Jump to content
Compatible Support Forums
Sign in to follow this  
news

[security-announce] openSUSE-SU-2015:2354-1: important: Security update for ldb, samba, talloc, tdb, tevent

Recommended Posts

openSUSE Security Update: Security update for ldb, samba, talloc, tdb, tevent

______________________________________________________________________________

 

Announcement ID: openSUSE-SU-2015:2354-1

Rating: important

References: #949022 #951660 #954658 #958581 #958582 #958583

#958584 #958585 #958586

Cross-References: CVE-2015-3223 CVE-2015-5252 CVE-2015-5296

CVE-2015-5299 CVE-2015-5330 CVE-2015-8467

 

Affected Products:

openSUSE Leap 42.1

______________________________________________________________________________

 

An update that solves 6 vulnerabilities and has three fixes

is now available.

 

Description:

 

 

This update for ldb, samba, talloc, tdb, tevent fixes the following

security issues and bugs:

 

The Samba LDB was updated to version 1.1.24:

 

- Fix ldap \00 search expression attack dos; CVE-2015-3223; (bso#11325)

- Fix remote read memory exploit in ldb; CVE-2015-5330; (bso#11599)

- Move ldb_(un)pack_data into ldb_module.h for testing

- Fix installation of _ldb_text.py

- Fix propagation of ldb errors through tdb

- Fix bug triggered by having an empty message in database during search

 

Samba was updated to fix these issues:

 

- Malicious request can cause Samba LDAP server to hang, spinning using

CPU; CVE-2015-3223; (bso#11325); (bnc#958581).

- Remote read memory exploit in LDB; CVE-2015-5330; (bso#11599);

(bnc#958586).

- Insufficient symlink verification (file access outside the share);

CVE-2015-5252; (bso#11395); (bnc#958582).

- No man in the middle protection when forcing smb encryption on the

client side; CVE-2015-5296; (bso#11536); (bnc#958584).

- Currently the snapshot browsing is not secure thru windows previous

version (shadow_copy2); CVE-2015-5299; (bso#11529); (bnc#958583).

- Fix Microsoft MS15-096 to prevent machine accounts from being changed

into user accounts; CVE-2015-8467; (bso#11552); (bnc#958585).

- Changing log level of two entries to from 1 to 3; (bso#9912).

- vfs_gpfs: Re-enable share modes; (bso#11243).

- wafsamba: Also build libraries with RELRO protection; (bso#11346).

- ctdb: Strip trailing spaces from nodes file; (bso#11365).

- s3-smbd: Fix old DOS client doing wildcard delete - gives a attribute

type

of zero; (bso#11452).

- nss_wins: Do not run into use after free issues when we access memory

allocated on the globals and the global being reinitialized; (bso#11563).

- async_req: Fix non-blocking connect(); (bso#11564).

- auth: gensec: Fix a memory leak; (bso#11565).

- lib: util: Make non-critical message a warning; (bso#11566).

- Fix winbindd crashes with samlogon for trusted domain user; (bso#11569);

(bnc#949022).

- smbd: Send SMB2 oplock breaks unencrypted; (bso#11570).

- ctdb: Open the RO tracking db with perms 0600 instead of 0000;

(bso#11577).

- manpage: Correct small typo error; (bso#11584).

- s3: smbd: If EA's are turned off on a share don't allow an SMB2 create

containing them; (bso#11589).

- Backport some valgrind fixes from upstream master; (bso#11597).

- s3: smbd: have_file_open_below() fails to enumerate open files below an

open directory handle; (bso#11615).

- docs: Fix some typos in the idmap config section of man 5 smb.conf;

(bso#11619).

- Cleanup and enhance the pidl sub package.

- s3: smbd: Fix our access-based enumeration on "hide unreadable" to match

Windows; (bso#10252).

- smbd: Fix file name buflen and padding in notify repsonse; (bso#10634).

