SUSE: 2020:2036-1 Medium Risk: Samba DoS Vulnerability Successfully Fixed
suse
July 24, 2020
An update that solves one vulnerability and has four fixes is now available
Summary
This update for samba fixes the following issues: - CVE-2020-10745: Fixed an issue which parsing and packing of NBT and DNS packets containing dots could potentially have consumed excessive CPU (bsc#1173160). - Fixed a packaging issue where samba_winbind package was installing python3-base without python3 (bsc#1169521). - Fixed an issue with spnego fallback from kerberos to ntlmssp in smbd server (bsc#1169473). - Fixed ntlm authentications with "winbind use default domain = yes" (bsc#1173429). - Added solution for upgrade problem with libsmbldap2 package (bsc#1172810). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product:
Topics Covered
References
#1169473 #1169521 #1172810 #1173160 #1173429
Cross- CVE-2020-10745
Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP5
SUSE Linux Enterprise Server 12-SP5
SUSE Linux Enterprise High Availability 12-SP5
https://www.suse.com/security/cve/CVE-2020-10745.html
https://bugzilla.suse.com/1169473
https://bugzilla.suse.com/1169521
https://bugzilla.suse.com/1172810
https://bugzilla.suse.com/1173160
https://bugzilla.suse.com/1173429
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2020:2036-1
Rating: moderate
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!