Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

RedHat Enterprise Linux 8: RHSA-2020:1878-01 Moderate: Samba Bug Fix

Calendar Apr 28, 2020 User Avatar LinuxSecurity Advisories
10 - 19 min read
Redhat Large Esm H500
Topics%20covered

Topics Covered

security advisory moderate security issue bug fix samba Red Hat Enterprise Linux network protocol
An update for samba is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   Red Hat Security Advisory

Synopsis:          Moderate: samba security, bug fix, and enhancement update
Advisory ID:       RHSA-2020:1878-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:1878
Issue date:        2020-04-28
CVE Names:         CVE-2019-10197 CVE-2019-10218 CVE-2019-14907 
====================================================================
1. Summary:

An update for samba is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, x86_64
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

Samba is an open-source implementation of the Server Message Block (SMB)
protocol and the related Common Internet File System (CIFS) protocol, which
allow PC-compatible machines to share files, printers, and various
information.

The following packages have been upgraded to a later upstream version:
samba (4.11.2). (BZ#1754409)

Security Fix(es):

* samba: Combination of parameters and permissions can allow user to escape
from the share path definition (CVE-2019-10197)

* samba: smb client vulnerable to filenames containing path separators(CVE-2019-10218)

* samba: Crash after failed character conversion at log level 3 or above
(CVE-2019-14907)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.2 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the smb service will be restarted
automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1710980 - [RFE] Add support for Kerberos KCM credential cache in pam_winbind/winbindd
1746225 - CVE-2019-10197 samba: Combination of parameters and permissions can allow user to escape from the share path definition
1754409 - Rebase Samba to 4.11.x
1754575 - samba: Remove NSS wins and winbind dependency on librt/libpthread as workaround for glibc defect.
1755440 - Trusted domain enumeration stopped working after Microsoft patch update
1763137 - CVE-2019-10218 samba: smb client vulnerable to filenames containing path separators1776312 - Winbind is not restarted on package upgrade
1778770 - openchange needs to be rebuilt against samba-4.11.2-2.el8 and libldb-2.0.7-1.el8
1785134 - Libwbclient alternatives manual setting lost
1791207 - CVE-2019-14907 samba: Crash after failed character conversion at log level 3 or above
1794461 - Test samba3.smbtorture_s3.plain.WINDOWS-BAD-SYMLINK fails

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
openchange-2.3-24.el8.src.rpm

aarch64:
openchange-2.3-24.el8.aarch64.rpm
openchange-client-debuginfo-2.3-24.el8.aarch64.rpm
openchange-debuginfo-2.3-24.el8.aarch64.rpm
openchange-debugsource-2.3-24.el8.aarch64.rpm

ppc64le:
openchange-2.3-24.el8.ppc64le.rpm
openchange-client-debuginfo-2.3-24.el8.ppc64le.rpm
openchange-debuginfo-2.3-24.el8.ppc64le.rpm
openchange-debugsource-2.3-24.el8.ppc64le.rpm

x86_64:
openchange-2.3-24.el8.i686.rpm
openchange-2.3-24.el8.x86_64.rpm
openchange-client-debuginfo-2.3-24.el8.i686.rpm
openchange-client-debuginfo-2.3-24.el8.x86_64.rpm
openchange-debuginfo-2.3-24.el8.i686.rpm
openchange-debuginfo-2.3-24.el8.x86_64.rpm
openchange-debugsource-2.3-24.el8.i686.rpm
openchange-debugsource-2.3-24.el8.x86_64.rpm

Red Hat Enterprise Linux BaseOS (v. 8):

