openSUSE Security Update: samba: security and bugfix update to 4.1.6 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2014:0404-1 Rating: moderate References: #437293 #726937 #786677 #844307 #846586 #849224 #855866 #856759 #857454 #860648 #860809 #860832 #861135 #862370 #862558 #863079 #863748 #865095 #865397 #865561 #865641 #865771 #867665 Cross-References: CVE-2013-4496 CVE-2013-6442 Affected Products: openSUSE 13.1 ______________________________________________________________________________ An update that solves two vulnerabilities and has 21 fixes is now available. Description: Samba was updated to 4.1.6, fixing bugs and security issues: - Password lockout not enforced for SAMR password changes, this allowed brute forcing of passwords; CVE-2013-4496; (bnc#849224). - smbcacls can remove a file or directory ACL by mistake; CVE-2013-6442; (bnc#855866). Also the following bugs were fixed: - Call update-apparmor-samba-profile via ExecStartPre too; (bnc#867665). - Retry named pipe open requests on STATUS_PIPE_NOT_AVAILABLE; (bso#10484); (bnc#865095). - Propagate snapshot enumeration permissions errors to SMB clients; (bnc#865641). - Properly handle empty 'requires_membership_of' entries in /etc/security/pam_winbind.conf; (bnc#865771). - Fix problem with server taking too long to respond to a MSG_PRINTER_DRVUPGRADE message; (bso#9942); (bnc#863748). - Fix memory leak in printer_list_get_printer(); (bso#9993); (bnc#865561). - Fix stream_depot VFS module on Btrfs; (bso#10467); (bnc#865397). - Use libarchive to provide improved smbclient tarmode functionality; (bso#9667); (bnc#861135). - Depend on %version-%release with all manual Provides and Requires; (bnc#844307). - Update to 4.1.5. + Fix 100% CPU utilization in winbindd when trying to free memory in winbindd_reinit_after_fork; (bso#10358); (bnc#786677). + smbd: Fix memory overwrites; (bso#10415). + s3-winbind: Improve performance of wb_fill_pwent_sid2uid_done(); (bso#2191). + ntlm_auth sometimes returns the wrong username to mod_ntlm_auth_winbind; (bso#10087). + s3: smbpasswd: Fix crashes on invalid input; (bso#10320). + s3: vfs_dirsort module: Allow dirsort to work when multiple simultaneous directories are open; (bso#10406). + Add support for Heimdal's unified krb5 and hdb plugin system, cope with first element in hdb_method having a different name in different heimdal versions and fix INTERNAL ERROR: Signal 11 in the kdc pid; (bso#10418). + vfs_btrfs: Fix incorrect zero length server-side copy request handling; (bso#10424). + s3: modules: streaminfo: As we have no VFS function SMB_VFS_LLISTXATTR we can't cope with a symlink when lp_posix_pathnames() is true; (bso#10429). + smbd: Fix an ancient oplock bug; (bso#10436). + Fix crash bug in smb2_notify code; (bso#10442). - Remove superfluous obsoletes *-64bit in the ifarch ppc64 case; (bnc#437293). - Migrate @GMT token parsing functionality into vfs_snapper; (bnc#863079). + Improve vfs_snapper documentation. - Fix Winbind 100% CPU utilization caused by domain list corruption; (bso#10358); (bnc#786677). - Fix memory overwrite in