This update for samba fixes the following issues: Security issue fixed: - CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share (bsc#1131060). Non-security issues fixed: - Fixed an issue where the first login failed and subsequent ones work (bsc#1126463). - Fixed winbind running out of memory with high number of domain groups (bsc#1114459). - Backport changes to support quotas with SMB2 (bsc#1106119). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2019-1203=1
#1087481 #1106119 #1114459 #1126463 #1131060
Cross- CVE-2019-3880
Affected Products:
SUSE OpenStack Cloud 7
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP2-LTSS
SUSE Linux Enterprise Server 12-SP2-BCL
SUSE Linux Enterprise High Availability 12-SP2
SUSE Enterprise Storage 4
https://www.suse.com/security/cve/CVE-2019-3880.html
https://bugzilla.suse.com/1087481
https://bugzilla.suse.com/1106119
https://bugzilla.suse.com/1114459
https://bugzilla.suse.com/1126463
https://bugzilla.suse.com/1131060
Get the latest Linux and open source security news straight to your inbox.