Linux Security
    Linux Security
    Linux Security

    RedHat: RHSA-2020-3119:01 Moderate: samba security update

    Date
    230
    Posted By
    An update for samba is now available for Red Hat Gluster Storage 3.5 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256
    
    =====================================================================
                       Red Hat Security Advisory
    
    Synopsis:          Moderate: samba security update
    Advisory ID:       RHSA-2020:3119-01
    Product:           Red Hat Gluster Storage
    Advisory URL:      https://access.redhat.com/errata/RHSA-2020:3119
    Issue date:        2020-07-23
    CVE Names:         CVE-2020-10730 
    =====================================================================
    
    1. Summary:
    
    An update for samba is now available for Red Hat Gluster Storage 3.5 for
    Red Hat Enterprise Linux 8.
    
    Red Hat Product Security has rated this update as having a security impact
    of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
    gives a detailed severity rating, is available for each vulnerability from
    the CVE link(s) in the References section.
    
    2. Relevant releases/architectures:
    
    Red Hat Gluster 3.5 Samba on RHEL-8 - noarch, x86_64
    
    3. Description:
    
    Samba is an open-source implementation of the Server Message Block (SMB)
    protocol and the related Common Internet File System (CIFS) protocol, which
    allow PC-compatible machines to share files, printers, and various
    information.
    
    Security Fix(es):
    
    * samba: NULL pointer de-reference and use-after-free in Samba AD DC LDAP
    Server with ASQ, VLV and paged_results (CVE-2020-10730)
    
    For more details about the security issue(s), including the impact, a CVSS
    score, acknowledgments, and other related information, refer to the CVE
    page(s) listed in the References section.
    
    All users of Samba with Red Hat Gluster Storage are advised to upgrade to
    these updated packages.
    
    4. Solution:
    
    For details on how to apply this update, which includes the changes
    described in this advisory, refer to:
    
    https://access.redhat.com/articles/11258
    
    After installing this update, the smb service will be restarted
    automatically.
    
    For details on migrating Samba/CTDB configuration files, refer to: 
    
    https://access.redhat.com/solutions/4311261
    
    5. Bugs fixed (https://bugzilla.redhat.com/):
    
    1849489 - CVE-2020-10730 samba:  NULL pointer de-reference and use-after-free in Samba AD DC LDAP Server with ASQ, VLV and paged_results
    
    6. Package List:
    
    Red Hat Gluster 3.5 Samba on RHEL-8:
    
    Source:
    samba-4.11.6-107.el8rhgs.src.rpm
    
    noarch:
    samba-common-4.11.6-107.el8rhgs.noarch.rpm
    samba-pidl-4.11.6-107.el8rhgs.noarch.rpm
    
    x86_64:
    ctdb-4.11.6-107.el8rhgs.x86_64.rpm
    ctdb-debuginfo-4.11.6-107.el8rhgs.x86_64.rpm
    ctdb-tests-debuginfo-4.11.6-107.el8rhgs.x86_64.rpm
    libsmbclient-4.11.6-107.el8rhgs.x86_64.rpm
    libsmbclient-debuginfo-4.11.6-107.el8rhgs.x86_64.rpm
    libsmbclient-devel-4.11.6-107.el8rhgs.x86_64.rpm
    libwbclient-4.11.6-107.el8rhgs.x86_64.rpm
    libwbclient-debuginfo-4.11.6-107.el8rhgs.x86_64.rpm
    libwbclient-devel-4.11.6-107.el8rhgs.x86_64.rpm
    python3-samba-4.11.6-107.el8rhgs.x86_64.rpm
    python3-samba-debuginfo-4.11.6-107.el8rhgs.x86_64.rpm
    samba-4.11.6-107.el8rhgs.x86_64.rpm
    samba-client-4.11.6-107.el8rhgs.x86_64.rpm
    samba-client-debuginfo-4.11.6-107.el8rhgs.x86_64.rpm
    samba-client-libs-4.11.6-107.el8rhgs.x86_64.rpm
    samba-client-libs-debuginfo-4.11.6-107.el8rhgs.x86_64.rpm
    samba-common-libs-4.11.6-107.el8rhgs.x86_64.rpm
    samba-common-libs-debuginfo-4.11.6-107.el8rhgs.x86_64.rpm
    samba-common-tools-4.11.6-107.el8rhgs.x86_64.rpm
    samba-common-tools-debuginfo-4.11.6-107.el8rhgs.x86_64.rpm
    samba-debuginfo-4.11.6-107.el8rhgs.x86_64.rpm
    samba-debugsource-4.11.6-107.el8rhgs.x86_64.rpm
    samba-devel-4.11.6-107.el8rhgs.x86_64.rpm
    samba-krb5-printing-4.11.6-107.el8rhgs.x86_64.rpm
    samba-krb5-printing-debuginfo-4.11.6-107.el8rhgs.x86_64.rpm
    samba-libs-4.11.6-107.el8rhgs.x86_64.rpm
    samba-libs-debuginfo-4.11.6-107.el8rhgs.x86_64.rpm
    samba-test-debuginfo-4.11.6-107.el8rhgs.x86_64.rpm
    samba-test-libs-debuginfo-4.11.6-107.el8rhgs.x86_64.rpm
    samba-vfs-glusterfs-4.11.6-107.el8rhgs.x86_64.rpm
    samba-vfs-glusterfs-debuginfo-4.11.6-107.el8rhgs.x86_64.rpm
    samba-winbind-4.11.6-107.el8rhgs.x86_64.rpm
    samba-winbind-clients-4.11.6-107.el8rhgs.x86_64.rpm
    samba-winbind-clients-debuginfo-4.11.6-107.el8rhgs.x86_64.rpm
    samba-winbind-debuginfo-4.11.6-107.el8rhgs.x86_64.rpm
    samba-winbind-krb5-locator-4.11.6-107.el8rhgs.x86_64.rpm
    samba-winbind-krb5-locator-debuginfo-4.11.6-107.el8rhgs.x86_64.rpm
    samba-winbind-modules-4.11.6-107.el8rhgs.x86_64.rpm
    samba-winbind-modules-debuginfo-4.11.6-107.el8rhgs.x86_64.rpm
    