FSCTL_VALIDATE_NEGOTIATE_INFO handler; (bso#10415); (bnc#862370). - Streamline the vendor suffix handling and add support for SLE 12. - Fix zero length server-side copy request handling; (bso#10424); (bnc#862558). - Set the PID directory to /run/samba on post-12.2 systems. - Make use of the tmpfilesdir macro while calling systemd-tmpfiles. - Make winbindd print the interface version when it gets an INTERFACE_VERSION request; (bnc#726937). - Fix vfs_btrfs build on older platforms with duplicate WRITE_FLUSH definitions; (bnc#860832). - Check for NULL gensec_security in gensec_security_by_auth_type(); (bnc#860809). - Ensure ndr table initialization; (bnc#860648). - Add File Server Remote VSS Protocol (FSRVP) server for SMB share shadow-copies; (fate#313346). - s3-dir: Fix the DOS clients against 64-bit smbd's; (bso#2662). - shadow_copy2: module "Previous Version" not working in Windows 7; (bso#10259). - s3-passdb: Fix string duplication to pointers; (bso#10367). - vfs/glusterfs: in case atime is not passed, set it to the current atime; (bso#10384) - s3: winbindd: Move calling setup_domain_child() into add_trusted_domain(); (bso#10358); (bnc#786677). - Default sysconfig daemon options to -D; (bso#10388); (bnc#857454). - Add /var/cache/samba to the client file list; (bnc#846586). - Really add the WINBINDDOPTIONS sysconfig variable on install; (bnc#857454). - Correct sysconfig variable names by adding the missing D char; (bnc#857454). - Update to 4.1.4. + Fix segfault in smbd; (bso#10284). + Fix SMB2 server panic when a smb2 brlock times out; (bso#10311). - Call stop_on_removal from preun and restart_on_update and insserv_cleanup from postun on pre-12.3 systems only; (bnc#857454). - BuildRequire gamin-devel instead of unmaintained fam-devel package on post-12.1 systems. - smbd: allow updates on directory write times on open handles; (bso#9870). - lib/util: use proper include for struct stat; (bso#10276). - s3:winbindd fix use of uninitialized variables; (bso#10280). - s3-winbindd: Fix DEBUG statement in winbind_msg_offline(); (bso#10285). - s3-lib: Fix %G substitution for domain users in smbd; (bso#10286). - smbd: Always use UCF_PREP_CREATEFILE for filename_convert calls to resolve a path for open; (bso#10297). - smb2_server processing overhead; (bso#10298). - ldb: bad if test in ldb_comparison_fold(); (bso#10305). - Fix AIO with SMB2 and locks; (bso#10310). - smbd: Fix a panic when a smb2 brlock times out; (bso#10311). - vfs_glusterfs: Enable per client log file; (bso#10337). - Add /etc/sysconfig/samba to the main and winbind package; (bnc#857454). - Create /var/run/samba with systemd-tmpfiles on post-12.2 systems; (bnc#856759). - Fix broken rc{nmb,smb,winbind} sym links which should point to the service binary on post-12.2 systems; (bnc#856759). - Add Snapper VFS module for snapshot manipulation; (fate#313347). + dbus-1-devel required at build time. - Add File Server Remote VSS Protocol (FSRVP) client for SMB share shadow-copies; (fate#313345). - Do not BuildRequire perl ExtUtils::MakeMaker and Parse::Yapp as they're part of the minimum build environment. - Allow smbcacls to take a '--propagate-inheritance' flag to indicate that the add, delete, modify and set operations now support automatic propagation of inheritable ACE(s); (FATE#316474). