Stay Vigilant with Timely Linux Security Advisories

Loading...

security advisorysambaopenSUSE

openSUSE: 2015:2356-1 important: samba buffer overflow and memory issues

An update that solves 7 vulnerabilities and has 6 fixes is An update that solves 7 vulnerabilities and has 6 fixes is An update that solves 7 vulnerabilities and has 6 fixes is now available. now available.. openSUSE Security Update: Security update for samba, ldb, talloc, tdb, tevent ______________________________________________________________________________ Announcement ID: openSUSE-SU-2015:2356-1 Rating: important References: #939050 #939051 #949022 #951660 #953382 #954658 #958580 #958581 #958582 #958583 #958584 #958585 #958586 Cross-References: CVE-2015-3223 CVE-2015-5252 CVE-2015-5296 CVE-2015-5299 CVE-2015-5330 CVE-2015-7540 CVE-2015-8467 Affected Products: openSUSE 13.2 openSUSE 13.1 ______________________________________________________________________________ An update that solves 7 vulnerabilities and has 6 fixes is now available. Description: This update for ldb, samba, talloc, tdb, tevent fixes the following issues: ldb was updated to 1.1.24. + Fix ldap \00 search expression attack dos; cve-2015-3223; (bso#11325) + Fix remote read memory exploit in ldb; cve-2015-5330; (bso#11599) + Move ldb_(un)pack_data into ldb_module.h for testing + Fix installation of _ldb_text.py + Fix propagation of ldb errors through tdb + Fix bug triggered by having an empty message in database during search + Test improvements + Improved python bindings + Validate_ldb of string(generalized-time) does not accept millisecond format ".000Z"; (bso#9810) + Fix logic in ldb_val_to_time() + Allow to register extended match rules + Fixes for segfaults in pyldb + Documentation fixes + Build system improvements + Fix a typo in the comment, ldb_flags_mod_xxx -> ldb_flag_mod_xxx + Fix check for third_party + Make the successful ldb_transaction_start() message clearer + Ldb-samba: fix a memory leak inldif_canonicalise_objectcategory() + Ldb-samba: move pyldb-utils dependency to python_samba__ldb + Build: improve detection of srcdir Samba was updated to 4.1.22. + Malicious request can cause samba ldap server to hang, spinning using cpu; CVE-2015-3223; (bso#11325); (boo#958581). + Remote read memory exploit in ldb; cve-2015-5330; (bso#11599); (boo#958586). + Insufficient symlink verification (file access outside the share); CVE-2015-5252; (bso#11395); (boo#958582). + No man in the middle protection when forcing smb encryption on the client side; CVE-2015-5296; (bso#11536); (boo#958584). + Currently the snapshot browsing is not secure thru windows previous version (shadow_copy2); CVE-2015-5299; (bso#11529); (boo#958583). + Fix microsoft ms15-096 to prevent machine accounts from being changed into user accounts; CVE-2015-8467; (bso#11552); (boo#958585). + Fix remote dos in samba (ad) ldap server; cve-2015-7540; (bso#9187); (boo#958580). + Ensure attempt to ssh into locked account triggers "Your account is disabled....." to the console; (boo#953382). + Prevent null pointer access in samlogon fallback when security credentials are null; (boo#949022). talloc was updated to 2.1.5; (boo#954658). + Minor build fixes + Point ld_library_path to the just-built libraries while calling make test. + Disable rpath-install and silent-rules while configure. + Update to 2.1.4; (boo#951660). + Test that talloc magic differs between processes. + Increment minor version due to added talloc_test_get_magic. + Provide tests access to talloc_magic. + Test magic protection measures. + Update the samba library distribution key file 'talloc.keyring'; (bso#945116). + Update to 2.1.3; (boo#939051). + Improved python3 bindings + Documentation fixes regarding talloc_reference() and talloc_unlink() tdb was updated to version 1.3.8; (boo#954658). + Fix broken build with --disable-python + Minor buildfixes + Disable rpath-install and silent-rules while configure. + Update the samba library distribution key file 'tdb.keyring'; (bso#945116). + Update to version 1.3.7. + First fix deadlock in the interaction between fcntl and mutex locking; (bso#11381) + Improved python3 bindings + Update to version 1.3.6. + Fix runtime detection for robust mutexes in the standalone build; (bso#11326). + Possible fix for the build with robust mutexes on solaris 11; (bso#11319). + Update to version 1.3.5. + Abi change: tdb_chainlock_read_nonblock() has been added, a nonblock variant of tdb_chainlock_read() + Do not build test binaries if it's not a standalone build + Fix cid 1034842 resource leak + Fix cid 1034841 resource leak + Don't