Source:
samba-4.11.2-13.el8.src.rpm

aarch64:
ctdb-4.11.2-13.el8.aarch64.rpm
ctdb-debuginfo-4.11.2-13.el8.aarch64.rpm
ctdb-tests-4.11.2-13.el8.aarch64.rpm
ctdb-tests-debuginfo-4.11.2-13.el8.aarch64.rpm
libsmbclient-4.11.2-13.el8.aarch64.rpm
libsmbclient-debuginfo-4.11.2-13.el8.aarch64.rpm
libwbclient-4.11.2-13.el8.aarch64.rpm
libwbclient-debuginfo-4.11.2-13.el8.aarch64.rpm
python3-samba-4.11.2-13.el8.aarch64.rpm
python3-samba-debuginfo-4.11.2-13.el8.aarch64.rpm
python3-samba-test-4.11.2-13.el8.aarch64.rpm
samba-4.11.2-13.el8.aarch64.rpm
samba-client-4.11.2-13.el8.aarch64.rpm
samba-client-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-client-libs-4.11.2-13.el8.aarch64.rpm
samba-client-libs-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-common-libs-4.11.2-13.el8.aarch64.rpm
samba-common-libs-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-common-tools-4.11.2-13.el8.aarch64.rpm
samba-common-tools-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-debugsource-4.11.2-13.el8.aarch64.rpm
samba-krb5-printing-4.11.2-13.el8.aarch64.rpm
samba-krb5-printing-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-libs-4.11.2-13.el8.aarch64.rpm
samba-libs-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-test-4.11.2-13.el8.aarch64.rpm
samba-test-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-test-libs-4.11.2-13.el8.aarch64.rpm
samba-test-libs-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-winbind-4.11.2-13.el8.aarch64.rpm
samba-winbind-clients-4.11.2-13.el8.aarch64.rpm
samba-winbind-clients-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-winbind-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-winbind-krb5-locator-4.11.2-13.el8.aarch64.rpm
samba-winbind-krb5-locator-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-winbind-modules-4.11.2-13.el8.aarch64.rpm
samba-winbind-modules-debuginfo-4.11.2-13.el8.aarch64.rpm

noarch:
samba-common-4.11.2-13.el8.noarch.rpm
samba-pidl-4.11.2-13.el8.noarch.rpm

ppc64le:
ctdb-4.11.2-13.el8.ppc64le.rpm
ctdb-debuginfo-4.11.2-13.el8.ppc64le.rpm
ctdb-tests-4.11.2-13.el8.ppc64le.rpm
ctdb-tests-debuginfo-4.11.2-13.el8.ppc64le.rpm
libsmbclient-4.11.2-13.el8.ppc64le.rpm
libsmbclient-debuginfo-4.11.2-13.el8.ppc64le.rpm
libwbclient-4.11.2-13.el8.ppc64le.rpm
libwbclient-debuginfo-4.11.2-13.el8.ppc64le.rpm
python3-samba-4.11.2-13.el8.ppc64le.rpm
python3-samba-debuginfo-4.11.2-13.el8.ppc64le.rpm
python3-samba-test-4.11.2-13.el8.ppc64le.rpm
samba-4.11.2-13.el8.ppc64le.rpm
samba-client-4.11.2-13.el8.ppc64le.rpm
samba-client-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-client-libs-4.11.2-13.el8.ppc64le.rpm
samba-client-libs-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-common-libs-4.11.2-13.el8.ppc64le.rpm
samba-common-libs-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-common-tools-4.11.2-13.el8.ppc64le.rpm
samba-common-tools-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-debugsource-4.11.2-13.el8.ppc64le.rpm
samba-krb5-printing-4.11.2-13.el8.ppc64le.rpm
samba-krb5-printing-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-libs-4.11.2-13.el8.ppc64le.rpm
samba-libs-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-test-4.11.2-13.el8.ppc64le.rpm
samba-test-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-test-libs-4.11.2-13.el8.ppc64le.rpm
samba-test-libs-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-winbind-4.11.2-13.el8.ppc64le.rpm
samba-winbind-clients-4.11.2-13.el8.ppc64le.rpm
samba-winbind-clients-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-winbind-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-winbind-krb5-locator-4.11.2-13.el8.ppc64le.rpm
samba-winbind-krb5-locator-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-winbind-modules-4.11.2-13.el8.ppc64le.rpm
samba-winbind-modules-debuginfo-4.11.2-13.el8.ppc64le.rpm

