Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 486
Alerts This Week
Warning Icon 1 486

SUSE Enterprise Storage 7: SUSE-SU-2021:0185-1 Moderate: Samba Patch

suse
Calendar Grey January 21, 2021
Dist Suse Esm H88
SUSE has released a security update for Samba that resolves a trio of vulnerabilities, providing solutions categorized as having moderate severity for Enterprise Storage systems.
An update that solves three vulnerabilities and has two fixes is now available

Summary

This update for samba fixes the following issues: - Update to 4.13.3 + libcli: smb2: Never print length if smb2_signing_key_valid() fails for crypto blob; (bso#14210); + s3: modules: gluster. Fix the error I made in preventing talloc leaks from a function; (bso#14486); + s3: smbd: Don't overwrite contents of fsp->aio_requests[0] with NULL via TALLOC_FREE(); (bso#14515); + s3: spoolss: Make parameters in call to user_ok_token() match all other uses; (bso#14568); + s3: smbd: Quiet log messages from usershares for an unknown share; (bso#14590); + samba process does not honor max log size; (bso#14248); + vfs_zfsacl: Add missing inherited flag on hidden "magic" everyone@ ACE; (bso#14587); + s3-libads: Pass timeout to open_socket_out in ms; (bso#13124);

References

#1173902 #1173994 #1177355 #1177613 #1178469

Cross- CVE-2020-14318 CVE-2020-14323 CVE-2020-14383

Affected Products:

SUSE Enterprise Storage 7

https://www.suse.com/security/cve/CVE-2020-14318.html

https://www.suse.com/security/cve/CVE-2020-14323.html

https://www.suse.com/security/cve/CVE-2020-14383.html

https://bugzilla.suse.com/1173902

https://bugzilla.suse.com/1173994

https://bugzilla.suse.com/1177355

https://bugzilla.suse.com/1177613

https://bugzilla.suse.com/1178469

Announcement ID: SUSE-SU-2021:0185-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.