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.1: zypper in -t patch openSUSE-2014-228 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.1 (i586 x86_64): libdcerpc-atsvc-devel-4.1.6-3.18.1 libdcerpc-atsvc0-4.1.6-3.18.1 libdcerpc-atsvc0-debuginfo-4.1.6-3.18.1 libdcerpc-binding0-4.1.6-3.18.1 libdcerpc-binding0-debuginfo-4.1.6-3.18.1 libdcerpc-devel-4.1.6-3.18.1 libdcerpc-samr-devel-4.1.6-3.18.1 libdcerpc-samr0-4.1.6-3.18.1 libdcerpc-samr0-debuginfo-4.1.6-3.18.1 libdcerpc0-4.1.6-3.18.1 libdcerpc0-debuginfo-4.1.6-3.18.1 libgensec-devel-4.1.6-3.18.1 libgensec0-4.1.6-3.18.1 libgensec0-debuginfo-4.1.6-3.18.1 libndr-devel-4.1.6-3.18.1 libndr-krb5pac-devel-4.1.6-3.18.1 libndr-krb5pac0-4.1.6-3.18.1 libndr-krb5pac0-debuginfo-4.1.6-3.18.1 libndr-nbt-devel-4.1.6-3.18.1 libndr-nbt0-4.1.6-3.18.1 libndr-nbt0-debuginfo-4.1.6-3.18.1 libndr-standard-devel-4.1.6-3.18.1 libndr-standard0-4.1.6-3.18.1 libndr-standard0-debuginfo-4.1.6-3.18.1 libndr0-4.1.6-3.18.1 libndr0-debuginfo-4.1.6-3.18.1 libnetapi-devel-4.1.6-3.18.1 libnetapi0-4.1.6-3.18.1 libnetapi0-debuginfo-4.1.6-3.18.1 libpdb-devel-4.1.6-3.18.1 libpdb0-4.1.6-3.18.1 libpdb0-debuginfo-4.1.6-3.18.1 libregistry-devel-4.1.6-3.18.1 libregistry0-4.1.6-3.18.1 libregistry0-debuginfo-4.1.6-3.18.1 libsamba-credentials-devel-4.1.6-3.18.1 libsamba-credentials0-4.1.6-3.18.1 libsamba-credentials0-debuginfo-4.1.6-3.18.1 libsamba-hostconfig-devel-4.1.6-3.18.1 libsamba-hostconfig0-4.1.6-3.18.1 libsamba-hostconfig0-debuginfo-4.1.6-3.18.1 libsamba-policy-devel-4.1.6-3.18.1 libsamba-policy0-4.1.6-3.18.1 libsamba-policy0-debuginfo-4.1.6-3.18.1 libsamba-util-devel-4.1.6-3.18.1 libsamba-util0-4.1.6-3.18.1 libsamba-util0-debuginfo-4.1.6-3.18.1 libsamdb-devel-4.1.6-3.18.1 libsamdb0-4.1.6-3.18.1 libsamdb0-debuginfo-4.1.6-3.18.1 libsmbclient-devel-4.1.6-3.18.1 libsmbclient-raw-devel-4.1.6-3.18.1 libsmbclient-raw0-4.1.6-3.18.1 libsmbclient-raw0-debuginfo-4.1.6-3.18.1 libsmbclient0-4.1.6-3.18.1 libsmbclient0-debuginfo-4.1.6-3.18.1 libsmbconf-devel-4.1.6-3.18.1 libsmbconf0-4.1.6-3.18.1 libsmbconf0-debuginfo-4.1.6-3.18.1 libsmbldap-devel-4.1.6-3.18.1 libsmbldap0-4.1.6-3.18.1 libsmbldap0-debuginfo-4.1.6-3.18.1 libsmbsharemodes-devel-4.1.6-3.18.1 libsmbsharemodes0-4.1.6-3.18.1 libsmbsharemodes0-debuginfo-4.1.6-3.18.1 libtevent-util-devel-4.1.6-3.18.1 libtevent-util0-4.1.6-3.18.1 libtevent-util0-debuginfo-4.1.6-3.18.1 libwbclient-devel-4.1.6-3.18.1 libwbclient0-4.1.6-3.18.1 libwbclient0-debuginfo-4.1.6-3.18.1 samba-4.1.6-3.18.1 samba-client-4.1.6-3.18.1 samba-client-debuginfo-4.1.6-3.18.1 samba-core-devel-4.1.6-3.18.1 samba-debuginfo-4.1.6-3.18.1 samba-debugsource-4.1.6-3.18.1 samba-libs-4.1.6-3.18.1 samba-libs-debuginfo-4.1.6-3.18.1 samba-pidl-4.1.6-3.18.1 samba-python-4.1.6-3.18.1 samba-python-debuginfo-4.1.6-3.18.1 samba-test-4.1.6-3.18.1 samba-test-debuginfo-4.1.6-3.18.1 samba-test-devel-4.1.6-3.18.1 samba-winbind-4.1.6-3.18.1 