let tdb_wrap_open() segfault with name==null + Update to version 1.3.4. + Toos: allow transactions with tdb_mutex_locking + Test: add tdb1-run-mutex-transaction1 test + Allow transactions on on tdb's with tdb_mutex_locking + Update to version 1.3.3. + Test: tdb_clear_if_first | tdb_mutex_locking, o_rdonly is a valid combination + Update to version 1.3.2. + Allow tdb_open_ex() with o_rdonly of tdb_feature_flag_mutex tdbs. + Fix a comment + Fix tdb_runtime_check_for_robust_mutexes() + Improve wording in a comment + Tdb.h needs bool type; obsoletes include_stdbool_bso10625.patch + Tdb_wrap: make mutexes easier to use + Tdb_wrap: only pull in samba-debug + Tdb_wrap: standalone compile without includes.h + Tdb_wrap: tdb_wrap.h doesn't need struct loadparm_context - Update to version 1.3.1. + Tools: fix a compiler warning + Defragment the freelist in tdb_allocate_from_freelist() + Add "freelist_size" sub-command to tdbtool + Use tdb_freelist_merge_adjacent in tdb_freelist_size() + Add tdb_freelist_merge_adjacent() + Add utility function check_merge_ptr_with_left_record() + Simplify tdb_free() using check_merge_with_left_record() + Add utility functioncheck_merge_with_left_record() + Improve comments for tdb_free(). + Factor merge_with_left_record() out of tdb_free() + Fix debug message in tdb_free() + Reduce indentation in tdb_free() for merging left + Increase readability of read_record_on_left() + Factor read_record_on_left() out of tdb_free() + Build: improve detection of srcdir. tevent was update to version 0.9.26; (boo#954658). + New tevent_thread_proxy api + Minor build fixes + Update the samba library distribution key file 'tevent.keyring'; (bso#945116). + Update to 0.9.25. + Fix compile error in solaris ports backend. + Fix access after free in tevent_common_check_signal(); (bso#11308). + Improve pytevent bindings. + Testsuite fixes. + Improve the documentation of the tevent_add_fd() assumtions. it must be talloc_free'ed before closing the fd! (bso##11141); (bso#11316). + Update to 0.9.24. + Ignore unexpected signal events in the same way the epoll backend does. + Update to 0.9.23. + Update the tevent_data.dox tutrial stuff to fix some errors, including white space problems. + Use tevent_req_simple_recv_unix in a few places. + Update to 0.9.22. + Remove unused exit_code in tevent_select.c + Remove unused exit_code in tevent_poll.c + Build: improve detection of srcdir + Lib: tevent: make tevent_sig_increment atomic. + Update flags in tevent pkgconfig file + Utilize doxygen to generate the api documentation and package it. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.2: zypper in -t patch openSUSE-2015-945=1 - openSUSE 13.1: zypper in -t patch openSUSE-2015-945=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.2 (i586 x86_64): ldb-debugsource-1.1.24-3.4.1 ldb-tools-1.1.24-3.4.1 ldb-tools-debuginfo-1.1.24-3.4.1 libdcerpc-atsvc-devel-4.1.22-21.1 libdcerpc-atsvc0-4.1.22-21.1 libdcerpc-atsvc0-debuginfo-4.1.22-21.1 libdcerpc-binding0-4.1.22-21.1 libdcerpc-binding0-debuginfo-4.1.22-21.1 libdcerpc-devel-4.1.22-21.1 libdcerpc-samr-devel-4.1.22-21.1 libdcerpc-samr0-4.1.22-21.1 libdcerpc-samr0-debuginfo-4.1.22-21.1 libdcerpc0-4.1.22-21.1 libdcerpc0-debuginfo-4.1.22-21.1 libgensec-devel-4.1.22-21.1 libgensec0-4.1.22-21.1 libgensec0-debuginfo-4.1.22-21.1 libldb-devel-1.1.24-3.4.1 libldb1-1.1.24-3.4.1 libldb1-debuginfo-1.1.24-3.4.1 libndr-devel-4.1.22-21.1 libndr-krb5pac-devel-4.1.22-21.1 libndr-krb5pac0-4.1.22-21.1 libndr-krb5pac0-debuginfo-4.1.22-21.1 libndr-nbt-devel-4.1.22-21.1 libndr-nbt0-4.1.22-21.1 libndr-nbt0-debuginfo-4.1.22-21.1 libndr-standard-devel-4.1.22-21.1 libndr-standard0-4.1.22-21.1 libndr-standard0-debuginfo-4.1.22-21.1 libndr0-4.1.22-21.1 libndr0-debuginfo-4.1.22-21.1 libnetapi-devel-4.1.22-21.1 libnetapi0-4.1.22-21.1 libnetapi0-debuginfo-4.1.22-21.1 libpdb-devel-4.1.22-21.1 libpdb0-4.1.22-21.1 libpdb0-debuginfo-4.1.22-21.1 libregistry-devel-4.1.22-21.1 libregistry0-4.1.22-21.1 libregistry0-debuginfo-4.1.22-21.1 libsamba-credentials-devel-4.1.22-21.1 libsamba-credentials0-4.1.22-21.1 libsamba-credentials0-debuginfo-4.1.22-21.1 libsamba-hostconfig-devel-4.1.22-21.1 libsamba-hostconfig0-4.1.22-21.1 libsamba-hostconfig0-debuginfo-4.1.22-21.1 libsamba-policy-devel-4.1.22-21.1 libsamba-policy0-4.1.22-21.1 libsamba-policy0-debuginfo-4.1.22-21.1 libsamba-util-devel-4.1.22-21.1 libsamba-util0-4.1.22-21.1 libsamba-util0-debuginfo-4.1.22-21.1 libsamdb-devel-4.1.22-21.1 libsamdb0-4.1.22-21.1 libsamdb0-debuginfo-4.1.22-21.1 libsmbclient-devel-4.1.22-21.1 libsmbclient-raw-devel-4.1.22-21.1 libsmbclient-raw0-4.1.22-21.1 