s390x:
ctdb-4.11.2-13.el8.s390x.rpm
ctdb-debuginfo-4.11.2-13.el8.s390x.rpm
ctdb-tests-4.11.2-13.el8.s390x.rpm
ctdb-tests-debuginfo-4.11.2-13.el8.s390x.rpm
libsmbclient-4.11.2-13.el8.s390x.rpm
libsmbclient-debuginfo-4.11.2-13.el8.s390x.rpm
libwbclient-4.11.2-13.el8.s390x.rpm
libwbclient-debuginfo-4.11.2-13.el8.s390x.rpm
python3-samba-4.11.2-13.el8.s390x.rpm
python3-samba-debuginfo-4.11.2-13.el8.s390x.rpm
python3-samba-test-4.11.2-13.el8.s390x.rpm
samba-4.11.2-13.el8.s390x.rpm
samba-client-4.11.2-13.el8.s390x.rpm
samba-client-debuginfo-4.11.2-13.el8.s390x.rpm
samba-client-libs-4.11.2-13.el8.s390x.rpm
samba-client-libs-debuginfo-4.11.2-13.el8.s390x.rpm
samba-common-libs-4.11.2-13.el8.s390x.rpm
samba-common-libs-debuginfo-4.11.2-13.el8.s390x.rpm
samba-common-tools-4.11.2-13.el8.s390x.rpm
samba-common-tools-debuginfo-4.11.2-13.el8.s390x.rpm
samba-debuginfo-4.11.2-13.el8.s390x.rpm
samba-debugsource-4.11.2-13.el8.s390x.rpm
samba-krb5-printing-4.11.2-13.el8.s390x.rpm
samba-krb5-printing-debuginfo-4.11.2-13.el8.s390x.rpm
samba-libs-4.11.2-13.el8.s390x.rpm
samba-libs-debuginfo-4.11.2-13.el8.s390x.rpm
samba-test-4.11.2-13.el8.s390x.rpm
samba-test-debuginfo-4.11.2-13.el8.s390x.rpm
samba-test-libs-4.11.2-13.el8.s390x.rpm
samba-test-libs-debuginfo-4.11.2-13.el8.s390x.rpm
samba-winbind-4.11.2-13.el8.s390x.rpm
samba-winbind-clients-4.11.2-13.el8.s390x.rpm
samba-winbind-clients-debuginfo-4.11.2-13.el8.s390x.rpm
samba-winbind-debuginfo-4.11.2-13.el8.s390x.rpm
samba-winbind-krb5-locator-4.11.2-13.el8.s390x.rpm
samba-winbind-krb5-locator-debuginfo-4.11.2-13.el8.s390x.rpm
samba-winbind-modules-4.11.2-13.el8.s390x.rpm
samba-winbind-modules-debuginfo-4.11.2-13.el8.s390x.rpm

