6.2-12.el7_4.s390.rpm
samba-winbind-modules-4.6.2-12.el7_4.s390x.rpm

x86_64:
libsmbclient-4.6.2-12.el7_4.i686.rpm
libsmbclient-4.6.2-12.el7_4.x86_64.rpm
libwbclient-4.6.2-12.el7_4.i686.rpm
libwbclient-4.6.2-12.el7_4.x86_64.rpm
samba-4.6.2-12.el7_4.x86_64.rpm
samba-client-4.6.2-12.el7_4.x86_64.rpm
samba-client-libs-4.6.2-12.el7_4.i686.rpm
samba-client-libs-4.6.2-12.el7_4.x86_64.rpm
samba-common-libs-4.6.2-12.el7_4.x86_64.rpm
samba-common-tools-4.6.2-12.el7_4.x86_64.rpm
samba-debuginfo-4.6.2-12.el7_4.i686.rpm
samba-debuginfo-4.6.2-12.el7_4.x86_64.rpm
samba-krb5-printing-4.6.2-12.el7_4.x86_64.rpm
samba-libs-4.6.2-12.el7_4.i686.rpm
samba-libs-4.6.2-12.el7_4.x86_64.rpm
samba-python-4.6.2-12.el7_4.x86_64.rpm
samba-winbind-4.6.2-12.el7_4.x86_64.rpm
samba-winbind-clients-4.6.2-12.el7_4.x86_64.rpm
samba-winbind-modules-4.6.2-12.el7_4.i686.rpm
samba-winbind-modules-4.6.2-12.el7_4.x86_64.rpm

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):

Source:
samba-4.6.2-12.el7_4.src.rpm

aarch64:
libsmbclient-4.6.2-12.el7_4.aarch64.rpm
libwbclient-4.6.2-12.el7_4.aarch64.rpm
samba-4.6.2-12.el7_4.aarch64.rpm
samba-client-4.6.2-12.el7_4.aarch64.rpm
samba-client-libs-4.6.2-12.el7_4.aarch64.rpm
samba-common-libs-4.6.2-12.el7_4.aarch64.rpm
samba-common-tools-4.6.2-12.el7_4.aarch64.rpm
samba-debuginfo-4.6.2-12.el7_4.aarch64.rpm
samba-krb5-printing-4.6.2-12.el7_4.aarch64.rpm
samba-libs-4.6.2-12.el7_4.aarch64.rpm
samba-python-4.6.2-12.el7_4.aarch64.rpm
samba-winbind-4.6.2-12.el7_4.aarch64.rpm
samba-winbind-clients-4.6.2-12.el7_4.aarch64.rpm
samba-winbind-modules-4.6.2-12.el7_4.aarch64.rpm

noarch:
samba-common-4.6.2-12.el7_4.noarch.rpm

ppc64le:
libsmbclient-4.6.2-12.el7_4.ppc64le.rpm
libwbclient-4.6.2-12.el7_4.ppc64le.rpm
samba-4.6.2-12.el7_4.ppc64le.rpm
samba-client-4.6.2-12.el7_4.ppc64le.rpm
samba-client-libs-4.6.2-12.el7_4.ppc64le.rpm
samba-common-libs-4.6.2-12.el7_4.ppc64le.rpm
samba-common-tools-4.6.2-12.el7_4.ppc64le.rpm
samba-debuginfo-4.6.2-12.el7_4.ppc64le.rpm
samba-krb5-printing-4.6.2-12.el7_4.ppc64le.rpm
samba-libs-4.6.2-12.el7_4.ppc64le.rpm
samba-winbind-4.6.2-12.el7_4.ppc64le.rpm
samba-winbind-clients-4.6.2-12.el7_4.ppc64le.rpm
samba-winbind-modules-4.6.2-12.el7_4.ppc64le.rpm

Red Hat Enterprise Linux Server Resilient Storage (v. 7):

ppc64le:
ctdb-4.6.2-12.el7_4.ppc64le.rpm
ctdb-tests-4.6.2-12.el7_4.ppc64le.rpm
samba-debuginfo-4.6.2-12.el7_4.ppc64le.rpm

s390x:
ctdb-4.6.2-12.el7_4.s390x.rpm
ctdb-tests-4.6.2-12.el7_4.s390x.rpm
samba-debuginfo-4.6.2-12.el7_4.s390x.rpm

x86_64:
ctdb-4.6.2-12.el7_4.x86_64.rpm
ctdb-tests-4.6.2-12.el7_4.x86_64.rpm
samba-debuginfo-4.6.2-12.el7_4.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