- kerberos: Make sure we only use prompter type when available;

(bso#11038).

- s3:ctdbd_conn: Make sure we destroy tevent_fd before closing the socket;

(bso#11316).

- dcerpc.idl: accept invalid dcerpc_bind_nak pdus; (bso#11327).

- Fix a deadlock in tdb; (bso#11381).

- s3: smbd: Fix mkdir race condition; (bso#11486).

- pam_winbind: Fix a segfault if initialization fails; (bso#11502).

- s3: dfs: Fix a crash when the dfs targets are disabled; (bso#11509).

- s3: smbd: Fix opening/creating :stream files on the root share

directory; (bso#11522).

- net: Fix a crash with 'net ads keytab create'; (bso#11528).

- s3: smbd: Fix a crash in unix_convert() and a NULL pointer bug

introduced by previous 'raw' stream fix (bso#11522); (bso#11535).

- vfs_fruit: Return value of ad_pack in vfs_fruit.c; (bso#11543).

- vfs_commit: Set the fd on open before calling SMB_VFS_FSTAT; (bso#11547).

- Fix bug in smbstatus where the lease info is not printed; (bso#11549).

- s3:smbstatus: Add stream name to share_entry_forall(); (bso#11550).

- Prevent null pointer access in samlogon fallback when security

credentials are null; (bnc#949022).

- Fix 100% CPU in winbindd when logging in with "user must change password

on next logon"; (bso#11038).

 

talloc was updated to version 2.1.5; (bsc#954658) (bsc#951660).

 

- Test that talloc magic differs between processes.

- Increment minor version due to added talloc_test_get_magic.

- Provide tests access to talloc_magic.

- Test magic protection measures.

 

tdb was updated to version 1.3.8; (bsc#954658).

 

- Improved python3 bindings

 

tevent was updated to 0.9.26; (bsc#954658).

 

- New tevent_thread_proxy api

- Minor build fixes This update was imported from the

SUSE:SLE-12-SP1:Update update project.

 

 

Patch Instructions:

 

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

 

- openSUSE Leap 42.1:

 

zypper in -t patch openSUSE-2015-943=1

 

To bring your system up-to-date, use "zypper patch".

 

 

Package List:

 

- openSUSE Leap 42.1 (i586 x86_64):

 