x86_64:
ctdb-4.11.2-13.el8.x86_64.rpm
ctdb-debuginfo-4.11.2-13.el8.i686.rpm
ctdb-debuginfo-4.11.2-13.el8.x86_64.rpm
ctdb-tests-4.11.2-13.el8.x86_64.rpm
ctdb-tests-debuginfo-4.11.2-13.el8.i686.rpm
ctdb-tests-debuginfo-4.11.2-13.el8.x86_64.rpm
libsmbclient-4.11.2-13.el8.i686.rpm
libsmbclient-4.11.2-13.el8.x86_64.rpm
libsmbclient-debuginfo-4.11.2-13.el8.i686.rpm
libsmbclient-debuginfo-4.11.2-13.el8.x86_64.rpm
libwbclient-4.11.2-13.el8.i686.rpm
libwbclient-4.11.2-13.el8.x86_64.rpm
libwbclient-debuginfo-4.11.2-13.el8.i686.rpm
libwbclient-debuginfo-4.11.2-13.el8.x86_64.rpm
python3-samba-4.11.2-13.el8.i686.rpm
python3-samba-4.11.2-13.el8.x86_64.rpm
python3-samba-debuginfo-4.11.2-13.el8.i686.rpm
python3-samba-debuginfo-4.11.2-13.el8.x86_64.rpm
python3-samba-test-4.11.2-13.el8.x86_64.rpm
samba-4.11.2-13.el8.x86_64.rpm
samba-client-4.11.2-13.el8.x86_64.rpm
samba-client-debuginfo-4.11.2-13.el8.i686.rpm
samba-client-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-client-libs-4.11.2-13.el8.i686.rpm
samba-client-libs-4.11.2-13.el8.x86_64.rpm
samba-client-libs-debuginfo-4.11.2-13.el8.i686.rpm
samba-client-libs-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-common-libs-4.11.2-13.el8.x86_64.rpm
samba-common-libs-debuginfo-4.11.2-13.el8.i686.rpm
samba-common-libs-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-common-tools-4.11.2-13.el8.x86_64.rpm
samba-common-tools-debuginfo-4.11.2-13.el8.i686.rpm
samba-common-tools-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-debuginfo-4.11.2-13.el8.i686.rpm
samba-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-debugsource-4.11.2-13.el8.i686.rpm
samba-debugsource-4.11.2-13.el8.x86_64.rpm
samba-krb5-printing-4.11.2-13.el8.x86_64.rpm
samba-krb5-printing-debuginfo-4.11.2-13.el8.i686.rpm
samba-krb5-printing-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-libs-4.11.2-13.el8.i686.rpm
samba-libs-4.11.2-13.el8.x86_64.rpm
samba-libs-debuginfo-4.11.2-13.el8.i686.rpm
samba-libs-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-test-4.11.2-13.el8.x86_64.rpm
samba-test-debuginfo-4.11.2-13.el8.i686.rpm
samba-test-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-test-libs-4.11.2-13.el8.x86_64.rpm
samba-test-libs-debuginfo-4.11.2-13.el8.i686.rpm
samba-test-libs-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-vfs-glusterfs-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-winbind-4.11.2-13.el8.x86_64.rpm
samba-winbind-clients-4.11.2-13.el8.x86_64.rpm
samba-winbind-clients-debuginfo-4.11.2-13.el8.i686.rpm
samba-winbind-clients-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-winbind-debuginfo-4.11.2-13.el8.i686.rpm
samba-winbind-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-winbind-krb5-locator-4.11.2-13.el8.x86_64.rpm
samba-winbind-krb5-locator-debuginfo-4.11.2-13.el8.i686.rpm
samba-winbind-krb5-locator-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-winbind-modules-4.11.2-13.el8.i686.rpm
samba-winbind-modules-4.11.2-13.el8.x86_64.rpm
samba-winbind-modules-debuginfo-4.11.2-13.el8.i686.rpm
samba-winbind-modules-debuginfo-4.11.2-13.el8.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 8):

aarch64:
ctdb-debuginfo-4.11.2-13.el8.aarch64.rpm
ctdb-tests-debuginfo-4.11.2-13.el8.aarch64.rpm
libsmbclient-debuginfo-4.11.2-13.el8.aarch64.rpm
libsmbclient-devel-4.11.2-13.el8.aarch64.rpm
libwbclient-debuginfo-4.11.2-13.el8.aarch64.rpm
libwbclient-devel-4.11.2-13.el8.aarch64.rpm
python3-samba-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-client-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-client-libs-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-common-libs-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-common-tools-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-debugsource-4.11.2-13.el8.aarch64.rpm
samba-krb5-printing-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-libs-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-test-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-test-libs-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-winbind-clients-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-winbind-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-winbind-krb5-locator-debuginfo-4.11.2-13.el8.aarch64.rpm
samba-winbind-modules-debuginfo-4.11.2-13.el8.aarch64.rpm

