SuSE: 2017:0859-1: important: samba
Summary
This update for samba fixes the following issues: Security issues fixed: - CVE-2017-2619: Symlink race permits opening files outside share directory (bsc#1027147). Bugfixes: - Don't package man pages for VFS modules that aren't built (bsc#993707). - sync_req: make async_connect_send() "reentrant"; (bso#12105); (bsc#1024416). - Document "winbind: ignore domains" parameter; (bsc#1019416). - Prevent core, make sure response->extra_data.data is always cleared out; (bsc#993692). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-480=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-480=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-480=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-480=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-480=1 - SUSE Linux Enterprise High Availability 12-SP1: zypper in -t patch SUSE-SLE-HA-12-SP1-2017-480=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-480=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-480=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): samba-test-devel-4.2.4-28.8.2 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): ctdb-debuginfo-4.2.4-28.8.2 ctdb-devel-4.2.4-28.8.2 libdcerpc-atsvc-devel-4.2.4-28.8.2 libdcerpc-atsvc0-4.2.4-28.8.2 libdcerpc-atsvc0-debuginfo-4.2.4-28.8.2 libdcerpc-devel-4.2.4-28.8.2 libdcerpc-samr-devel-4.2.4-28.8.2 libdcerpc-samr0-4.2.4-28.8.2 libdcerpc-samr0-debuginfo-4.2.4-28.8.2 libgensec-devel-4.2.4-28.8.2 libndr-devel-4.2.4-28.8.2 libndr-krb5pac-devel-4.2.4-28.8.2 libndr-nbt-devel-4.2.4-28.8.2 libndr-standard-devel-4.2.4-28.8.2 libnetapi-devel-4.2.4-28.8.2 libregistry-devel-4.2.4-28.8.2 libsamba-credentials-devel-4.2.4-28.8.2 libsamba-hostconfig-devel-4.2.4-28.8.2 libsamba-passdb-devel-4.2.4-28.8.2 libsamba-policy-devel-4.2.4-28.8.2 libsamba-policy0-4.2.4-28.8.2 libsamba-policy0-debuginfo-4.2.4-28.8.2 libsamba-util-devel-4.2.4-28.8.2 libsamdb-devel-4.2.4-28.8.2 libsmbclient-devel-4.2.4-28.8.2 libsmbclient-raw-devel-4.2.4-28.8.2 libsmbconf-devel-4.2.4-28.8.2 libsmbldap-devel-4.2.4-28.8.2 libtevent-util-devel-4.2.4-28.8.2 libwbclient-devel-4.2.4-28.8.2 samba-core-devel-4.2.4-28.8.2 samba-debuginfo-4.2.4-28.8.2 samba-debugsource-4.2.4-28.8.2 samba-test-devel-4.2.4-28.8.2 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libdcerpc-atsvc0-4.2.4-28.8.2 libdcerpc-atsvc0-debuginfo-4.2.4-28.8.2 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libdcerpc-atsvc0-4.2.4-28.8.2 libdcerpc-atsvc0-debuginfo-4.2.4-28.8.2 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libdcerpc-binding0-4.2.4-28.8.2 