noarch:
samba-pidl-4.6.2-12.el7_4.noarch.rpm

ppc64:
libsmbclient-devel-4.6.2-12.el7_4.ppc.rpm
libsmbclient-devel-4.6.2-12.el7_4.ppc64.rpm
libwbclient-devel-4.6.2-12.el7_4.ppc.rpm
libwbclient-devel-4.6.2-12.el7_4.ppc64.rpm
samba-dc-4.6.2-12.el7_4.ppc64.rpm
samba-dc-libs-4.6.2-12.el7_4.ppc64.rpm
samba-debuginfo-4.6.2-12.el7_4.ppc.rpm
samba-debuginfo-4.6.2-12.el7_4.ppc64.rpm
samba-devel-4.6.2-12.el7_4.ppc.rpm
samba-devel-4.6.2-12.el7_4.ppc64.rpm
samba-python-4.6.2-12.el7_4.ppc64.rpm
samba-test-4.6.2-12.el7_4.ppc64.rpm
samba-test-libs-4.6.2-12.el7_4.ppc.rpm
samba-test-libs-4.6.2-12.el7_4.ppc64.rpm
samba-winbind-krb5-locator-4.6.2-12.el7_4.ppc64.rpm

ppc64le:
libsmbclient-devel-4.6.2-12.el7_4.ppc64le.rpm
libwbclient-devel-4.6.2-12.el7_4.ppc64le.rpm
samba-dc-4.6.2-12.el7_4.ppc64le.rpm
samba-dc-libs-4.6.2-12.el7_4.ppc64le.rpm
samba-debuginfo-4.6.2-12.el7_4.ppc64le.rpm
samba-devel-4.6.2-12.el7_4.ppc64le.rpm
samba-python-4.6.2-12.el7_4.ppc64le.rpm
samba-test-4.6.2-12.el7_4.ppc64le.rpm
samba-test-libs-4.6.2-12.el7_4.ppc64le.rpm
samba-winbind-krb5-locator-4.6.2-12.el7_4.ppc64le.rpm

s390x:
libsmbclient-devel-4.6.2-12.el7_4.s390.rpm
libsmbclient-devel-4.6.2-12.el7_4.s390x.rpm
libwbclient-devel-4.6.2-12.el7_4.s390.rpm
libwbclient-devel-4.6.2-12.el7_4.s390x.rpm
samba-dc-4.6.2-12.el7_4.s390x.rpm
samba-dc-libs-4.6.2-12.el7_4.s390x.rpm
samba-debuginfo-4.6.2-12.el7_4.s390.rpm
samba-debuginfo-4.6.2-12.el7_4.s390x.rpm
samba-devel-4.6.2-12.el7_4.s390.rpm
samba-devel-4.6.2-12.el7_4.s390x.rpm
samba-python-4.6.2-12.el7_4.s390x.rpm
samba-test-4.6.2-12.el7_4.s390x.rpm
samba-test-libs-4.6.2-12.el7_4.s390.rpm
samba-test-libs-4.6.2-12.el7_4.s390x.rpm
samba-winbind-krb5-locator-4.6.2-12.el7_4.s390x.rpm

x86_64:
libsmbclient-devel-4.6.2-12.el7_4.i686.rpm
libsmbclient-devel-4.6.2-12.el7_4.x86_64.rpm
libwbclient-devel-4.6.2-12.el7_4.i686.rpm
libwbclient-devel-4.6.2-12.el7_4.x86_64.rpm
samba-dc-4.6.2-12.el7_4.x86_64.rpm
samba-dc-libs-4.6.2-12.el7_4.x86_64.rpm
samba-debuginfo-4.6.2-12.el7_4.i686.rpm
samba-debuginfo-4.6.2-12.el7_4.x86_64.rpm
samba-devel-4.6.2-12.el7_4.i686.rpm
samba-devel-4.6.2-12.el7_4.x86_64.rpm
samba-test-4.6.2-12.el7_4.x86_64.rpm
samba-test-libs-4.6.2-12.el7_4.i686.rpm
samba-test-libs-4.6.2-12.el7_4.x86_64.rpm
samba-vfs-glusterfs-4.6.2-12.el7_4.x86_64.rpm
samba-winbind-krb5-locator-4.6.2-12.el7_4.x86_64.rpm