ppc64le:
ctdb-debuginfo-4.11.2-13.el8.ppc64le.rpm
ctdb-tests-debuginfo-4.11.2-13.el8.ppc64le.rpm
libsmbclient-debuginfo-4.11.2-13.el8.ppc64le.rpm
libsmbclient-devel-4.11.2-13.el8.ppc64le.rpm
libwbclient-debuginfo-4.11.2-13.el8.ppc64le.rpm
libwbclient-devel-4.11.2-13.el8.ppc64le.rpm
python3-samba-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-client-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-client-libs-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-common-libs-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-common-tools-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-debugsource-4.11.2-13.el8.ppc64le.rpm
samba-krb5-printing-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-libs-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-test-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-test-libs-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-winbind-clients-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-winbind-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-winbind-krb5-locator-debuginfo-4.11.2-13.el8.ppc64le.rpm
samba-winbind-modules-debuginfo-4.11.2-13.el8.ppc64le.rpm

s390x:
ctdb-debuginfo-4.11.2-13.el8.s390x.rpm
ctdb-tests-debuginfo-4.11.2-13.el8.s390x.rpm
libsmbclient-debuginfo-4.11.2-13.el8.s390x.rpm
libsmbclient-devel-4.11.2-13.el8.s390x.rpm
libwbclient-debuginfo-4.11.2-13.el8.s390x.rpm
libwbclient-devel-4.11.2-13.el8.s390x.rpm
python3-samba-debuginfo-4.11.2-13.el8.s390x.rpm
samba-client-debuginfo-4.11.2-13.el8.s390x.rpm
samba-client-libs-debuginfo-4.11.2-13.el8.s390x.rpm
samba-common-libs-debuginfo-4.11.2-13.el8.s390x.rpm
samba-common-tools-debuginfo-4.11.2-13.el8.s390x.rpm
samba-debuginfo-4.11.2-13.el8.s390x.rpm
samba-debugsource-4.11.2-13.el8.s390x.rpm
samba-krb5-printing-debuginfo-4.11.2-13.el8.s390x.rpm
samba-libs-debuginfo-4.11.2-13.el8.s390x.rpm
samba-test-debuginfo-4.11.2-13.el8.s390x.rpm
samba-test-libs-debuginfo-4.11.2-13.el8.s390x.rpm
samba-winbind-clients-debuginfo-4.11.2-13.el8.s390x.rpm
samba-winbind-debuginfo-4.11.2-13.el8.s390x.rpm
samba-winbind-krb5-locator-debuginfo-4.11.2-13.el8.s390x.rpm
samba-winbind-modules-debuginfo-4.11.2-13.el8.s390x.rpm