libdcerpc-binding0-debuginfo-4.2.4-28.8.2 libdcerpc0-4.2.4-28.8.2 libdcerpc0-debuginfo-4.2.4-28.8.2 libgensec0-4.2.4-28.8.2 libgensec0-debuginfo-4.2.4-28.8.2 libndr-krb5pac0-4.2.4-28.8.2 libndr-krb5pac0-debuginfo-4.2.4-28.8.2 libndr-nbt0-4.2.4-28.8.2 libndr-nbt0-debuginfo-4.2.4-28.8.2 libndr-standard0-4.2.4-28.8.2 libndr-standard0-debuginfo-4.2.4-28.8.2 libndr0-4.2.4-28.8.2 libndr0-debuginfo-4.2.4-28.8.2 libnetapi0-4.2.4-28.8.2 libnetapi0-debuginfo-4.2.4-28.8.2 libregistry0-4.2.4-28.8.2 libregistry0-debuginfo-4.2.4-28.8.2 libsamba-credentials0-4.2.4-28.8.2 libsamba-credentials0-debuginfo-4.2.4-28.8.2 libsamba-hostconfig0-4.2.4-28.8.2 libsamba-hostconfig0-debuginfo-4.2.4-28.8.2 libsamba-passdb0-4.2.4-28.8.2 libsamba-passdb0-debuginfo-4.2.4-28.8.2 libsamba-util0-4.2.4-28.8.2 libsamba-util0-debuginfo-4.2.4-28.8.2 libsamdb0-4.2.4-28.8.2 libsamdb0-debuginfo-4.2.4-28.8.2 libsmbclient-raw0-4.2.4-28.8.2 libsmbclient-raw0-debuginfo-4.2.4-28.8.2 libsmbclient0-4.2.4-28.8.2 libsmbclient0-debuginfo-4.2.4-28.8.2 libsmbconf0-4.2.4-28.8.2 libsmbconf0-debuginfo-4.2.4-28.8.2 libsmbldap0-4.2.4-28.8.2 libsmbldap0-debuginfo-4.2.4-28.8.2 libtevent-util0-4.2.4-28.8.2 libtevent-util0-debuginfo-4.2.4-28.8.2 libwbclient0-4.2.4-28.8.2 libwbclient0-debuginfo-4.2.4-28.8.2 samba-4.2.4-28.8.2 samba-client-4.2.4-28.8.2 samba-client-debuginfo-4.2.4-28.8.2 samba-debuginfo-4.2.4-28.8.2 samba-debugsource-4.2.4-28.8.2 samba-libs-4.2.4-28.8.2 samba-libs-debuginfo-4.2.4-28.8.2 samba-winbind-4.2.4-28.8.2 samba-winbind-debuginfo-4.2.4-28.8.2 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libdcerpc-binding0-32bit-4.2.4-28.8.2 libdcerpc-binding0-debuginfo-32bit-4.2.4-28.8.2 libdcerpc0-32bit-4.2.4-28.8.2 libdcerpc0-debuginfo-32bit-4.2.4-28.8.2 libgensec0-32bit-4.2.4-28.8.2 libgensec0-debuginfo-32bit-4.2.4-28.8.2 libndr-krb5pac0-32bit-4.2.4-28.8.2 libndr-krb5pac0-debuginfo-32bit-4.2.4-28.8.2 libndr-nbt0-32bit-4.2.4-28.8.2 libndr-nbt0-debuginfo-32bit-4.2.4-28.8.2 libndr-standard0-32bit-4.2.4-28.8.2 libndr-standard0-debuginfo-32bit-4.2.4-28.8.2 libndr0-32bit-4.2.4-28.8.2 libndr0-debuginfo-32bit-4.2.4-28.8.2 libnetapi0-32bit-4.2.4-28.8.2 libnetapi0-debuginfo-32bit-4.2.4-28.8.2 libsamba-credentials0-32bit-4.2.4-28.8.2 libsamba-credentials0-debuginfo-32bit-4.2.4-28.8.2 libsamba-hostconfig0-32bit-4.2.4-28.8.2 libsamba-hostconfig0-debuginfo-32bit-4.2.4-28.8.2 libsamba-passdb0-32bit-4.2.4-28.8.2 libsamba-passdb0-debuginfo-32bit-4.2.4-28.8.2 libsamba-util0-32bit-4.2.4-28.8.2 libsamba-util0-debuginfo-32bit-4.2.4-28.8.2 libsamdb0-32bit-4.2.4-28.8.2 