ldb-debugsource-1.1.24-7.1

ldb-tools-1.1.24-7.1

ldb-tools-debuginfo-1.1.24-7.1

libdcerpc-atsvc-devel-4.2.4-9.2

libdcerpc-atsvc0-4.2.4-9.2

libdcerpc-atsvc0-debuginfo-4.2.4-9.2

libdcerpc-binding0-4.2.4-9.2

libdcerpc-binding0-debuginfo-4.2.4-9.2

libdcerpc-devel-4.2.4-9.2

libdcerpc-samr-devel-4.2.4-9.2

libdcerpc-samr0-4.2.4-9.2

libdcerpc-samr0-debuginfo-4.2.4-9.2

libdcerpc0-4.2.4-9.2

libdcerpc0-debuginfo-4.2.4-9.2

libgensec-devel-4.2.4-9.2

libgensec0-4.2.4-9.2

libgensec0-debuginfo-4.2.4-9.2

libldb-devel-1.1.24-7.1

libldb1-1.1.24-7.1

libldb1-debuginfo-1.1.24-7.1

libndr-devel-4.2.4-9.2

libndr-krb5pac-devel-4.2.4-9.2

libndr-krb5pac0-4.2.4-9.2

libndr-krb5pac0-debuginfo-4.2.4-9.2

libndr-nbt-devel-4.2.4-9.2

libndr-nbt0-4.2.4-9.2

libndr-nbt0-debuginfo-4.2.4-9.2

libndr-standard-devel-4.2.4-9.2

libndr-standard0-4.2.4-9.2

libndr-standard0-debuginfo-4.2.4-9.2

libndr0-4.2.4-9.2

libndr0-debuginfo-4.2.4-9.2

libnetapi-devel-4.2.4-9.2

libnetapi0-4.2.4-9.2

libnetapi0-debuginfo-4.2.4-9.2

libregistry-devel-4.2.4-9.2

libregistry0-4.2.4-9.2

libregistry0-debuginfo-4.2.4-9.2

libsamba-credentials-devel-4.2.4-9.2

libsamba-credentials0-4.2.4-9.2

libsamba-credentials0-debuginfo-4.2.4-9.2

libsamba-hostconfig-devel-4.2.4-9.2

libsamba-hostconfig0-4.2.4-9.2

libsamba-hostconfig0-debuginfo-4.2.4-9.2

libsamba-passdb-devel-4.2.4-9.2

libsamba-passdb0-4.2.4-9.2

libsamba-passdb0-debuginfo-4.2.4-9.2

libsamba-policy-devel-4.2.4-9.2

libsamba-policy0-4.2.4-9.2

libsamba-policy0-debuginfo-4.2.4-9.2

libsamba-util-devel-4.2.4-9.2

libsamba-util0-4.2.4-9.2

libsamba-util0-debuginfo-4.2.4-9.2

libsamdb-devel-4.2.4-9.2

libsamdb0-4.2.4-9.2

libsamdb0-debuginfo-4.2.4-9.2

libsmbclient-devel-4.2.4-9.2

libsmbclient-raw-devel-4.2.4-9.2

libsmbclient-raw0-4.2.4-9.2

libsmbclient-raw0-debuginfo-4.2.4-9.2

libsmbclient0-4.2.4-9.2

libsmbclient0-debuginfo-4.2.4-9.2

libsmbconf-devel-4.2.4-9.2

libsmbconf0-4.2.4-9.2

libsmbconf0-debuginfo-4.2.4-9.2

libsmbldap-devel-4.2.4-9.2

libsmbldap0-4.2.4-9.2

libsmbldap0-debuginfo-4.2.4-9.2

libtalloc-devel-2.1.5-7.1

libtalloc2-2.1.5-7.1

libtalloc2-debuginfo-2.1.5-7.1

libtdb-devel-1.3.8-7.1

libtdb1-1.3.8-7.1

libtdb1-debuginfo-1.3.8-7.1

libtevent-devel-0.9.26-7.1

libtevent-util-devel-4.2.4-9.2

libtevent-util0-4.2.4-9.2

libtevent-util0-debuginfo-4.2.4-9.2

libtevent0-0.9.26-7.1

libtevent0-debuginfo-0.9.26-7.1

libwbclient-devel-4.2.4-9.2

libwbclient0-4.2.4-9.2

libwbclient0-debuginfo-4.2.4-9.2

pyldb-1.1.24-7.1

pyldb-debuginfo-1.1.24-7.1

pyldb-devel-1.1.24-7.1

pytalloc-2.1.5-7.1

pytalloc-debuginfo-2.1.5-7.1

pytalloc-devel-2.1.5-7.1

python-tdb-1.3.8-7.1

python-tdb-debuginfo-1.3.8-7.1

python-tevent-0.9.26-7.1

python-tevent-debuginfo-0.9.26-7.1

samba-4.2.4-9.2

samba-client-4.2.4-9.2

samba-client-debuginfo-4.2.4-9.2

samba-core-devel-4.2.4-9.2

samba-debuginfo-4.2.4-9.2

samba-debugsource-4.2.4-9.2

samba-libs-4.2.4-9.2

samba-libs-debuginfo-4.2.4-9.2

samba-pidl-4.2.4-9.2

samba-python-4.2.4-9.2

samba-python-debuginfo-4.2.4-9.2

samba-test-4.2.4-9.2

samba-test-debuginfo-4.2.4-9.2

samba-test-devel-4.2.4-9.2

samba-winbind-4.2.4-9.2

samba-winbind-debuginfo-4.2.4-9.2

talloc-debugsource-2.1.5-7.1

tdb-debugsource-1.3.8-7.1

tdb-tools-1.3.8-7.1

tdb-tools-debuginfo-1.3.8-7.1

tevent-debugsource-0.9.26-7.1

 