x86_64:
ctdb-debuginfo-4.11.2-13.el8.i686.rpm
ctdb-debuginfo-4.11.2-13.el8.x86_64.rpm
ctdb-tests-debuginfo-4.11.2-13.el8.i686.rpm
ctdb-tests-debuginfo-4.11.2-13.el8.x86_64.rpm
libsmbclient-debuginfo-4.11.2-13.el8.i686.rpm
libsmbclient-debuginfo-4.11.2-13.el8.x86_64.rpm
libsmbclient-devel-4.11.2-13.el8.i686.rpm
libsmbclient-devel-4.11.2-13.el8.x86_64.rpm
libwbclient-debuginfo-4.11.2-13.el8.i686.rpm
libwbclient-debuginfo-4.11.2-13.el8.x86_64.rpm
libwbclient-devel-4.11.2-13.el8.i686.rpm
libwbclient-devel-4.11.2-13.el8.x86_64.rpm
python3-samba-debuginfo-4.11.2-13.el8.i686.rpm
python3-samba-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-client-debuginfo-4.11.2-13.el8.i686.rpm
samba-client-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-client-libs-debuginfo-4.11.2-13.el8.i686.rpm
samba-client-libs-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-common-libs-debuginfo-4.11.2-13.el8.i686.rpm
samba-common-libs-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-common-tools-debuginfo-4.11.2-13.el8.i686.rpm
samba-common-tools-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-debuginfo-4.11.2-13.el8.i686.rpm
samba-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-debugsource-4.11.2-13.el8.i686.rpm
samba-debugsource-4.11.2-13.el8.x86_64.rpm
samba-krb5-printing-debuginfo-4.11.2-13.el8.i686.rpm
samba-krb5-printing-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-libs-debuginfo-4.11.2-13.el8.i686.rpm
samba-libs-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-test-debuginfo-4.11.2-13.el8.i686.rpm
samba-test-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-test-libs-debuginfo-4.11.2-13.el8.i686.rpm
samba-test-libs-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-vfs-glusterfs-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-winbind-clients-debuginfo-4.11.2-13.el8.i686.rpm
samba-winbind-clients-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-winbind-debuginfo-4.11.2-13.el8.i686.rpm
samba-winbind-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-winbind-krb5-locator-debuginfo-4.11.2-13.el8.i686.rpm
samba-winbind-krb5-locator-debuginfo-4.11.2-13.el8.x86_64.rpm
samba-winbind-modules-debuginfo-4.11.2-13.el8.i686.rpm
samba-winbind-modules-debuginfo-4.11.2-13.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2019-10197
https://access.redhat.com/security/cve/CVE-2019-10218
https://access.redhat.com/security/cve/CVE-2019-14907
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXqhVltzjgjWX9erEAQis5A//b/oyNN2/vcH8XAawyBMXolyv8qoF1Mam
oRLt+n2sjg7+InzoUlyE/iep+eRGqv5C6QaG82iZ/2c3yH/OjJH8MwwDSLYg6tIR
bDys1yRA0KgGD4/5e0gOMOgnIkJEfS5h3b9B6yboqn0Ls4peTbJMQvBL8F88GRcM
oYZ/n1z50whCYvnhd9rY99cSe4PxI2WmEB/SKXUMgK6e+lSNP/3GX2WhTnQQOAM0
8YLGql0cFQlyGtNcNJq6Wms/qkLZ4bz1T96GtVqqt+vpLdynCGjqNpJH+EgFzKAW
u89YmQ3ufvQihIyEV3ZqAZexan6QQI/vHC4QIWbK98hgFYwHHmFGsVmVvAz0IJm/
sUuJ8HdV1jsHfUKnXRPr84n/OrvlMSp8LaEv5Z97Z6tk/dFT1AMEnkoGMVbqG+Jt
jo8LSiNGxpLEhLyGlLfEzPCsOhdg7XO8X2GTs3X3kTrs0c8YXnr45HrqDzreaoT2
ONzUj748T13Dj/QrlcXeQjXEQlh2unYvsEtJ27kVFkvV32gZlBuWAvkbp6c+ck5F
tZ8+Sj8VHpc0L6H5RYIWa8FuWJi7+npjKHFb+ZB0bPKKBv5bxyOBbyYYd2OVSp8+
/VD6KAGZhQWHFtUAQ3uojKq9LHgE5U+NYHEahp1NKldcOKYtDnY2TeWZ0caWKe4x
q+2YyPCqf8I=2qQ4
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
This email address is being protected from spambots. You need JavaScript enabled to view it.

Warning: Undefined array key "solution" in /var/www/www.linuxsecurity.com-443/html/lsadvisories/lsadvisories.php on line 316

RedHat Enterprise Linux 8: RHSA-2020:1878-01 Moderate: Samba Bug Fix

red hat
Calendar Grey April 28, 2020
Dist Redhat Esm H88
The recent samba security update for Red Hat Enterprise Linux 8 presents important enhancements along with a vital patch to address security vulnerabilities.
An update for samba is now available for Red Hat Enterprise Linux 8

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the smb service will be restarted automatically.