samba-winbind-debuginfo-4.1.6-3.18.1 - openSUSE 13.1 (x86_64): libdcerpc-atsvc0-32bit-4.1.6-3.18.1 libdcerpc-atsvc0-debuginfo-32bit-4.1.6-3.18.1 libdcerpc-binding0-32bit-4.1.6-3.18.1 libdcerpc-binding0-debuginfo-32bit-4.1.6-3.18.1 libdcerpc-samr0-32bit-4.1.6-3.18.1 libdcerpc-samr0-debuginfo-32bit-4.1.6-3.18.1 libdcerpc0-32bit-4.1.6-3.18.1 libdcerpc0-debuginfo-32bit-4.1.6-3.18.1 libgensec0-32bit-4.1.6-3.18.1 libgensec0-debuginfo-32bit-4.1.6-3.18.1 libndr-krb5pac0-32bit-4.1.6-3.18.1 libndr-krb5pac0-debuginfo-32bit-4.1.6-3.18.1 libndr-nbt0-32bit-4.1.6-3.18.1 libndr-nbt0-debuginfo-32bit-4.1.6-3.18.1 libndr-standard0-32bit-4.1.6-3.18.1 libndr-standard0-debuginfo-32bit-4.1.6-3.18.1 libndr0-32bit-4.1.6-3.18.1 libndr0-debuginfo-32bit-4.1.6-3.18.1 libnetapi0-32bit-4.1.6-3.18.1 libnetapi0-debuginfo-32bit-4.1.6-3.18.1 libpdb0-32bit-4.1.6-3.18.1 libpdb0-debuginfo-32bit-4.1.6-3.18.1 libregistry0-32bit-4.1.6-3.18.1 libregistry0-debuginfo-32bit-4.1.6-3.18.1 libsamba-credentials0-32bit-4.1.6-3.18.1 libsamba-credentials0-debuginfo-32bit-4.1.6-3.18.1 libsamba-hostconfig0-32bit-4.1.6-3.18.1 libsamba-hostconfig0-debuginfo-32bit-4.1.6-3.18.1 libsamba-policy0-32bit-4.1.6-3.18.1 libsamba-policy0-debuginfo-32bit-4.1.6-3.18.1 libsamba-util0-32bit-4.1.6-3.18.1 libsamba-util0-debuginfo-32bit-4.1.6-3.18.1 libsamdb0-32bit-4.1.6-3.18.1 libsamdb0-debuginfo-32bit-4.1.6-3.18.1 libsmbclient-raw0-32bit-4.1.6-3.18.1 libsmbclient-raw0-debuginfo-32bit-4.1.6-3.18.1 libsmbclient0-32bit-4.1.6-3.18.1 libsmbclient0-debuginfo-32bit-4.1.6-3.18.1 libsmbconf0-32bit-4.1.6-3.18.1 libsmbconf0-debuginfo-32bit-4.1.6-3.18.1 libsmbldap0-32bit-4.1.6-3.18.1 libsmbldap0-debuginfo-32bit-4.1.6-3.18.1 libtevent-util0-32bit-4.1.6-3.18.1 libtevent-util0-debuginfo-32bit-4.1.6-3.18.1 libwbclient0-32bit-4.1.6-3.18.1 libwbclient0-debuginfo-32bit-4.1.6-3.18.1 samba-32bit-4.1.6-3.18.1 samba-client-32bit-4.1.6-3.18.1 samba-client-debuginfo-32bit-4.1.6-3.18.1 samba-debuginfo-32bit-4.1.6-3.18.1 samba-libs-32bit-4.1.6-3.18.1 samba-libs-debuginfo-32bit-4.1.6-3.18.1 samba-winbind-32bit-4.1.6-3.18.1 samba-winbind-debuginfo-32bit-4.1.6-3.18.1 - openSUSE 13.1 (noarch): samba-doc-4.1.6-3.18.1 References: http://support.novell.com/security/cve/CVE-2013-4496.html http://support.novell.com/security/cve/CVE-2013-6442.html https://bugzilla.novell.com/437293 https://bugzilla.novell.com/726937 https://bugzilla.novell.com/786677 https://bugzilla.novell.com/844307 https://bugzilla.novell.com/846586 https://bugzilla.novell.com/849224 https://bugzilla.novell.com/855866 https://bugzilla.novell.com/856759 https://bugzilla.novell.com/857454 https://bugzilla.novell.com/860648 https://bugzilla.novell.com/860809 https://bugzilla.novell.com/860832 https://bugzilla.novell.com/861135 https://bugzilla.novell.com/862370 https://bugzilla.novell.com/862558 https://bugzilla.novell.com/863079 https://bugzilla.novell.com/863748 https://bugzilla.novell.com/865095 https://bugzilla.novell.com/865397 https://bugzilla.novell.com/865561 https://bugzilla.novell.com/865641 https://bugzilla.novell.com/865771 https://bugzilla.novell.com/867665