Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
100
security advisorysecurity issueimportantSUSE: 2022:3490-1 Critical Update for Slurm Security Vulnerabilities Fix
An update that fixes three vulnerabilities is now available. . SUSE Security Update: Security update for slurm ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3490-1 Rating: important References: #1199278 #1199279 #1201674 Cross-References: CVE-2022-29500 CVE-2022-29501 CVE-2022-31251 CVSS scores: CVE-2022-29500 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-29500 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-29501 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-29501 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-31251 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for slurm fixes the following issues: - CVE-2022-31251: Fixed a potential security vulnerability in the test package (bsc#1201674). - CVE-2022-29500: Fixed an architectural flaw can be exploited to allow an unprivileged user to execute arbitrary processes as root (bsc#1199278). - CVE-2022-29501: Fixed a vulnerability where an unprivileged user can send data to arbitrary unix socket as root (bsc#1199279). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-3490=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-3490=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3490=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3490=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): libslurm35-20.02.7-150200.3.14.2 libslurm35-debuginfo-20.02.7-150200.3.14.2 - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): libslurm35-20.02.7-150200.3.14.2 libslurm35-debuginfo-20.02.7-150200.3.14.2 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64): libnss_slurm2-20.02.7-150200.3.14.2 libnss_slurm2-debuginfo-20.02.7-150200.3.14.2 libpmi0-20.02.7-150200.3.14.2 libpmi0-debuginfo-20.02.7-150200.3.14.2 libslurm35-20.02.7-150200.3.14.2 libslurm35-debuginfo-20.02.7-150200.3.14.2 perl-slurm-20.02.7-150200.3.14.2 perl-slurm-debuginfo-20.02.7-150200.3.14.2 slurm-20.02.7-150200.3.14.2 slurm-auth-none-20.02.7-150200.3.14.2 slurm-auth-none-debuginfo-20.02.7-150200.3.14.2 slurm-config-20.02.7-150200.3.14.2 slurm-config-man-20.02.7-150200.3.14.2 slurm-debuginfo-20.02.7-150200.3.14.2 slurm-debugsource-20.02.7-150200.3.14.2 slurm-devel-20.02.7-150200.3.14.2 slurm-doc-20.02.7-150200.3.14.2 slurm-lua-20.02.7-150200.3.14.2 slurm-lua-debuginfo-20.02.7-150200.3.14.2 slurm-munge-20.02.7-150200.3.14.2 slurm-munge-debuginfo-20.02.7-150200.3.14.2 slurm-node-20.02.7-150200.3.14.2 slurm-node-debuginfo-20.02.7-150200.3.14.2 slurm-pam_slurm-20.02.7-150200.3.14.2 slurm-pam_slurm-debuginfo-20.02.7-150200.3.14.2 slurm-plugins-20.02.7-150200.3.14.2 slurm-plugins-debuginfo-20.02.7-150200.3.14.2 slurm-slurmdbd-20.02.7-150200.3.14.2 slurm-slurmdbd-debuginfo-20.02.7-150200.3.14.2 slurm-sql-20.02.7-150200.3.14.2 slurm-sql-debuginfo-20.02.7-150200.3.14.2 slurm-sview-20.02.7-150200.3.14.2 slurm-sview-debuginfo-20.02.7-150200.3.14.2 slurm-torque-20.02.7-150200.3.14.2 slurm-torque-debuginfo-20.02.7-150200.3.14.2 slurm-webdoc-20.02.7-150200.3.14.2 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64): libnss_slurm2-20.02.7-150200.3.14.2 libnss_slurm2-debuginfo-20.02.7-150200.3.14.2 libpmi0-20.02.7-150200.3.14.2 libpmi0-debuginfo-20.02.7-150200.3.14.2 libslurm35-20.02.7-150200.3.14.2 libslurm35-debuginfo-20.02.7-150200.3.14.2 perl-slurm-20.02.7-150200.3.14.2 perl-slurm-debuginfo-20.02.7-150200.3.14.2 slurm-20.02.7-150200.3.14.2 slurm-auth-none-20.02.7-150200.3.14.2 slurm-auth-none-debuginfo-20.02.7-150200.3.14.2 slurm-config-20.02.7-150200.3.14.2 slurm-config-man-20.02.7-150200.3.14.2 slurm-debuginfo-20.02.7-150200.3.14.2 slurm-debugsource-20.02.7-150200.3.14.2 slurm-devel-20.02.7-150200.3.14.2 slurm-doc-20.02.7-150200.3.14.2 slurm-lua-20.02.7-150200.3.14.2 slurm-lua-debuginfo-20.02.7-150200.3.14.2 slurm-munge-20.02.7-150200.3.14.2 slurm-munge-debuginfo-20.02.7-150200.3.14.2 slurm-node-20.02.7-150200.3.14.2 slurm-node-debuginfo-20.02.7-150200.3.14.2 slurm-pam_slurm-20.02.7-150200.3.14.2 slurm-pam_slurm-debuginfo-20.02.7-150200.3.14.2 