libsmbclient-raw0-debuginfo-4.1.22-21.1 libsmbclient0-4.1.22-21.1 libsmbclient0-debuginfo-4.1.22-21.1 libsmbconf-devel-4.1.22-21.1 libsmbconf0-4.1.22-21.1 libsmbconf0-debuginfo-4.1.22-21.1 libsmbldap-devel-4.1.22-21.1 libsmbldap0-4.1.22-21.1 libsmbldap0-debuginfo-4.1.22-21.1 libsmbsharemodes-devel-4.1.22-21.1 libsmbsharemodes0-4.1.22-21.1 libsmbsharemodes0-debuginfo-4.1.22-21.1 libtalloc-devel-2.1.5-2.6.1 libtalloc2-2.1.5-2.6.1 libtalloc2-debuginfo-2.1.5-2.6.1 libtdb-devel-1.3.8-3.1 libtdb1-1.3.8-3.1 libtdb1-debuginfo-1.3.8-3.1 libtevent-devel-0.9.26-3.1 libtevent-util-devel-4.1.22-21.1 libtevent-util0-4.1.22-21.1 libtevent-util0-debuginfo-4.1.22-21.1 libtevent0-0.9.26-3.1 libtevent0-debuginfo-0.9.26-3.1 libwbclient-devel-4.1.22-21.1 libwbclient0-4.1.22-21.1 libwbclient0-debuginfo-4.1.22-21.1 pyldb-1.1.24-3.4.1 pyldb-debuginfo-1.1.24-3.4.1 pyldb-devel-1.1.24-3.4.1 pytalloc-2.1.5-2.6.1 pytalloc-debuginfo-2.1.5-2.6.1 pytalloc-devel-2.1.5-2.6.1 python-tdb-1.3.8-3.1 python-tdb-debuginfo-1.3.8-3.1 python-tevent-0.9.26-3.1 python-tevent-debuginfo-0.9.26-3.1 samba-4.1.22-21.1 samba-client-4.1.22-21.1 samba-client-debuginfo-4.1.22-21.1 samba-core-devel-4.1.22-21.1 samba-debuginfo-4.1.22-21.1 samba-debugsource-4.1.22-21.1 samba-libs-4.1.22-21.1 samba-libs-debuginfo-4.1.22-21.1 samba-pidl-4.1.22-21.1 samba-python-4.1.22-21.1 samba-python-debuginfo-4.1.22-21.1 samba-test-4.1.22-21.1 samba-test-debuginfo-4.1.22-21.1 samba-test-devel-4.1.22-21.1 samba-winbind-4.1.22-21.1 samba-winbind-debuginfo-4.1.22-21.1 talloc-debugsource-2.1.5-2.6.1 tdb-debugsource-1.3.8-3.1 tdb-tools-1.3.8-3.1 tdb-tools-debuginfo-1.3.8-3.1 tevent-debugsource-0.9.26-3.1 -openSUSE 13.2 (x86_64): libdcerpc-atsvc0-32bit-4.1.22-21.1 libdcerpc-atsvc0-debuginfo-32bit-4.1.22-21.1 libdcerpc-binding0-32bit-4.1.22-21.1 libdcerpc-binding0-debuginfo-32bit-4.1.22-21.1 libdcerpc-samr0-32bit-4.1.22-21.1 libdcerpc-samr0-debuginfo-32bit-4.1.22-21.1 libdcerpc0-32bit-4.1.22-21.1 libdcerpc0-debuginfo-32bit-4.1.22-21.1 libgensec0-32bit-4.1.22-21.1 libgensec0-debuginfo-32bit-4.1.22-21.1 libldb1-32bit-1.1.24-3.4.1 libldb1-debuginfo-32bit-1.1.24-3.4.1 libndr-krb5pac0-32bit-4.1.22-21.1 libndr-krb5pac0-debuginfo-32bit-4.1.22-21.1 libndr-nbt0-32bit-4.1.22-21.1 libndr-nbt0-debuginfo-32bit-4.1.22-21.1 libndr-standard0-32bit-4.1.22-21.1 libndr-standard0-debuginfo-32bit-4.1.22-21.1 libndr0-32bit-4.1.22-21.1 libndr0-debuginfo-32bit-4.1.22-21.1 libnetapi0-32bit-4.1.22-21.1 libnetapi0-debuginfo-32bit-4.1.22-21.1 libpdb0-32bit-4.1.22-21.1 libpdb0-debuginfo-32bit-4.1.22-21.1 libregistry0-32bit-4.1.22-21.1 libregistry0-debuginfo-32bit-4.1.22-21.1 libsamba-credentials0-32bit-4.1.22-21.1 libsamba-credentials0-debuginfo-32bit-4.1.22-21.1 libsamba-hostconfig0-32bit-4.1.22-21.1 libsamba-hostconfig0-debuginfo-32bit-4.1.22-21.1 libsamba-policy0-32bit-4.1.22-21.1 libsamba-policy0-debuginfo-32bit-4.1.22-21.1 libsamba-util0-32bit-4.1.22-21.1 libsamba-util0-debuginfo-32bit-4.1.22-21.1 libsamdb0-32bit-4.1.22-21.1 libsamdb0-debuginfo-32bit-4.1.22-21.1 libsmbclient-raw0-32bit-4.1.22-21.1 libsmbclient-raw0-debuginfo-32bit-4.1.22-21.1 libsmbclient0-32bit-4.1.22-21.1 libsmbclient0-debuginfo-32bit-4.1.22-21.1 libsmbconf0-32bit-4.1.22-21.1 libsmbconf0-debuginfo-32bit-4.1.22-21.1 libsmbldap0-32bit-4.1.22-21.1 libsmbldap0-debuginfo-32bit-4.1.22-21.1 libtalloc2-32bit-2.1.5-2.6.1 libtalloc2-debuginfo-32bit-2.1.5-2.6.1 libtdb1-32bit-1.3.8-3.1 libtdb1-debuginfo-32bit-1.3.8-3.1 libtevent-util0-32bit-4.1.22-21.1 libtevent-util0-debuginfo-32bit-4.1.22-21.1 libtevent0-32bit-0.9.26-3.1 libtevent0-debuginfo-32bit-0.9.26-3.1 libwbclient0-32bit-4.1.22-21.1 libwbclient0-debuginfo-32bit-4.1.22-21.1 pyldb-32bit-1.1.24-3.4.1 pyldb-debuginfo-32bit-1.1.24-3.4.1 pytalloc-32bit-2.1.5-2.6.1 pytalloc-debuginfo-32bit-2.1.5-2.6.1 python-tdb-32bit-1.3.8-3.1 python-tdb-debuginfo-32bit-1.3.8-3.1 python-tevent-32bit-0.9.26-3.1 python-tevent-debuginfo-32bit-0.9.26-3.1 samba-32bit-4.1.22-21.1 samba-client-32bit-4.1.22-21.1 samba-client-debuginfo-32bit-4.1.22-21.1 samba-debuginfo-32bit-4.1.22-21.1 samba-libs-32bit-4.1.22-21.1 samba-libs-debuginfo-32bit-4.1.22-21.1 samba-winbind-32bit-4.1.22-21.1 samba-winbind-debuginfo-32bit-4.1.22-21.1 - openSUSE 13.2 (noarch): samba-doc-4.1.22-21.1 - openSUSE 13.1 (i586 x86_64): ldb-debugsource-1.1.24-3.7.1 ldb-tools-1.1.24-3.7.1 ldb-tools-debuginfo-1.1.24-3.7.1 libdcerpc-atsvc-devel-4.1.22-3.46.1 libdcerpc-atsvc0-4.1.22-3.46.1 libdcerpc-atsvc0-debuginfo-4.1.22-3.46.1 libdcerpc-binding0-4.1.22-3.46.1 libdcerpc-binding0-debuginfo-4.1.22-3.46.1 libdcerpc-devel-4.1.22-3.46.1 libdcerpc-samr-devel-4.1.22-3.46.1 