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):

aarch64:
libsmbclient-devel-4.6.2-12.el7_4.aarch64.rpm
libwbclient-devel-4.6.2-12.el7_4.aarch64.rpm
samba-dc-4.6.2-12.el7_4.aarch64.rpm
samba-dc-libs-4.6.2-12.el7_4.aarch64.rpm
samba-debuginfo-4.6.2-12.el7_4.aarch64.rpm
samba-devel-4.6.2-12.el7_4.aarch64.rpm
samba-test-4.6.2-12.el7_4.aarch64.rpm
samba-test-libs-4.6.2-12.el7_4.aarch64.rpm
samba-winbind-krb5-locator-4.6.2-12.el7_4.aarch64.rpm

noarch:
samba-pidl-4.6.2-12.el7_4.noarch.rpm

ppc64le:
libsmbclient-devel-4.6.2-12.el7_4.ppc64le.rpm
libwbclient-devel-4.6.2-12.el7_4.ppc64le.rpm
samba-dc-4.6.2-12.el7_4.ppc64le.rpm
samba-dc-libs-4.6.2-12.el7_4.ppc64le.rpm
samba-debuginfo-4.6.2-12.el7_4.ppc64le.rpm
samba-devel-4.6.2-12.el7_4.ppc64le.rpm
samba-python-4.6.2-12.el7_4.ppc64le.rpm
samba-test-4.6.2-12.el7_4.ppc64le.rpm
samba-test-libs-4.6.2-12.el7_4.ppc64le.rpm
samba-winbind-krb5-locator-4.6.2-12.el7_4.ppc64le.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
samba-4.6.2-12.el7_4.src.rpm

noarch:
samba-common-4.6.2-12.el7_4.noarch.rpm

x86_64:
libsmbclient-4.6.2-12.el7_4.i686.rpm
libsmbclient-4.6.2-12.el7_4.x86_64.rpm
libwbclient-4.6.2-12.el7_4.i686.rpm
libwbclient-4.6.2-12.el7_4.x86_64.rpm
samba-4.6.2-12.el7_4.x86_64.rpm
samba-client-4.6.2-12.el7_4.x86_64.rpm
samba-client-libs-4.6.2-12.el7_4.i686.rpm
samba-client-libs-4.6.2-12.el7_4.x86_64.rpm
samba-common-libs-4.6.2-12.el7_4.x86_64.rpm
samba-common-tools-4.6.2-12.el7_4.x86_64.rpm
samba-debuginfo-4.6.2-12.el7_4.i686.rpm
samba-debuginfo-4.6.2-12.el7_4.x86_64.rpm
samba-krb5-printing-4.6.2-12.el7_4.x86_64.rpm
samba-libs-4.6.2-12.el7_4.i686.rpm
samba-libs-4.6.2-12.el7_4.x86_64.rpm
samba-python-4.6.2-12.el7_4.x86_64.rpm
samba-winbind-4.6.2-12.el7_4.x86_64.rpm
samba-winbind-clients-4.6.2-12.el7_4.x86_64.rpm
samba-winbind-modules-4.6.2-12.el7_4.i686.rpm
samba-winbind-modules-4.6.2-12.el7_4.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

noarch:
samba-pidl-4.6.2-12.el7_4.noarch.rpm

x86_64:
libsmbclient-devel-4.6.2-12.el7_4.i686.rpm
libsmbclient-devel-4.6.2-12.el7_4.x86_64.rpm
libwbclient-devel-4.6.2-12.el7_4.i686.rpm
libwbclient-devel-4.6.2-12.el7_4.x86_64.rpm
samba-dc-4.6.2-12.el7_4.x86_64.rpm
samba-dc-libs-4.6.2-12.el7_4.x86_64.rpm
samba-debuginfo-4.6.2-12.el7_4.i686.rpm
samba-debuginfo-4.6.2-12.el7_4.x86_64.rpm
samba-devel-4.6.2-12.el7_4.i686.rpm
samba-devel-4.6.2-12.el7_4.x86_64.rpm
samba-test-4.6.2-12.el7_4.x86_64.rpm
samba-test-libs-4.6.2-12.el7_4.i686.rpm
samba-test-libs-4.6.2-12.el7_4.x86_64.rpm
samba-vfs-glusterfs-4.6.2-12.el7_4.x86_64.rpm
samba-winbind-krb5-locator-4.6.2-12.el7_4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key

7. References:

https://access.redhat.com/security/cve/CVE-2017-14746
https://access.redhat.com/security/cve/CVE-2017-15275
https://access.redhat.com/security/updates/classification#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact

Copyright 2017 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iD8DBQFaG5bhXlSAg2UNWIIRAuGbAKCmUcujvuQaLpSQ02DfCRzbK7/qFACgtt5C
PzSU5PZGbSgphBCKrRY6AzY=R43A
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
This email address is being protected from spambots. You need JavaScript enabled to view it.