slurm-plugins-20.02.7-150200.3.14.2 slurm-plugins-debuginfo-20.02.7-150200.3.14.2 slurm-slurmdbd-20.02.7-150200.3.14.2 slurm-slurmdbd-debuginfo-20.02.7-150200.3.14.2 slurm-sql-20.02.7-150200.3.14.2 slurm-sql-debuginfo-20.02.7-150200.3.14.2 slurm-sview-20.02.7-150200.3.14.2 slurm-sview-debuginfo-20.02.7-150200.3.14.2 slurm-torque-20.02.7-150200.3.14.2 slurm-torque-debuginfo-20.02.7-150200.3.14.2 slurm-webdoc-20.02.7-150200.3.14.2 References: https://www.suse.com/security/cve/CVE-2022-29500.html https://www.suse.com/security/cve/CVE-2022-29501.html https://www.suse.com/security/cve/CVE-2022-31251.html https://bugzilla.suse.com/1199278 https://bugzilla.suse.com/1199279 https://bugzilla.suse.com/1201674 . Upgrade addresses vital concerns in slurm, bolstering protection in SUSE Linux distributions. Implement through advised techniques.. SUSE Slurm Update, Important Security Patch, Linux Security Fix, Unprivileged User Risk, Arbitrary Execution Vulnerability. . Severity: Important. LinuxSecurity.com Team
Oct 03, 2022
•Important
SuSE
100
security advisorysambaimportantSUSE: 2020:14525-1 Important: Samba Unprivileged User Threat
An update that fixes two vulnerabilities is now available. . SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:14525-1 Rating: important References: #1173902 #1173994 Cross-References: CVE-2020-14318 CVE-2020-14323 Affected Products: SUSE Linux Enterprise Server 11-SP4-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for samba fixes the following issues: - CVE-2020-14323: Unprivileged user can crash winbind (bsc#1173994). - CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify (bsc#1173902). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4-LTSS: zypper in -t patch slessp4-samba-14525=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-samba-14525=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-samba-14525=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-samba-14525=1 Package List: - SUSE Linux Enterprise Server 11-SP4-LTSS (i586 ppc64 s390x x86_64): ldapsmb-1.34b-94.31.1 libldb1-3.6.3-94.31.1 libsmbclient0-3.6.3-94.31.1 libtalloc2-3.6.3-94.31.1 libtdb1-3.6.3-94.31.1 libtevent0-3.6.3-94.31.1 libwbclient0-3.6.3-94.31.1 samba-3.6.3-94.31.1 samba-client-3.6.3-94.31.1 samba-krb-printing-3.6.3-94.31.1 samba-winbind-3.6.3-94.31.1 - SUSE LinuxEnterprise Server 11-SP4-LTSS (ppc64 s390x x86_64): libsmbclient0-32bit-3.6.3-94.31.1 libtalloc2-32bit-3.6.3-94.31.1 libtdb1-32bit-3.6.3-94.31.1 libtevent0-32bit-3.6.3-94.31.1 libwbclient0-32bit-3.6.3-94.31.1 samba-32bit-3.6.3-94.31.1 samba-client-32bit-3.6.3-94.31.1 samba-winbind-32bit-3.6.3-94.31.1 - SUSE Linux Enterprise Server 11-SP4-LTSS (noarch): samba-doc-3.6.3-94.31.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (noarch): samba-doc-3.6.3-94.31.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): ldapsmb-1.34b-94.31.1 libldb1-3.6.3-94.31.1 libsmbclient0-3.6.3-94.31.1 libtalloc2-3.6.3-94.31.1 libtdb1-3.6.3-94.31.1 libtevent0-3.6.3-94.31.1 libwbclient0-3.6.3-94.31.1 samba-3.6.3-94.31.1 samba-client-3.6.3-94.31.1 samba-krb-printing-3.6.3-94.31.1 samba-winbind-3.6.3-94.31.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ppc64 s390x x86_64): samba-debuginfo-3.6.3-94.31.1 samba-debugsource-3.6.3-94.31.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): samba-debuginfo-32bit-3.6.3-94.31.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): samba-debuginfo-3.6.3-94.31.1 samba-debugsource-3.6.3-94.31.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (s390x): samba-debuginfo-32bit-3.6.3-94.31.1 References: https://www.suse.com/security/cve/CVE-2020-14318.html https://www.suse.com/security/cve/CVE-2020-14323.html https://bugzilla.suse.com/1173902 https://bugzilla.suse.com/1173994 . SUSE Security Notification: OpenSSH addresses critical vulnerabilities. See SUSE-SU-2021:12345-1 for additional information.. SUSE Linux, Samba Security, Software Update, Important Fix. . Severity: Important. LinuxSecurity.com Team
Oct 30, 2020
•Important
SuSE
100
security advisorysambaimportantSUSE: 2020:3082-1 Important: Samba Crash Issues and Fixes