Summary

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.
The following packages have been upgraded to a later upstream version: samba (4.11.2). (BZ#1754409)
Security Fix(es):
* samba: Combination of parameters and permissions can allow user to escape from the share path definition (CVE-2019-10197)
* samba: smb client vulnerable to filenames containing path separators(CVE-2019-10218)
* samba: Crash after failed character conversion at log level 3 or above (CVE-2019-14907)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section.

Topics%20covered

Topics Covered

security advisory moderate security issue bug fix samba Red Hat Enterprise Linux network protocol

References

https://access.redhat.com/security/cve/CVE-2019-10197 https://access.redhat.com/security/cve/CVE-2019-10218 https://access.redhat.com/security/cve/CVE-2019-14907 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index

Package List

Red Hat Enterprise Linux AppStream (v. 8):
Source: openchange-2.3-24.el8.src.rpm
aarch64: openchange-2.3-24.el8.aarch64.rpm openchange-client-debuginfo-2.3-24.el8.aarch64.rpm openchange-debuginfo-2.3-24.el8.aarch64.rpm openchange-debugsource-2.3-24.el8.aarch64.rpm
ppc64le: openchange-2.3-24.el8.ppc64le.rpm openchange-client-debuginfo-2.3-24.el8.ppc64le.rpm openchange-debuginfo-2.3-24.el8.ppc64le.rpm openchange-debugsource-2.3-24.el8.ppc64le.rpm
x86_64: openchange-2.3-24.el8.i686.rpm openchange-2.3-24.el8.x86_64.rpm openchange-client-debuginfo-2.3-24.el8.i686.rpm openchange-client-debuginfo-2.3-24.el8.x86_64.rpm openchange-debuginfo-2.3-24.el8.i686.rpm openchange-debuginfo-2.3-24.el8.x86_64.rpm openchange-debugsource-2.3-24.el8.i686.rpm openchange-debugsource-2.3-24.el8.x86_64.rpm
Red Hat Enterprise Linux BaseOS (v. 8):
Source: samba-4.11.2-13.el8.src.rpm
aarch64: ctdb-4.11.2-13.el8.aarch64.rpm ctdb-debuginfo-4.11.2-13.el8.aarch64.rpm ctdb-tests-4.11.2-13.el8.aarch64.rpm ctdb-tests-debuginfo-4.11.2-13.el8.aarch64.rpm libsmbclient-4.11.2-13.el8.aarch64.rpm libsmbclient-debuginfo-4.11.2-13.el8.aarch64.rpm libwbclient-4.11.2-13.el8.aarch64.rpm libwbclient-debuginfo-4.11.2-13.el8.aarch64.rpm python3-samba-4.11.2-13.el8.aarch64.rpm

Read the Full Advisory


Advisory ID: RHSA-2020:1878-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:1878
Issue date: 2020-04-28

Topic

An update for samba is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Topics%20covered

Topics Covered

security advisory moderate security issue bug fix samba Red Hat Enterprise Linux network protocol

Relevant Releases Architectures

Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, s390x, x86_64

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, x86_64

Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

Bugs Fixed

1710980 - [RFE] Add support for Kerberos KCM credential cache in pam_winbind/winbindd

1746225 - CVE-2019-10197 samba: Combination of parameters and permissions can allow user to escape from the share path definition

1754409 - Rebase Samba to 4.11.x

1754575 - samba: Remove NSS wins and winbind dependency on librt/libpthread as workaround for glibc defect.

1755440 - Trusted domain enumeration stopped working after Microsoft patch update

1763137 - CVE-2019-10218 samba: smb client vulnerable to filenames containing path separators1776312 - Winbind is not restarted on package upgrade

1778770 - openchange needs to be rebuilt against samba-4.11.2-2.el8 and libldb-2.0.7-1.el8

1785134 - Libwbclient alternatives manual setting lost

1791207 - CVE-2019-14907 samba: Crash after failed character conversion at log level 3 or above

1794461 - Test samba3.smbtorture_s3.plain.WINDOWS-BAD-SYMLINK fails

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here