libdcerpc-samr0-4.1.22-3.46.1 libdcerpc-samr0-debuginfo-4.1.22-3.46.1 libdcerpc0-4.1.22-3.46.1 libdcerpc0-debuginfo-4.1.22-3.46.1 libgensec-devel-4.1.22-3.46.1 libgensec0-4.1.22-3.46.1 libgensec0-debuginfo-4.1.22-3.46.1 libldb-devel-1.1.24-3.7.1 libldb1-1.1.24-3.7.1 libldb1-debuginfo-1.1.24-3.7.1 libndr-devel-4.1.22-3.46.1 libndr-krb5pac-devel-4.1.22-3.46.1 libndr-krb5pac0-4.1.22-3.46.1 libndr-krb5pac0-debuginfo-4.1.22-3.46.1 libndr-nbt-devel-4.1.22-3.46.1 libndr-nbt0-4.1.22-3.46.1 libndr-nbt0-debuginfo-4.1.22-3.46.1 libndr-standard-devel-4.1.22-3.46.1 libndr-standard0-4.1.22-3.46.1 libndr-standard0-debuginfo-4.1.22-3.46.1 libndr0-4.1.22-3.46.1 libndr0-debuginfo-4.1.22-3.46.1 libnetapi-devel-4.1.22-3.46.1 libnetapi0-4.1.22-3.46.1 libnetapi0-debuginfo-4.1.22-3.46.1 libpdb-devel-4.1.22-3.46.1 libpdb0-4.1.22-3.46.1 libpdb0-debuginfo-4.1.22-3.46.1 libregistry-devel-4.1.22-3.46.1 libregistry0-4.1.22-3.46.1 libregistry0-debuginfo-4.1.22-3.46.1 libsamba-credentials-devel-4.1.22-3.46.1 libsamba-credentials0-4.1.22-3.46.1 libsamba-credentials0-debuginfo-4.1.22-3.46.1 libsamba-hostconfig-devel-4.1.22-3.46.1 libsamba-hostconfig0-4.1.22-3.46.1 libsamba-hostconfig0-debuginfo-4.1.22-3.46.1 libsamba-policy-devel-4.1.22-3.46.1 libsamba-policy0-4.1.22-3.46.1 libsamba-policy0-debuginfo-4.1.22-3.46.1 libsamba-util-devel-4.1.22-3.46.1 libsamba-util0-4.1.22-3.46.1 libsamba-util0-debuginfo-4.1.22-3.46.1 libsamdb-devel-4.1.22-3.46.1 libsamdb0-4.1.22-3.46.1 libsamdb0-debuginfo-4.1.22-3.46.1 libsmbclient-devel-4.1.22-3.46.1 libsmbclient-raw-devel-4.1.22-3.46.1 libsmbclient-raw0-4.1.22-3.46.1 libsmbclient-raw0-debuginfo-4.1.22-3.46.1 libsmbclient0-4.1.22-3.46.1 libsmbclient0-debuginfo-4.1.22-3.46.1 libsmbconf-devel-4.1.22-3.46.1 libsmbconf0-4.1.22-3.46.1 libsmbconf0-debuginfo-4.1.22-3.46.1 libsmbldap-devel-4.1.22-3.46.1 libsmbldap0-4.1.22-3.46.1 libsmbldap0-debuginfo-4.1.22-3.46.1 libsmbsharemodes-devel-4.1.22-3.46.1 libsmbsharemodes0-4.1.22-3.46.1 libsmbsharemodes0-debuginfo-4.1.22-3.46.1 libtalloc-devel-2.1.5-7.10.1 libtalloc2-2.1.5-7.10.1 libtalloc2-debuginfo-2.1.5-7.10.1 libtdb-devel-1.3.8-4.7.1 libtdb1-1.3.8-4.7.1 libtdb1-debuginfo-1.3.8-4.7.1 libtevent-devel-0.9.26-4.7.1 libtevent-util-devel-4.1.22-3.46.1 libtevent-util0-4.1.22-3.46.1 libtevent-util0-debuginfo-4.1.22-3.46.1 libtevent0-0.9.26-4.7.1 libtevent0-debuginfo-0.9.26-4.7.1 libwbclient-devel-4.1.22-3.46.1 libwbclient0-4.1.22-3.46.1 libwbclient0-debuginfo-4.1.22-3.46.1 pyldb-1.1.24-3.7.1 pyldb-debuginfo-1.1.24-3.7.1 pyldb-devel-1.1.24-3.7.1 pytalloc-2.1.5-7.10.1 pytalloc-debuginfo-2.1.5-7.10.1 pytalloc-devel-2.1.5-7.10.1 python-tdb-1.3.8-4.7.1 python-tdb-debuginfo-1.3.8-4.7.1 python-tevent-0.9.26-4.7.1 python-tevent-debuginfo-0.9.26-4.7.1 samba-4.1.22-3.46.1 samba-client-4.1.22-3.46.1 samba-client-debuginfo-4.1.22-3.46.1 samba-core-devel-4.1.22-3.46.1 samba-debuginfo-4.1.22-3.46.1 samba-debugsource-4.1.22-3.46.1 samba-libs-4.1.22-3.46.1 samba-libs-debuginfo-4.1.22-3.46.1 samba-pidl-4.1.22-3.46.1 samba-python-4.1.22-3.46.1 samba-python-debuginfo-4.1.22-3.46.1 samba-test-4.1.22-3.46.1 samba-test-debuginfo-4.1.22-3.46.1 samba-test-devel-4.1.22-3.46.1 samba-winbind-4.1.22-3.46.1 samba-winbind-debuginfo-4.1.22-3.46.1 talloc-debugsource-2.1.5-7.10.1 tdb-debugsource-1.3.8-4.7.1 tdb-tools-1.3.8-4.7.1 tdb-tools-debuginfo-1.3.8-4.7.1 tevent-debugsource-0.9.26-4.7.1 - openSUSE 13.1 (x86_64): libdcerpc-atsvc0-32bit-4.1.22-3.46.1 libdcerpc-atsvc0-debuginfo-32bit-4.1.22-3.46.1 libdcerpc-binding0-32bit-4.1.22-3.46.1 libdcerpc-binding0-debuginfo-32bit-4.1.22-3.46.1 libdcerpc-samr0-32bit-4.1.22-3.46.1 libdcerpc-samr0-debuginfo-32bit-4.1.22-3.46.1 libdcerpc0-32bit-4.1.22-3.46.1 libdcerpc0-debuginfo-32bit-4.1.22-3.46.1 libgensec0-32bit-4.1.22-3.46.1 libgensec0-debuginfo-32bit-4.1.22-3.46.1 libldb1-32bit-1.1.24-3.7.1 libldb1-debuginfo-32bit-1.1.24-3.7.1 libndr-krb5pac0-32bit-4.1.22-3.46.1 libndr-krb5pac0-debuginfo-32bit-4.1.22-3.46.1 libndr-nbt0-32bit-4.1.22-3.46.1 libndr-nbt0-debuginfo-32bit-4.1.22-3.46.1 libndr-standard0-32bit-4.1.22-3.46.1 libndr-standard0-debuginfo-32bit-4.1.22-3.46.1 libndr0-32bit-4.1.22-3.46.1 libndr0-debuginfo-32bit-4.1.22-3.46.1 libnetapi0-32bit-4.1.22-3.46.1 libnetapi0-debuginfo-32bit-4.1.22-3.46.1 libpdb0-32bit-4.1.22-3.46.1 libpdb0-debuginfo-32bit-4.1.22-3.46.1 libregistry0-32bit-4.1.22-3.46.1 libregistry0-debuginfo-32bit-4.1.22-3.46.1 libsamba-credentials0-32bit-4.1.22-3.46.1 libsamba-credentials0-debuginfo-32bit-4.1.22-3.46.1 libsamba-hostconfig0-32bit-4.1.22-3.46.1 libsamba-hostconfig0-debuginfo-32bit-4.1.22-3.46.1 libsamba-policy0-32bit-4.1.22-3.46.1 libsamba-policy0-debuginfo-32bit-4.1.22-3.46.1 