An update that fixes three vulnerabilities is now available. . SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:3082-1 Rating: important References: #1173902 #1173994 #1177613 Cross-References: CVE-2020-14318 CVE-2020-14323 CVE-2020-14383 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP5 SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise High Availability 12-SP5 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for samba fixes the following issues: - CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records (bsc#1177613). - CVE-2020-14323: Unprivileged user can crash winbind (bsc#1173994). - CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify (bsc#1173902). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-3082=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-3082=1 - SUSE Linux Enterprise High Availability 12-SP5: zypper in -t patch SUSE-SLE-HA-12-SP5-2020-3082=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): libndr-devel-4.10.18+git.219.1d732314d96-3.20.1 libndr-krb5pac-devel-4.10.18+git.219.1d732314d96-3.20.1 libndr-nbt-devel-4.10.18+git.219.1d732314d96-3.20.1 libndr-standard-devel-4.10.18+git.219.1d732314d96-3.20.1 libsamba-util-devel-4.10.18+git.219.1d732314d96-3.20.1 libsmbclient-devel-4.10.18+git.219.1d732314d96-3.20.1 libwbclient-devel-4.10.18+git.219.1d732314d96-3.20.1 samba-core-devel-4.10.18+git.219.1d732314d96-3.20.1 samba-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 samba-debugsource-4.10.18+git.219.1d732314d96-3.20.1 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): libdcerpc-binding0-4.10.18+git.219.1d732314d96-3.20.1 libdcerpc-binding0-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 libdcerpc0-4.10.18+git.219.1d732314d96-3.20.1 libdcerpc0-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 libndr-krb5pac0-4.10.18+git.219.1d732314d96-3.20.1 libndr-krb5pac0-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 libndr-nbt0-4.10.18+git.219.1d732314d96-3.20.1 libndr-nbt0-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 libndr-standard0-4.10.18+git.219.1d732314d96-3.20.1 libndr-standard0-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 libndr0-4.10.18+git.219.1d732314d96-3.20.1 libndr0-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 libnetapi0-4.10.18+git.219.1d732314d96-3.20.1 libnetapi0-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 libsamba-credentials0-4.10.18+git.219.1d732314d96-3.20.1 libsamba-credentials0-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 libsamba-errors0-4.10.18+git.219.1d732314d96-3.20.1 libsamba-errors0-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 libsamba-hostconfig0-4.10.18+git.219.1d732314d96-3.20.1 libsamba-hostconfig0-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 libsamba-passdb0-4.10.18+git.219.1d732314d96-3.20.1 libsamba-passdb0-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 libsamba-util0-4.10.18+git.219.1d732314d96-3.20.1 libsamba-util0-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 libsamdb0-4.10.18+git.219.1d732314d96-3.20.1 libsamdb0-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 libsmbclient0-4.10.18+git.219.1d732314d96-3.20.1 libsmbclient0-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 libsmbconf0-4.10.18+git.219.1d732314d96-3.20.1 libsmbconf0-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 libsmbldap2-4.10.18+git.219.1d732314d96-3.20.1 libsmbldap2-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 libtevent-util0-4.10.18+git.219.1d732314d96-3.20.1 libtevent-util0-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 libwbclient0-4.10.18+git.219.1d732314d96-3.20.1 libwbclient0-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 samba-4.10.18+git.219.1d732314d96-3.20.1 samba-client-4.10.18+git.219.1d732314d96-3.20.1 samba-client-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 samba-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 samba-debugsource-4.10.18+git.219.1d732314d96-3.20.1 samba-libs-4.10.18+git.219.1d732314d96-3.20.1 samba-libs-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 samba-libs-python3-4.10.18+git.219.1d732314d96-3.20.1 