libsamdb0-debuginfo-32bit-4.2.4-28.8.2 libsmbclient-raw0-32bit-4.2.4-28.8.2 libsmbclient-raw0-debuginfo-32bit-4.2.4-28.8.2 libsmbclient0-32bit-4.2.4-28.8.2 libsmbclient0-debuginfo-32bit-4.2.4-28.8.2 libsmbconf0-32bit-4.2.4-28.8.2 libsmbconf0-debuginfo-32bit-4.2.4-28.8.2 libsmbldap0-32bit-4.2.4-28.8.2 libsmbldap0-debuginfo-32bit-4.2.4-28.8.2 libtevent-util0-32bit-4.2.4-28.8.2 libtevent-util0-debuginfo-32bit-4.2.4-28.8.2 libwbclient0-32bit-4.2.4-28.8.2 libwbclient0-debuginfo-32bit-4.2.4-28.8.2 samba-32bit-4.2.4-28.8.2 samba-client-32bit-4.2.4-28.8.2 samba-client-debuginfo-32bit-4.2.4-28.8.2 samba-debuginfo-32bit-4.2.4-28.8.2 samba-libs-32bit-4.2.4-28.8.2 samba-libs-debuginfo-32bit-4.2.4-28.8.2 samba-winbind-32bit-4.2.4-28.8.2 samba-winbind-debuginfo-32bit-4.2.4-28.8.2 - SUSE Linux Enterprise Server 12-SP1 (noarch): samba-doc-4.2.4-28.8.2 - SUSE Linux Enterprise High Availability 12-SP1 (ppc64le s390x x86_64): ctdb-4.2.4-28.8.2 ctdb-debuginfo-4.2.4-28.8.2 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libdcerpc-atsvc0-4.2.4-28.8.2 libdcerpc-atsvc0-debuginfo-4.2.4-28.8.2 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): samba-doc-4.2.4-28.8.2 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libdcerpc-binding0-32bit-4.2.4-28.8.2 libdcerpc-binding0-4.2.4-28.8.2 libdcerpc-binding0-debuginfo-32bit-4.2.4-28.8.2 libdcerpc-binding0-debuginfo-4.2.4-28.8.2 libdcerpc0-32bit-4.2.4-28.8.2 libdcerpc0-4.2.4-28.8.2 libdcerpc0-debuginfo-32bit-4.2.4-28.8.2 libdcerpc0-debuginfo-4.2.4-28.8.2 libgensec0-32bit-4.2.4-28.8.2 libgensec0-4.2.4-28.8.2 libgensec0-debuginfo-32bit-4.2.4-28.8.2 libgensec0-debuginfo-4.2.4-28.8.2 libndr-krb5pac0-32bit-4.2.4-28.8.2 libndr-krb5pac0-4.2.4-28.8.2 libndr-krb5pac0-debuginfo-32bit-4.2.4-28.8.2 libndr-krb5pac0-debuginfo-4.2.4-28.8.2 libndr-nbt0-32bit-4.2.4-28.8.2 libndr-nbt0-4.2.4-28.8.2 libndr-nbt0-debuginfo-32bit-4.2.4-28.8.2 libndr-nbt0-debuginfo-4.2.4-28.8.2 libndr-standard0-32bit-4.2.4-28.8.2 libndr-standard0-4.2.4-28.8.2 libndr-standard0-debuginfo-32bit-4.2.4-28.8.2 libndr-standard0-debuginfo-4.2.4-28.8.2 libndr0-32bit-4.2.4-28.8.2 libndr0-4.2.4-28.8.2 libndr0-debuginfo-32bit-4.2.4-28.8.2 libndr0-debuginfo-4.2.4-28.8.2 libnetapi0-32bit-4.2.4-28.8.2 libnetapi0-4.2.4-28.8.2 libnetapi0-debuginfo-32bit-4.2.4-28.8.2 libnetapi0-debuginfo-4.2.4-28.8.2 libregistry0-4.2.4-28.8.2 libregistry0-debuginfo-4.2.4-28.8.2 libsamba-credentials0-32bit-4.2.4-28.8.2 libsamba-credentials0-4.2.4-28.8.2 libsamba-credentials0-debuginfo-32bit-4.2.4-28.8.2 libsamba-credentials0-debuginfo-4.2.4-28.8.2 libsamba-hostconfig0-32bit-4.2.4-28.8.2 