libsamba-util0-32bit-4.1.22-3.46.1 libsamba-util0-debuginfo-32bit-4.1.22-3.46.1 libsamdb0-32bit-4.1.22-3.46.1 libsamdb0-debuginfo-32bit-4.1.22-3.46.1 libsmbclient-raw0-32bit-4.1.22-3.46.1 libsmbclient-raw0-debuginfo-32bit-4.1.22-3.46.1 libsmbclient0-32bit-4.1.22-3.46.1 libsmbclient0-debuginfo-32bit-4.1.22-3.46.1 libsmbconf0-32bit-4.1.22-3.46.1 libsmbconf0-debuginfo-32bit-4.1.22-3.46.1 libsmbldap0-32bit-4.1.22-3.46.1 libsmbldap0-debuginfo-32bit-4.1.22-3.46.1 libtalloc2-32bit-2.1.5-7.10.1 libtalloc2-debuginfo-32bit-2.1.5-7.10.1 libtdb1-32bit-1.3.8-4.7.1 libtdb1-debuginfo-32bit-1.3.8-4.7.1 libtevent-util0-32bit-4.1.22-3.46.1 libtevent-util0-debuginfo-32bit-4.1.22-3.46.1 libtevent0-32bit-0.9.26-4.7.1 libtevent0-debuginfo-32bit-0.9.26-4.7.1 libwbclient0-32bit-4.1.22-3.46.1 libwbclient0-debuginfo-32bit-4.1.22-3.46.1 pyldb-32bit-1.1.24-3.7.1 pyldb-debuginfo-32bit-1.1.24-3.7.1 pytalloc-32bit-2.1.5-7.10.1 pytalloc-debuginfo-32bit-2.1.5-7.10.1 python-tdb-32bit-1.3.8-4.7.1 python-tdb-debuginfo-32bit-1.3.8-4.7.1 python-tevent-32bit-0.9.26-4.7.1 python-tevent-debuginfo-32bit-0.9.26-4.7.1 samba-32bit-4.1.22-3.46.1 samba-client-32bit-4.1.22-3.46.1 samba-client-debuginfo-32bit-4.1.22-3.46.1 samba-debuginfo-32bit-4.1.22-3.46.1 samba-libs-32bit-4.1.22-3.46.1 samba-libs-debuginfo-32bit-4.1.22-3.46.1 samba-winbind-32bit-4.1.22-3.46.1 samba-winbind-debuginfo-32bit-4.1.22-3.46.1 - openSUSE 13.1 (noarch): samba-doc-4.1.22-3.46.1 References: https://www.suse.com/security/cve/CVE-2015-3223.html https://www.suse.com/security/cve/CVE-2015-5252.html https://www.suse.com/security/cve/CVE-2015-5296.html https://www.suse.com/security/cve/CVE-2015-5299.html https://www.suse.com/security/cve/CVE-2015-5330.html https://www.suse.com/security/cve/CVE-2015-7540.html https://www.suse.com/security/cve/CVE-2015-8467.html https://bugzilla.suse.com/show_bug.cgi?id=939050 https://bugzilla.suse.com/show_bug.cgi?id=939051 https://bugzilla.suse.com/show_bug.cgi?id=949022 https://bugzilla.suse.com/show_bug.cgi?id=951660 https://bugzilla.suse.com/show_bug.cgi?id=953382 https://bugzilla.suse.com/show_bug.cgi?id=954658 https://bugzilla.suse.com/show_bug.cgi?id=958580 https://bugzilla.suse.com/show_bug.cgi?id=958581 https://bugzilla.suse.com/show_bug.cgi?id=958582 https://bugzilla.suse.com/show_bug.cgi?id=958583 https://bugzilla.suse.com/show_bug.cgi?id=958584 https://bugzilla.suse.com/show_bug.cgi?id=958585 https://bugzilla.suse.com/show_bug.cgi?id=958586 . Critical openSUSE patch released for samba, ldb, talloc, tdb, and tevent to address several vulnerabilities.. Samba Security, OpenSUSE Updates, LDB Issues, Talloc Fixes. . Severity: Important. LinuxSecurity.com Team

Dec 24, 2015 •Important OpenSUSE

security advisorysambaimportant

SUSE: 2015:2305-1 Important: Ldb, Samba, Talloc Security Update

An update that solves 6 vulnerabilities and has three fixes An update that solves 6 vulnerabilities and has three fixes An update that solves 6 vulnerabilities and has three fixes is now available. is now available.. SUSE Security Update: Security update for ldb, samba, talloc, tdb, tevent ______________________________________________________________________________ Announcement ID: SUSE-SU-2015:2305-1 Rating: important References: #949022 #951660 #954658 #958581 #958582 #958583 #958584 #958585 #958586 Cross-References: CVE-2015-3223 CVE-2015-5252 CVE-2015-5296 CVE-2015-5299 CVE-2015-5330 CVE-2015-8467 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves 6 vulnerabilities and has three fixes is now available. Description: This update for ldb, samba, talloc, tdb, tevent fixes the following security issues and bugs: The Samba LDB was updated to version 1.1.24: - Fix ldap \00 search expression attack dos; CVE-2015-3223; (bso#11325) - Fix remote read memory exploit in ldb; CVE-2015-5330; (bso#11599) - Move ldb_(un)pack_data into ldb_module.h for testing - Fix installation of _ldb_text.py - Fix propagation of ldb errors through tdb - Fix bug triggered by having an empty message in database during search Samba was updated to fix these issues: - Malicious request can cause Samba LDAP server to hang, spinning using CPU; CVE-2015-3223; (bso#11325); (bnc#958581). - Remote read memory exploit in LDB; CVE-2015-5330; (bso#11599); (bnc#958586). - Insufficient symlink verification (file access outside the share); CVE-2015-5252; (bso#11395); (bnc#958582). - No man in the middle protection when forcing smb encryptionon the client side; CVE-2015-5296; (bso#11536); (bnc#958584). - Currently the snapshot browsing is not secure thru windows previous version (shadow_copy2); CVE-2015-5299; (bso#11529); (bnc#958583). - Fix Microsoft MS15-096 to prevent machine accounts from being changed into user accounts; CVE-2015-8467; (bso#11552); (bnc#958585). - Changing log level of two entries to from 1 to 3; (bso#9912). - vfs_gpfs: Re-enable share modes; (bso#11243). - wafsamba: Also build libraries with RELRO protection; (bso#11346). - ctdb: Strip trailing spaces from nodes file; (bso#11365). - s3-smbd: Fix old DOS client doing wildcard delete - gives a attribute type of zero; (bso#11452). - nss_wins: Do not run into use after free issues when we access memory allocated on the globals and the global being reinitialized; (bso#11563). - async_req: Fix non-blocking connect(); (bso#11564). - auth: gensec: Fix a memory leak; (bso#11565). - lib: util: Make non-critical message a warning; (bso#11566). - Fix winbindd crashes with samlogon for trusted domain user; (bso#11569); (bnc#949022). - smbd: Send SMB2 oplock breaks unencrypted; (bso#11570). - ctdb: Open the RO tracking db with perms 0600 instead of 0000; (bso#11577). - manpage: Correct small typo error; (bso#11584). - s3: smbd: If EA's are turned off on a share don't allow an SMB2 create containing them; (bso#11589). - Backport some valgrind fixes from upstream master; (bso#11597). - s3: smbd: have_file_open_below() fails to enumerate open files below an open directory handle; (bso#11615). - docs: Fix some typos in the idmap config section of man 5 smb.conf; (bso#11619). - Cleanup and enhance the pidl sub package. - s3: smbd: Fix our access-based enumeration on "hide unreadable" to match Windows; (bso#10252). - smbd: Fix file name buflen and padding in notify repsonse; (bso#10634). - kerberos: Make sure we only use prompter type when available; (bso#11038). - s3:ctdbd_conn: Make sure we destroy tevent_fd before closing the socket; (bso#11316). - dcerpc.idl: accept invalid dcerpc_bind_nak pdus; (bso#11327). - Fix a deadlock in tdb; (bso#11381). - s3: smbd: Fix mkdir race condition; (bso#11486). - pam_winbind: Fix a segfault if initialization fails; (bso#11502). - s3: dfs: Fix a crash when the dfs targets are disabled; (bso#11509). - s3: smbd: Fix opening/creating :stream files on the root share directory; (bso#11522). - net: Fix a crash with 'net ads keytab create'; (bso#11528). - s3: smbd: Fix a crash in unix_convert() and a NULL pointer bug introduced by previous 'raw' stream fix (bso#11522); (bso#11535). - vfs_fruit: Return value of ad_pack in vfs_fruit.c; (bso#11543). - vfs_commit: Set the fd on open before calling SMB_VFS_FSTAT; (bso#11547). - Fix bug in smbstatus where the lease info is not printed; (bso#11549). - s3:smbstatus: Add stream name to share_entry_forall(); (bso#11550). - Prevent null pointer access in samlogon fallback when security credentials are null; (bnc#949022). - Fix 100% CPU in winbindd when logging in with "user must change password on next logon"; (bso#11038). talloc was updated to version 2.1.5; (bsc#954658) (bsc#951660). - Test that talloc magic differs between processes. - Increment minor version due to added talloc_test_get_magic. - Provide tests access to talloc_magic. - Test magic protection measures. tdb was updated to version 1.3.8; (bsc#954658). - Improved python3 bindings tevent was updated to 0.9.26; (bsc#954658). - New tevent_thread_proxy api - Minor build fixes Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2015-996=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patchSUSE-SLE-SERVER-12-SP1-2015-996=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2015-996=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): ldb-debugsource-1.1.24-4.1 libdcerpc-atsvc-devel-4.2.4-6.1 libdcerpc-atsvc0-4.2.4-6.1 libdcerpc-atsvc0-debuginfo-4.2.4-6.1 libdcerpc-devel-4.2.4-6.1 libdcerpc-samr-devel-4.2.4-6.1 libdcerpc-samr0-4.2.4-6.1 libdcerpc-samr0-debuginfo-4.2.4-6.1 libgensec-devel-4.2.4-6.1 libldb-devel-1.1.24-4.1 libndr-devel-4.2.4-6.1 libndr-krb5pac-devel-4.2.4-6.1 libndr-nbt-devel-4.2.4-6.1 libndr-standard-devel-4.2.4-6.1 libnetapi-devel-4.2.4-6.1 libregistry-devel-4.2.4-6.1 libsamba-credentials-devel-4.2.4-6.1 libsamba-hostconfig-devel-4.2.4-6.1 libsamba-passdb-devel-4.2.4-6.1 libsamba-policy-devel-4.2.4-6.1 libsamba-policy0-4.2.4-6.1 libsamba-policy0-debuginfo-4.2.4-6.1 libsamba-util-devel-4.2.4-6.1 libsamdb-devel-4.2.4-6.1 libsmbclient-devel-4.2.4-6.1 libsmbclient-raw-devel-4.2.4-6.1 libsmbconf-devel-4.2.4-6.1 libsmbldap-devel-4.2.4-6.1 libtalloc-devel-2.1.5-4.1 libtdb-devel-1.3.8-4.1 libtevent-devel-0.9.26-4.1 libtevent-util-devel-4.2.4-6.1 libwbclient-devel-4.2.4-6.1 pyldb-1.1.24-4.1 pyldb-debuginfo-1.1.24-4.1 pyldb-devel-1.1.24-4.1 pytalloc-devel-2.1.5-4.1 samba-core-devel-4.2.4-6.1 samba-debuginfo-4.2.4-6.1 samba-debugsource-4.2.4-6.1 samba-test-devel-4.2.4-6.1 talloc-debugsource-2.1.5-4.1 tdb-debugsource-1.3.8-4.1 tevent-debugsource-0.9.26-4.