samba-libs-python3-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 samba-winbind-4.10.18+git.219.1d732314d96-3.20.1 samba-winbind-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 - SUSE Linux Enterprise Server 12-SP5 (s390x x86_64): libdcerpc-binding0-32bit-4.10.18+git.219.1d732314d96-3.20.1 libdcerpc-binding0-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 libdcerpc0-32bit-4.10.18+git.219.1d732314d96-3.20.1 libdcerpc0-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 libndr-krb5pac0-32bit-4.10.18+git.219.1d732314d96-3.20.1 libndr-krb5pac0-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 libndr-nbt0-32bit-4.10.18+git.219.1d732314d96-3.20.1 libndr-nbt0-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 libndr-standard0-32bit-4.10.18+git.219.1d732314d96-3.20.1 libndr-standard0-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 libndr0-32bit-4.10.18+git.219.1d732314d96-3.20.1 libndr0-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 libnetapi0-32bit-4.10.18+git.219.1d732314d96-3.20.1 libnetapi0-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 libsamba-credentials0-32bit-4.10.18+git.219.1d732314d96-3.20.1 libsamba-credentials0-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 libsamba-errors0-32bit-4.10.18+git.219.1d732314d96-3.20.1 libsamba-errors0-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 libsamba-hostconfig0-32bit-4.10.18+git.219.1d732314d96-3.20.1 libsamba-hostconfig0-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 libsamba-passdb0-32bit-4.10.18+git.219.1d732314d96-3.20.1 libsamba-passdb0-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 libsamba-util0-32bit-4.10.18+git.219.1d732314d96-3.20.1 libsamba-util0-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 libsamdb0-32bit-4.10.18+git.219.1d732314d96-3.20.1 libsamdb0-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 libsmbclient0-32bit-4.10.18+git.219.1d732314d96-3.20.1 libsmbclient0-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 libsmbconf0-32bit-4.10.18+git.219.1d732314d96-3.20.1 libsmbconf0-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 libsmbldap2-32bit-4.10.18+git.219.1d732314d96-3.20.1 libsmbldap2-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 libtevent-util0-32bit-4.10.18+git.219.1d732314d96-3.20.1 libtevent-util0-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 libwbclient0-32bit-4.10.18+git.219.1d732314d96-3.20.1 libwbclient0-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 samba-client-32bit-4.10.18+git.219.1d732314d96-3.20.1 samba-client-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 samba-libs-32bit-4.10.18+git.219.1d732314d96-3.20.1 samba-libs-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 samba-libs-python3-32bit-4.10.18+git.219.1d732314d96-3.20.1 samba-libs-python3-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 samba-winbind-32bit-4.10.18+git.219.1d732314d96-3.20.1 samba-winbind-debuginfo-32bit-4.10.18+git.219.1d732314d96-3.20.1 - SUSE Linux Enterprise Server 12-SP5 (noarch): samba-doc-4.10.18+git.219.1d732314d96-3.20.1 - SUSE Linux Enterprise High Availability 12-SP5 (ppc64le s390x x86_64): ctdb-4.10.18+git.219.1d732314d96-3.20.1 ctdb-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 samba-debuginfo-4.10.18+git.219.1d732314d96-3.20.1 samba-debugsource-4.10.18+git.219.1d732314d96-3.20.1 References: https://www.suse.com/security/cve/CVE-2020-14318.html https://www.suse.com/security/cve/CVE-2020-14323.html https://www.suse.com/security/cve/CVE-2020-14383.html https://bugzilla.suse.com/1173902 https://bugzilla.suse.com/1173994 https://bugzilla.suse.com/1177613 . SUSE Security Update for OpenSSH addresses several crucial vulnerabilities impacting a variety of applications.. SUSE Samba Update, Important Security Fixes, Samba Vulnerability Management. . Severity: Important. LinuxSecurity.com Team
Oct 29, 2020
•Important
SuSE
203
security advisoryattack vectorpostgresqlMageia: 2020-0095 Moderate: PostgreSQL Unauthorized Function Drop