libsamba-hostconfig0-4.2.4-28.8.2 libsamba-hostconfig0-debuginfo-32bit-4.2.4-28.8.2 libsamba-hostconfig0-debuginfo-4.2.4-28.8.2 libsamba-passdb0-32bit-4.2.4-28.8.2 libsamba-passdb0-4.2.4-28.8.2 libsamba-passdb0-debuginfo-32bit-4.2.4-28.8.2 libsamba-passdb0-debuginfo-4.2.4-28.8.2 libsamba-util0-32bit-4.2.4-28.8.2 libsamba-util0-4.2.4-28.8.2 libsamba-util0-debuginfo-32bit-4.2.4-28.8.2 libsamba-util0-debuginfo-4.2.4-28.8.2 libsamdb0-32bit-4.2.4-28.8.2 libsamdb0-4.2.4-28.8.2 libsamdb0-debuginfo-32bit-4.2.4-28.8.2 libsamdb0-debuginfo-4.2.4-28.8.2 libsmbclient-raw0-32bit-4.2.4-28.8.2 libsmbclient-raw0-4.2.4-28.8.2 libsmbclient-raw0-debuginfo-32bit-4.2.4-28.8.2 libsmbclient-raw0-debuginfo-4.2.4-28.8.2 libsmbclient0-32bit-4.2.4-28.8.2 libsmbclient0-4.2.4-28.8.2 libsmbclient0-debuginfo-32bit-4.2.4-28.8.2 libsmbclient0-debuginfo-4.2.4-28.8.2 libsmbconf0-32bit-4.2.4-28.8.2 libsmbconf0-4.2.4-28.8.2 libsmbconf0-debuginfo-32bit-4.2.4-28.8.2 libsmbconf0-debuginfo-4.2.4-28.8.2 libsmbldap0-32bit-4.2.4-28.8.2 libsmbldap0-4.2.4-28.8.2 libsmbldap0-debuginfo-32bit-4.2.4-28.8.2 libsmbldap0-debuginfo-4.2.4-28.8.2 libtevent-util0-32bit-4.2.4-28.8.2 libtevent-util0-4.2.4-28.8.2 libtevent-util0-debuginfo-32bit-4.2.4-28.8.2 libtevent-util0-debuginfo-4.2.4-28.8.2 libwbclient0-32bit-4.2.4-28.8.2 libwbclient0-4.2.4-28.8.2 libwbclient0-debuginfo-32bit-4.2.4-28.8.2 libwbclient0-debuginfo-4.2.4-28.8.2 samba-32bit-4.2.4-28.8.2 samba-4.2.4-28.8.2 samba-client-32bit-4.2.4-28.8.2 samba-client-4.2.4-28.8.2 samba-client-debuginfo-32bit-4.2.4-28.8.2 samba-client-debuginfo-4.2.4-28.8.2 samba-debuginfo-32bit-4.2.4-28.8.2 samba-debuginfo-4.2.4-28.8.2 samba-debugsource-4.2.4-28.8.2 samba-libs-32bit-4.2.4-28.8.2 samba-libs-4.2.4-28.8.2 samba-libs-debuginfo-32bit-4.2.4-28.8.2 samba-libs-debuginfo-4.2.4-28.8.2 samba-winbind-32bit-4.2.4-28.8.2 samba-winbind-4.2.4-28.8.2 samba-winbind-debuginfo-32bit-4.2.4-28.8.2 samba-winbind-debuginfo-4.2.4-28.8.2
References
#1019416 #1024416 #1027147 #993692 #993707
Cross- CVE-2017-2619
Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP2
SUSE Linux Enterprise Software Development Kit 12-SP1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
SUSE Linux Enterprise Server 12-SP2
SUSE Linux Enterprise Server 12-SP1
SUSE Linux Enterprise High Availability 12-SP1
SUSE Linux Enterprise Desktop 12-SP2
SUSE Linux Enterprise Desktop 12-SP1
https://www.suse.com/security/cve/CVE-2017-2619.html
https://bugzilla.suse.com/1019416
https://bugzilla.suse.com/1024416
https://bugzilla.suse.com/1027147
https://bugzilla.suse.com/993692
https://bugzilla.suse.com/993707