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): ldb-debugsource-1.1.24-4.1 libdcerpc-binding0-4.2.4-6.1 libdcerpc-binding0-debuginfo-4.2.4-6.1 libdcerpc0-4.2.4-6.1 libdcerpc0-debuginfo-4.2.4-6.1 libgensec0-4.2.4-6.1 libgensec0-debuginfo-4.2.4-6.1 libldb1-1.1.24-4.1 libldb1-debuginfo-1.1.24-4.1 libndr-krb5pac0-4.2.4-6.1 libndr-krb5pac0-debuginfo-4.2.4-6.1 libndr-nbt0-4.2.4-6.1 libndr-nbt0-debuginfo-4.2.4-6.1 libndr-standard0-4.2.4-6.1 libndr-standard0-debuginfo-4.2.4-6.1 libndr0-4.2.4-6.1 libndr0-debuginfo-4.2.4-6.1 libnetapi0-4.2.4-6.1 libnetapi0-debuginfo-4.2.4-6.1 libregistry0-4.2.4-6.1 libregistry0-debuginfo-4.2.4-6.1 libsamba-credentials0-4.2.4-6.1 libsamba-credentials0-debuginfo-4.2.4-6.1 libsamba-hostconfig0-4.2.4-6.1 libsamba-hostconfig0-debuginfo-4.2.4-6.1 libsamba-passdb0-4.2.4-6.1 libsamba-passdb0-debuginfo-4.2.4-6.1 libsamba-util0-4.2.4-6.1 libsamba-util0-debuginfo-4.2.4-6.1 libsamdb0-4.2.4-6.1 libsamdb0-debuginfo-4.2.4-6.1 libsmbclient-raw0-4.2.4-6.1 libsmbclient-raw0-debuginfo-4.2.4-6.1 libsmbclient0-4.2.4-6.1 libsmbclient0-debuginfo-4.2.4-6.1 libsmbconf0-4.2.4-6.1 libsmbconf0-debuginfo-4.2.4-6.1 libsmbldap0-4.2.4-6.1 libsmbldap0-debuginfo-4.2.4-6.1 libtalloc2-2.1.5-4.1 libtalloc2-debuginfo-2.1.5-4.1 libtdb1-1.3.8-4.1 libtdb1-debuginfo-1.3.8-4.1 libtevent-util0-4.2.4-6.1 libtevent-util0-debuginfo-4.2.4-6.1 libtevent0-0.9.26-4.1 libtevent0-debuginfo-0.9.26-4.1 libwbclient0-4.2.4-6.1 libwbclient0-debuginfo-4.2.4-6.1 pytalloc-2.1.5-4.1 pytalloc-debuginfo-2.1.5-4.1 samba-4.2.4-6.1 samba-client-4.2.4-6.1 samba-client-debuginfo-4.2.4-6.1 samba-debuginfo-4.2.4-6.1 samba-debugsource-4.2.4-6.1 samba-libs-4.2.4-6.1 samba-libs-debuginfo-4.2.4-6.1 samba-winbind-4.2.4-6.1 samba-winbind-debuginfo-4.2.4-6.1 talloc-debugsource-2.1.5-4.1 tdb-debugsource-1.3.8-4.1 tdb-tools-1.3.8-4.1 tdb-tools-debuginfo-1.3.8-4.1 tevent-debugsource-0.9.26-4.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libdcerpc-binding0-32bit-4.2.4-6.1 libdcerpc-binding0-debuginfo-32bit-4.2.4-6.1 libdcerpc0-32bit-4.2.4-6.1 libdcerpc0-debuginfo-32bit-4.2.4-6.1 libgensec0-32bit-4.2.4-6.1 libgensec0-debuginfo-32bit-4.2.4-6.1 libldb1-32bit-1.1.24-4.1 libldb1-debuginfo-32bit-1.1.24-4.1 libndr-krb5pac0-32bit-4.2.4-6.1 libndr-krb5pac0-debuginfo-32bit-4.2.4-6.1 libndr-nbt0-32bit-4.2.4-6.1 libndr-nbt0-debuginfo-32bit-4.2.4-6.1 libndr-standard0-32bit-4.2.4-6.1 libndr-standard0-debuginfo-32bit-4.2.4-6.1 libndr0-32bit-4.2.4-6.1 libndr0-debuginfo-32bit-4.2.4-6.1 libnetapi0-32bit-4.2.4-6.1 libnetapi0-debuginfo-32bit-4.2.4-6.1 libsamba-credentials0-32bit-4.2.4-6.1 libsamba-credentials0-debuginfo-32bit-4.2.4-6.1 libsamba-hostconfig0-32bit-4.2.4-6.1 libsamba-hostconfig0-debuginfo-32bit-4.2.4-6.1 libsamba-passdb0-32bit-4.2.4-6.1 libsamba-passdb0-debuginfo-32bit-4.2.4-6.1 libsamba-util0-32bit-4.2.4-6.1 libsamba-util0-debuginfo-32bit-4.2.4-6.1 libsamdb0-32bit-4.2.4-6.1 libsamdb0-debuginfo-32bit-4.2.4-6.1 libsmbclient-raw0-32bit-4.2.4-6.1 libsmbclient-raw0-debuginfo-32bit-4.2.4-6.1 libsmbclient0-32bit-4.2.4-6.1 libsmbclient0-debuginfo-32bit-4.2.4-6.1 libsmbconf0-32bit-4.2.4-6.1 libsmbconf0-debuginfo-32bit-4.2.4-6.1 libsmbldap0-32bit-4.2.4-6.1 libsmbldap0-debuginfo-32bit-4.2.4-6.1 libtalloc2-32bit-2.1.5-4.1 libtalloc2-debuginfo-32bit-2.1.5-4.1 libtdb1-32bit-1.3.8-4.1 libtdb1-debuginfo-32bit-1.3.8-4.1 libtevent-util0-32bit-4.2.4-6.1 libtevent-util0-debuginfo-32bit-4.2.4-6.1 libtevent0-32bit-0.9.26-4.1 libtevent0-debuginfo-32bit-0.9.26-4.1 libwbclient0-32bit-4.2.4-6.1 libwbclient0-debuginfo-32bit-4.2.4-6.1 pytalloc-32bit-2.1.5-4.1 pytalloc-debuginfo-32bit-2.1.5-4.1 samba-32bit-4.2.4-6.1 samba-client-32bit-4.2.4-6.1 samba-client-debuginfo-32bit-4.2.4-6.1 samba-debuginfo-32bit-4.2.4-6.1 samba-libs-32bit-4.2.4-6.1 samba-libs-debuginfo-32bit-4.2.4-6.1 samba-winbind-32bit-4.2.4-6.1 samba-winbind-debuginfo-32bit-4.2.4-6.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): samba-doc-4.2.4-6.