Updated postgresql9.6 and postgresql11 packages fix security vulnerability: The ALTER ... DEPENDS ON EXTENSION sub-commands do not perform authorization checks, which can allow an unprivileged user to drop any function, procedure, materialized view, index, or trigger under certain conditions. This attack is . MGASA-2020-0095 - Updated postgresql packages fix security vulnerability Publication date: 21 Feb 2020 URL: https://advisories.mageia.org/MGASA-2020-0095.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-1720 Updated postgresql9.6 and postgresql11 packages fix security vulnerability: The ALTER ... DEPENDS ON EXTENSION sub-commands do not perform authorization checks, which can allow an unprivileged user to drop any function, procedure, materialized view, index, or trigger under certain conditions. This attack is possible if an administrator has installed an extension and an unprivileged user can CREATE, or an extension owner either executes DROP EXTENSION predictably or can be convinced to execute DROP EXTENSION (CVE-2020-1720). References: - https://bugs.mageia.org/show_bug.cgi?id=26196 - https://www.postgresql.org/about/news/postgresql-122-117-1012-9617-9521-and-9426-released-2011/ - https://www.cve.org/CVERecord?id=CVE-2020-1720 SRPMS: - 7/core/postgresql9.6-9.6.17-1.mga7 - 7/core/postgresql11-11.7-1.mga7 . Updates to the PostgreSQL package resolve a security flaw that allows unauthorized individuals to eliminate functions in specific scenarios.. PostgreSQL Security, Mageia Update, Security Advisory, Unprivileged User Exploit. . LinuxSecurity.com Team
Feb 21, 2020
Mageia
200
security advisorymoderatesecurity issueSciLinux: SLSA-2019-2099-1 Moderate Samba Risk Through Unprivileged User
samba: save registry file outside share as unprivileged user (CVE-2019-3880) SL7 x86_64 samba-winbind-modules-4.9.1-6.el7.x86_64.rpm samba-client-libs-4.9.1-6.el7.x86_64.rpm samba-client-libs-4.9.1-6.el7.i686.rpm samba-python-4.9.1-6.el7.i686.rpm libsmbclient-4.9.1-6.el7.x86_64.rpm libwbclient-4.9.1-6.el7.x86_64.rpm samba-winbind-modules-4.9.1-6.el7.i686.rpm [More...]. Synopsis: Moderate: samba security, bug fix, and enhancement update Advisory ID: SLSA-2019:2099-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2019-3880 -- The following packages have been upgraded to a later upstream version: samba (4.9.1). Security Fix(es): * samba: save registry file outside share as unprivileged user (CVE-2019-3880) -- SL7 x86_64 samba-winbind-modules-4.9.1-6.el7.x86_64.rpm samba-client-libs-4.9.1-6.el7.x86_64.rpm samba-client-libs-4.9.1-6.el7.i686.rpm samba-python-4.9.1-6.el7.i686.rpm libsmbclient-4.9.1-6.el7.x86_64.rpm libwbclient-4.9.1-6.el7.x86_64.rpm samba-winbind-modules-4.9.1-6.el7.i686.rpm samba-common-4.9.1-6.el7.noarch.rpm samba-libs-4.9.1-6.el7.i686.rpm samba-winbind-4.9.1-6.el7.x86_64.rpm samba-winbind-clients-4.9.1-6.el7.x86_64.rpm samba-client-4.9.1-6.el7.x86_64.rpm samba-common-tools-4.9.1-6.el7.x86_64.rpm samba-libs-4.9.1-6.el7.x86_64.rpm libwbclient-4.9.1-6.el7.i686.rpm samba-4.9.1-6.el7.x86_64.rpm samba-common-libs-4.9.1-6.el7.x86_64.rpm samba-krb5-printing-4.9.1-6.el7.x86_64.rpm samba-python-4.9.1-6.el7.x86_64.rpm libsmbclient-4.9.1-6.el7.i686.rpm libwbclient-devel-4.9.1-6.el7.x86_64.rpm samba-dc-4.9.1-6.el7.x86_64.rpm samba-test-libs-4.9.1-6.el7.i686.rpm samba-pidl-4.9.1-6.el7.noarch.rpm samba-test-libs-4.9.1-6.el7.x86_64.rpm libwbclient-devel-4.9.1-6.el7.i686.rpm samba-devel-4.9.1-6.el7.i686.rpm samba-dc-libs-4.9.1-6.el7.x86_64.rpm libsmbclient-devel-4.9.1-6.el7.i686.rpm samba-test-4.9.1-6.el7.x86_64.rpm samba-python-test-4.9.1-6.el7.x86_64.rpm samba-vfs-glusterfs-4.9.1-6.el7.x86_64.rpm samba-winbind-krb5-locator-4.9.1-6.el7.x86_64.rpm libsmbclient-devel-4.9.1-6.el7.x86_64.rpm samba-devel-4.9.1-6.el7.x86_64.rpm samba-debuginfo-4.9.1-6.el7.i686.rpm samba-debuginfo-4.9.1-6.el7.x86_64.rpm noarch samba-common-4.9.1-6.el7.noarch.rpm samba-pidl-4.9.1-6.el7.noarch.rpm - Scientific Linux Development Team . Minor samba patch released for SL7: spa-cve-2021-3970, features improvement fixes and optimizations.. samba security, samba update, unprivileged access, SL7 enhancements. . LinuxSecurity.com Team
Aug 26, 2019
Scientific Linux
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!