Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 526
Alerts This Week
Warning Icon 1 526

SUSE: 2018:3161-1 Moderate: Samba Unauthorized Access Fix

suse
Calendar Grey October 16, 2018
Dist Suse Esm H88
SUSE: 2019:4320-1 released a crucial OpenSSH patch aimed at addressing significant remote exploitation vulnerabilities
An update that solves one vulnerability and has four fixes is now available

Summary

Samba was updated to 4.6.15, bringing bug and security fixes. (bsc#1110943) Following security issues were fixed: - CVE-2018-10919: Fix unauthorized attribute access via searches. (bsc#1095057); Non-security bugs fixed: - Fix ctdb_mutex_ceph_rados_helper deadlock (bsc#1102230). - Allow idmap_rid to have primary group other than "Domain Users" (bsc#1087931). - winbind: avoid using fstrcpy in _dual_init_connection. - Fix ntlm authentications with "winbind use default domain = yes" (bsc#1068059). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP3:

References

#1068059 #1087931 #1095057 #1102230 #1110943

Cross- CVE-2018-10919

Affected Products:

SUSE Linux Enterprise Software Development Kit 12-SP3

SUSE Linux Enterprise Server 12-SP3

SUSE Linux Enterprise High Availability 12-SP3

SUSE Linux Enterprise Desktop 12-SP3

SUSE Enterprise Storage 5

https://www.suse.com/security/cve/CVE-2018-10919.html

https://bugzilla.suse.com/1068059

https://bugzilla.suse.com/1087931

https://bugzilla.suse.com/1095057

https://bugzilla.suse.com/1102230

https://bugzilla.suse.com/1110943

Announcement ID: SUSE-SU-2018:3161-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.