Mailinglist Archive: opensuse-updates (120 mails)

< Previous Next >
openSUSE-SU-2013:1790-1: moderate: update for samba
openSUSE Security Update: update for samba
______________________________________________________________________________

Announcement ID: openSUSE-SU-2013:1790-1
Rating: moderate
References: #838472 #848101 #849226
Cross-References: CVE-2013-4475
Affected Products:
openSUSE 11.4
______________________________________________________________________________

An update that solves one vulnerability and has two fixes
is now available.

Description:

the following security issues were fixed in samba:
- ACLs are not checked on opening an alternate data stream
on a file or directory; CVE-2013-4475; (bso#10229);
(bnc#848101).

- Fix memleak in reload_printers_full(); (bso#9993).

- Valid utf8 filenames cause "invalid conversion error"
messages; (bso#10139).
- s3: smb2 breaks "smb encryption = mandatory"; (bso#10167).
- Missing talloc_free can leak stackframe in error path;
(bso#10187).
- Offline logon cache not updating for cross child domain
group membership; (bso#10194).
- The preceding bugs are tracked by (bnc#849226) too.

- Make Samba work on site with Read Only Domain Controller;
(bso#5917).
- Give machine password changes 10 minutes of time;
(bso#8955).
- NetrServerPasswordSet2 timeout is too short; (bso#8955).
- Fix fallback to ncacn_np in cm_connect_lsat();
(bso#9615); (bso#9899).
- s3-winbind: Do not delete an existing valid credential
cache; (bso#9994).
- 'net ads join': Fix segmentation fault in
create_local_private_krb5_conf_for_domain; (bso#10073).
- Fix variable list in man vfs_crossrename; (bso#10076).
- MacOSX 10.9 will not follow path-based DFS referrals
handed out by Samba; (bso#10097).
- Honour output buffer length set by the client for SMB2
GetInfo requests; (bso#10106).
- Handle Dropbox (write-only-directory) case correctly in
pathname lookup; (bso#10114).
- Fix 'smbstatus' as non-root user; (bso#10127).
- The preceding bugs are tracked by (bnc#849226) too.

- Windows 8 Roaming profiles fail; (bso#9678).
- Linux kernel oplock breaks can miss signals; (bso#10064).
- The preceding bugs are tracked by (bnc#849226) too.

- Verify source tar ball gpg signature.

- Store and return the correct spoolss jobid in
notifications; (bnc#838472).


- Reload snums before processing the printer list.
(bnc#817880).


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch 2013-166

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.4 (i586 x86_64):

ldapsmb-1.34b-130.2
libldb-devel-1.0.2-130.2
libldb1-1.0.2-130.2
libldb1-debuginfo-1.0.2-130.2
libnetapi-devel-3.6.3-130.2
libnetapi0-3.6.3-130.2
libnetapi0-debuginfo-3.6.3-130.2
libsmbclient-devel-3.6.3-130.2
libsmbclient0-3.6.3-130.2
libsmbclient0-debuginfo-3.6.3-130.2
libsmbsharemodes-devel-3.6.3-130.2
libsmbsharemodes0-3.6.3-130.2
libsmbsharemodes0-debuginfo-3.6.3-130.2
libtalloc-devel-2.0.5-130.2
libtalloc2-2.0.5-130.2
libtalloc2-debuginfo-2.0.5-130.2
libtdb-devel-1.2.9-130.2
libtdb1-1.2.9-130.2
libtdb1-debuginfo-1.2.9-130.2
libtevent-devel-0.9.11-130.2
libtevent0-0.9.11-130.2
libtevent0-debuginfo-0.9.11-130.2
libwbclient-devel-3.6.3-130.2
libwbclient0-3.6.3-130.2
libwbclient0-debuginfo-3.6.3-130.2
samba-3.6.3-130.2
samba-client-3.6.3-130.2
samba-client-debuginfo-3.6.3-130.2
samba-debuginfo-3.6.3-130.2
samba-debugsource-3.6.3-130.2
samba-devel-3.6.3-130.2
samba-krb-printing-3.6.3-130.2
samba-krb-printing-debuginfo-3.6.3-130.2
samba-winbind-3.6.3-130.2
samba-winbind-debuginfo-3.6.3-130.2

- openSUSE 11.4 (x86_64):

libldb1-32bit-1.0.2-130.2
libldb1-debuginfo-32bit-1.0.2-130.2
libsmbclient0-32bit-3.6.3-130.2
libsmbclient0-debuginfo-32bit-3.6.3-130.2
libtalloc2-32bit-2.0.5-130.2
libtalloc2-debuginfo-32bit-2.0.5-130.2
libtdb1-32bit-1.2.9-130.2
libtdb1-debuginfo-32bit-1.2.9-130.2
libtevent0-32bit-0.9.11-130.2
libtevent0-debuginfo-32bit-0.9.11-130.2
libwbclient0-32bit-3.6.3-130.2
libwbclient0-debuginfo-32bit-3.6.3-130.2
samba-32bit-3.6.3-130.2
samba-client-32bit-3.6.3-130.2
samba-client-debuginfo-32bit-3.6.3-130.2
samba-debuginfo-32bit-3.6.3-130.2
samba-winbind-32bit-3.6.3-130.2
samba-winbind-debuginfo-32bit-3.6.3-130.2

- openSUSE 11.4 (noarch):

samba-doc-3.6.3-130.2

- openSUSE 11.4 (ia64):

libldb1-debuginfo-x86-1.0.2-130.2
libldb1-x86-1.0.2-130.2
libsmbclient0-debuginfo-x86-3.6.3-130.2
libsmbclient0-x86-3.6.3-130.2
libtalloc2-debuginfo-x86-2.0.5-130.2
libtalloc2-x86-2.0.5-130.2
libtdb1-debuginfo-x86-1.2.9-130.2
libtdb1-x86-1.2.9-130.2
libtevent0-debuginfo-x86-0.9.11-130.2
libtevent0-x86-0.9.11-130.2
libwbclient0-debuginfo-x86-3.6.3-130.2
libwbclient0-x86-3.6.3-130.2
samba-client-debuginfo-x86-3.6.3-130.2
samba-client-x86-3.6.3-130.2
samba-debuginfo-x86-3.6.3-130.2
samba-winbind-debuginfo-x86-3.6.3-130.2
samba-winbind-x86-3.6.3-130.2
samba-x86-3.6.3-130.2


References:

http://support.novell.com/security/cve/CVE-2013-4475.html
https://bugzilla.novell.com/838472
https://bugzilla.novell.com/848101
https://bugzilla.novell.com/849226


< Previous Next >
This Thread
  • No further messages