Red Hat Enterprise Linux 7: RHSA-2017-3260-01 Important Samba Fix

red hat

November 27, 2017

An update for samba is now available for Red Hat Enterprise Linux 7

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the smb service will be restarted automatically.

Summary

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.
Security Fix(es):
* A use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send specially-crafted SMB1 requests to cause the server to crash or execute arbitrary code. (CVE-2017-14746)
* A memory disclosure flaw was found in samba. An attacker could retrieve parts of server memory, which could contain potentially sensitive data, by sending specially-crafted requests to the samba server. (CVE-2017-15275)
Red Hat would like to thank the Samba project for reporting these issues. Upstream acknowledges Yihan Lian and Zhibin Hu (Qihoo 360 GearTeam) as the original reporter of CVE-2017-14746; and Volker Lendecke (SerNet and the Samba Team) as the original reporter of CVE-2017-15275.

Topics Covered

security advisory red hat samba important Denial of Service memory disclosure use-after-free

References

https://access.redhat.com/security/cve/CVE-2017-14746 https://access.redhat.com/security/cve/CVE-2017-15275 https://access.redhat.com/security/updates/classification#important

Package List

Red Hat Enterprise Linux Client (v. 7):
Source: samba-4.6.2-12.el7_4.src.rpm
noarch: samba-common-4.6.2-12.el7_4.noarch.rpm
x86_64: libsmbclient-4.6.2-12.el7_4.i686.rpm libsmbclient-4.6.2-12.el7_4.x86_64.rpm libwbclient-4.6.2-12.el7_4.i686.rpm libwbclient-4.6.2-12.el7_4.x86_64.rpm samba-client-4.6.2-12.el7_4.x86_64.rpm samba-client-libs-4.6.2-12.el7_4.i686.rpm samba-client-libs-4.6.2-12.el7_4.x86_64.rpm samba-common-libs-4.6.2-12.el7_4.x86_64.rpm samba-common-tools-4.6.2-12.el7_4.x86_64.rpm samba-debuginfo-4.6.2-12.el7_4.i686.rpm samba-debuginfo-4.6.2-12.el7_4.x86_64.rpm samba-krb5-printing-4.6.2-12.el7_4.x86_64.rpm samba-libs-4.6.2-12.el7_4.i686.rpm samba-libs-4.6.2-12.el7_4.x86_64.rpm samba-winbind-4.6.2-12.el7_4.x86_64.rpm samba-winbind-clients-4.6.2-12.el7_4.x86_64.rpm samba-winbind-modules-4.6.2-12.el7_4.i686.rpm samba-winbind-modules-4.6.2-12.el7_4.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch: samba-pidl-4.6.2-12.el7_4.noarch.rpm
x86_64: libsmbclient-devel-4.6.2-12.el7_4.i686.rpm libsmbclient-devel-4.6.2-12.el7_4.x86_64.rpm libwbclient-devel-4.6.2-12.el7_4.i686.rpm libwbclient-devel-4.6.2-12.el7_4.x86_64.rpm samba-4.6.2-12.el7_4.x86_64.rpm samba-dc-4.6.2-12.el7_4.x86_64.rpm samba-dc-libs-4.6.2-12.el7_4.x86_64.rpm

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Advisory ID: RHSA-2017:3260-01

Product: Red Hat Enterprise Linux

Advisory URL: https://access.redhat.com/errata/RHSA-2017:3260

Issue date: 2017-11-27

Topic

An update for samba is now available for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.

Topics Covered

security advisory red hat samba important Denial of Service memory disclosure use-after-free

Relevant Releases Architectures

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64

Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64

Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64

Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64

Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64

Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64

Red Hat Enterprise Linux Server Resilient Storage (v. 7) - ppc64le, s390x, x86_64

Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64

Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, noarch, ppc64le

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, noarch, ppc64le

Bugs Fixed

1511899 - CVE-2017-14746 samba: Use-after-free in processing SMB1 requests

1512465 - CVE-2017-15275 samba: Server heap-memory disclosure

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Red Hat Enterprise Linux 7: RHSA-2017-3260-01 Important Samba Fix

Topics Covered

Search Advisories & Updates

Recent Searches

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Red Hat Enterprise Linux 7: RHSA-2017-3260-01 Important Samba Fix

Solution

Summary

Topics Covered

References

Package List

Topic

Topics Covered

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Red Hat Enterprise Linux 7: RHSA-2017-3260-01 Important Samba Fix

Topics Covered

Search Advisories & Updates

Recent Searches

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Red Hat Enterprise Linux 7: RHSA-2017-3260-01 Important Samba Fix

Solution

Summary

Topics Covered

References

Package List

Topic

Topics Covered

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!