    These packages are GPG signed by Red Hat for security.  Our key and
    details on how to verify the signature are available from
    https://access.redhat.com/security/team/key/
    
    7. References:
    
    https://access.redhat.com/security/cve/CVE-2020-10730
    https://access.redhat.com/security/updates/classification/#moderate
    
    8. Contact:
    
    The Red Hat security contact is . More contact
    details at https://access.redhat.com/security/team/contact/
    
    Copyright 2020 Red Hat, Inc.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1
    
    iQIVAwUBXxkUO9zjgjWX9erEAQiY8g//Z1IM+c1y3Ka6QMCPbIOH3Vm3yMbX+Gty
    xklgCKbpwMY/67I2NbJMJQFCWho77rjmEqEglxm/Exnjoq4n5rfMfASD7BurGGS1
    vrIge9w8B3Eiq+8T79HF8ShyRk3xJUAYVgzdH74SuwLuOJUtqPj6Fggi9fY0CMOR
    e+vXMXzKOkB+8wIF5Y9mb1e97iqZ1dHjWw9oKTtN4sCw2oxiFmsUYJDSZruwYtzS
    3rkRIQ+69jSEnkGEhsxUNuL2P+2tubm7O0K8cpEWNDUkNOnk72jI00aTPHDlE9en
    pylgmZTDvbkY26RVhqQkHDSKNG291YJ328u/spRIMaXwRoEjNJ8of28XVHcU7JFl
    nSPLKVuV+Gac8pqs8oTo1fDMH+aC1Tvg1lP4IwqFSuby2kT3v7XCbae9S0z7DMcJ
    ZsOhfODnybLyPKcIEgkWHnkSQpKm1KCgHqPdbhT67981SMvCa1xMD2AiHkAiTEC7
    F6ug9gWZxONQ2jVvialDBNIiy4ZcLWOUeiqHJlvJRgJvWPuMyHhGekO36Sz5lm9Q
    uaDgHnUfjJNs3dqb5Xf8OwK0XULjhzJkikhMZGuqcqorbIoCqXCQNBIdOlwINijE
    mUdTSFeBcOETSovut4lT1eszQ+YCyxZUf7jDhmmwkH2YS+aQ/Uawml7aaAC5a7/D
    Pr857TDgm3U=
    =n7AK
    -----END PGP SIGNATURE-----
    
    --
    RHSA-announce mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.redhat.com/mailman/listinfo/rhsa-announce
    

    LinuxSecurity Poll

    Which aspect of server security are you most interested in learning more about?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/38-which-aspect-of-server-security-are-you-most-interested-in-learning-more-about?task=poll.vote&format=json
    38
    radio
    [{"id":"131","title":"Preventing information leakage","votes":"1","type":"x","order":"1","pct":100,"resources":[]},{"id":"132","title":"Firewall considerations","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"133","title":"Permissions ","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.