SUSE: 2019:1037-1 Moderate: Samba Path Traversal Security Issue

suse

April 25, 2019

An update that solves one vulnerability and has four fixes is now available

Summary

This update for samba fixes the following issues: Security issue fixed: - CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share (bsc#1131060). Non-security issues fixed: - Fix vfs_ceph ftruncate and fallocate handling (bsc#1127153). - Abide by load_printers smb.conf parameter (bsc#1124223). - s3:winbindd: let normalize_name_map() call find_domain_from_name_noinit() (bsc#1123755). - s3:passdb: Do not return OK if we don't have pinfo set up (bsc#1099590). - s3:winbind: Fix regression (bsc#1123755). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product:

Topics Covered

security advisory moderate update samba suse path traversal symlink fix

References

#1099590 #1123755 #1124223 #1127153 #1131060

Cross- CVE-2019-3880

Affected Products:

SUSE Linux Enterprise Software Development Kit 12-SP4

SUSE Linux Enterprise Software Development Kit 12-SP3

SUSE Linux Enterprise Server 12-SP4

SUSE Linux Enterprise Server 12-SP3

SUSE Linux Enterprise High Availability 12-SP4

SUSE Linux Enterprise High Availability 12-SP3

SUSE Linux Enterprise Desktop 12-SP4

SUSE Linux Enterprise Desktop 12-SP3

SUSE Enterprise Storage 5

https://www.suse.com/security/cve/CVE-2019-3880.html

https://bugzilla.suse.com/1099590

https://bugzilla.suse.com/1123755

https://bugzilla.suse.com/1124223

https://bugzilla.suse.com/1127153

https://bugzilla.suse.com/1131060

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2019:1037-1

Rating: moderate

Topics Covered

security advisory moderate update samba suse path traversal symlink fix

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2019:1037-1 Moderate: Samba Path Traversal Security Issue

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2019:1037-1 Moderate: Samba Path Traversal Security Issue

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!