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): ldb-debugsource-1.1.24-4.1 libdcerpc-binding0-32bit-4.2.4-6.1 libdcerpc-binding0-4.2.4-6.1 libdcerpc-binding0-debuginfo-32bit-4.2.4-6.1 libdcerpc-binding0-debuginfo-4.2.4-6.1 libdcerpc0-32bit-4.2.4-6.1 libdcerpc0-4.2.4-6.1 libdcerpc0-debuginfo-32bit-4.2.4-6.1 libdcerpc0-debuginfo-4.2.4-6.1 libgensec0-32bit-4.2.4-6.1 libgensec0-4.2.4-6.1 libgensec0-debuginfo-32bit-4.2.4-6.1 libgensec0-debuginfo-4.2.4-6.1 libldb1-1.1.24-4.1 libldb1-32bit-1.1.24-4.1 libldb1-debuginfo-1.1.24-4.1 libldb1-debuginfo-32bit-1.1.24-4.1 libndr-krb5pac0-32bit-4.2.4-6.1 libndr-krb5pac0-4.2.4-6.1 libndr-krb5pac0-debuginfo-32bit-4.2.4-6.1 libndr-krb5pac0-debuginfo-4.2.4-6.1 libndr-nbt0-32bit-4.2.4-6.1 libndr-nbt0-4.2.4-6.1 libndr-nbt0-debuginfo-32bit-4.2.4-6.1 libndr-nbt0-debuginfo-4.2.4-6.1 libndr-standard0-32bit-4.2.4-6.1 libndr-standard0-4.2.4-6.1 libndr-standard0-debuginfo-32bit-4.2.4-6.1 libndr-standard0-debuginfo-4.2.4-6.1 libndr0-32bit-4.2.4-6.1 libndr0-4.2.4-6.1 libndr0-debuginfo-32bit-4.2.4-6.1 libndr0-debuginfo-4.2.4-6.1 libnetapi0-32bit-4.2.4-6.1 libnetapi0-4.2.4-6.1 libnetapi0-debuginfo-32bit-4.2.4-6.1 libnetapi0-debuginfo-4.2.4-6.1 libregistry0-4.2.4-6.1 libregistry0-debuginfo-4.2.4-6.1 libsamba-credentials0-32bit-4.2.4-6.1 libsamba-credentials0-4.2.4-6.1 libsamba-credentials0-debuginfo-32bit-4.2.4-6.1 libsamba-credentials0-debuginfo-4.2.4-6.1 libsamba-hostconfig0-32bit-4.2.4-6.1 libsamba-hostconfig0-4.2.4-6.1 libsamba-hostconfig0-debuginfo-32bit-4.2.4-6.1 libsamba-hostconfig0-debuginfo-4.2.4-6.1 libsamba-passdb0-32bit-4.2.4-6.1 libsamba-passdb0-4.2.4-6.1 libsamba-passdb0-debuginfo-32bit-4.2.4-6.1 libsamba-passdb0-debuginfo-4.2.4-6.1 libsamba-util0-32bit-4.2.4-6.1 libsamba-util0-4.2.4-6.1 libsamba-util0-debuginfo-32bit-4.2.4-6.1 libsamba-util0-debuginfo-4.2.4-6.1 libsamdb0-32bit-4.2.4-6.1 libsamdb0-4.2.4-6.1 libsamdb0-debuginfo-32bit-4.2.4-6.1 libsamdb0-debuginfo-4.2.4-6.1 libsmbclient-raw0-32bit-4.2.4-6.1 libsmbclient-raw0-4.2.4-6.1 libsmbclient-raw0-debuginfo-32bit-4.2.4-6.1 libsmbclient-raw0-debuginfo-4.2.4-6.1 libsmbclient0-32bit-4.2.4-6.1 libsmbclient0-4.2.4-6.1 libsmbclient0-debuginfo-32bit-4.2.4-6.1 libsmbclient0-debuginfo-4.2.4-6.1 libsmbconf0-32bit-4.2.4-6.1 libsmbconf0-4.2.4-6.1 libsmbconf0-debuginfo-32bit-4.2.4-6.1 libsmbconf0-debuginfo-4.2.4-6.1 libsmbldap0-32bit-4.2.4-6.1 libsmbldap0-4.2.4-6.1 libsmbldap0-debuginfo-32bit-4.2.4-6.1 libsmbldap0-debuginfo-4.2.4-6.1 libtalloc2-2.1.5-4.1 libtalloc2-32bit-2.1.5-4.1 libtalloc2-debuginfo-2.1.5-4.1 libtalloc2-debuginfo-32bit-2.1.5-4.1 libtdb1-1.3.8-4.1 libtdb1-32bit-1.3.8-4.1 libtdb1-debuginfo-1.3.8-4.1 libtdb1-debuginfo-32bit-1.3.8-4.1 libtevent-util0-32bit-4.2.4-6.1 libtevent-util0-4.2.4-6.1 libtevent-util0-debuginfo-32bit-4.2.4-6.1 libtevent-util0-debuginfo-4.2.4-6.1 libtevent0-0.9.26-4.1 libtevent0-32bit-0.9.26-4.1 libtevent0-debuginfo-0.9.26-4.1 libtevent0-debuginfo-32bit-0.9.26-4.1 libwbclient0-32bit-4.2.4-6.1 libwbclient0-4.2.4-6.1 libwbclient0-debuginfo-32bit-4.2.4-6.1 libwbclient0-debuginfo-4.2.4-6.1 pytalloc-2.1.5-4.1 pytalloc-32bit-2.1.5-4.1 pytalloc-debuginfo-2.1.5-4.1 pytalloc-debuginfo-32bit-2.1.5-4.1 samba-32bit-4.2.4-6.1 samba-4.2.4-6.1 samba-client-32bit-4.2.4-6.1 samba-client-4.2.4-6.1 samba-client-debuginfo-32bit-4.2.4-6.1 samba-client-debuginfo-4.2.4-6.1 samba-debuginfo-32bit-4.2.4-6.1 samba-debuginfo-4.2.4-6.1 samba-debugsource-4.2.4-6.1 samba-libs-32bit-4.2.4-6.1 samba-libs-4.2.4-6.1 samba-libs-debuginfo-32bit-4.2.4-6.1 samba-libs-debuginfo-4.2.4-6.1 samba-winbind-32bit-4.2.4-6.1 samba-winbind-4.2.4-6.1 samba-winbind-debuginfo-32bit-4.2.4-6.1 samba-winbind-debuginfo-4.2.4-6.1 talloc-debugsource-2.1.5-4.1 tdb-debugsource-1.3.8-4.1 tevent-debugsource-0.9.26-4.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): samba-doc-4.2.4-6.1 References: https://www.suse.com/security/cve/CVE-2015-3223.html https://www.suse.com/security/cve/CVE-2015-5252.html https://www.suse.com/security/cve/CVE-2015-5296.html https://www.suse.com/security/cve/CVE-2015-5299.html https://www.suse.com/security/cve/CVE-2015-5330.html https://www.suse.com/security/cve/CVE-2015-8467.html https://bugzilla.suse.com/show_bug.cgi?id=949022 https://bugzilla.suse.com/show_bug.cgi?id=951660 https://bugzilla.suse.com/show_bug.cgi?id=954658 https://bugzilla.suse.com/show_bug.cgi?id=958581 https://bugzilla.suse.com/show_bug.cgi?id=958582 https://bugzilla.suse.com/show_bug.cgi?id=958583 https://bugzilla.suse.com/show_bug.cgi?id=958584 https://bugzilla.suse.com/show_bug.cgi?id=958585 https://bugzilla.suse.com/show_bug.cgi?id=958586 . SUSE Security Patch for ldb and samba: resolves multiple vulnerabilities in a comprehensive update. SUSE Security Update, ldb, samba, vulnerability fix, software patch. . Severity: Important. LinuxSecurity.com Team

Dec 18, 2015 •Important SuSE

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

openSUSE: 2015:2356-1 important: samba buffer overflow and memory issues

SUSE: 2015:2305-1 Important: Ldb, Samba, Talloc Security Update

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!