- openSUSE Leap 42.1 (x86_64):

 

libdcerpc-atsvc0-32bit-4.2.4-9.2

libdcerpc-atsvc0-debuginfo-32bit-4.2.4-9.2

libdcerpc-binding0-32bit-4.2.4-9.2

libdcerpc-binding0-debuginfo-32bit-4.2.4-9.2

libdcerpc-samr0-32bit-4.2.4-9.2

libdcerpc-samr0-debuginfo-32bit-4.2.4-9.2

libdcerpc0-32bit-4.2.4-9.2

libdcerpc0-debuginfo-32bit-4.2.4-9.2

libgensec0-32bit-4.2.4-9.2

libgensec0-debuginfo-32bit-4.2.4-9.2

libldb1-32bit-1.1.24-7.1

libldb1-debuginfo-32bit-1.1.24-7.1

libndr-krb5pac0-32bit-4.2.4-9.2

libndr-krb5pac0-debuginfo-32bit-4.2.4-9.2

libndr-nbt0-32bit-4.2.4-9.2

libndr-nbt0-debuginfo-32bit-4.2.4-9.2

libndr-standard0-32bit-4.2.4-9.2

libndr-standard0-debuginfo-32bit-4.2.4-9.2

libndr0-32bit-4.2.4-9.2

libndr0-debuginfo-32bit-4.2.4-9.2

libnetapi0-32bit-4.2.4-9.2

libnetapi0-debuginfo-32bit-4.2.4-9.2

libregistry0-32bit-4.2.4-9.2

libregistry0-debuginfo-32bit-4.2.4-9.2

libsamba-credentials0-32bit-4.2.4-9.2

libsamba-credentials0-debuginfo-32bit-4.2.4-9.2

libsamba-hostconfig0-32bit-4.2.4-9.2

libsamba-hostconfig0-debuginfo-32bit-4.2.4-9.2

libsamba-passdb0-32bit-4.2.4-9.2

libsamba-passdb0-debuginfo-32bit-4.2.4-9.2

libsamba-policy0-32bit-4.2.4-9.2

libsamba-policy0-debuginfo-32bit-4.2.4-9.2

libsamba-util0-32bit-4.2.4-9.2

libsamba-util0-debuginfo-32bit-4.2.4-9.2

libsamdb0-32bit-4.2.4-9.2

libsamdb0-debuginfo-32bit-4.2.4-9.2

libsmbclient-raw0-32bit-4.2.4-9.2

libsmbclient-raw0-debuginfo-32bit-4.2.4-9.2

libsmbclient0-32bit-4.2.4-9.2

libsmbclient0-debuginfo-32bit-4.2.4-9.2

libsmbconf0-32bit-4.2.4-9.2

libsmbconf0-debuginfo-32bit-4.2.4-9.2

libsmbldap0-32bit-4.2.4-9.2

libsmbldap0-debuginfo-32bit-4.2.4-9.2

libtalloc2-32bit-2.1.5-7.1

libtalloc2-debuginfo-32bit-2.1.5-7.1

libtdb1-32bit-1.3.8-7.1

libtdb1-debuginfo-32bit-1.3.8-7.1

libtevent-util0-32bit-4.2.4-9.2

libtevent-util0-debuginfo-32bit-4.2.4-9.2

libtevent0-32bit-0.9.26-7.1

libtevent0-debuginfo-32bit-0.9.26-7.1

libwbclient0-32bit-4.2.4-9.2

libwbclient0-debuginfo-32bit-4.2.4-9.2

pyldb-32bit-1.1.24-7.1

pyldb-debuginfo-32bit-1.1.24-7.1

pytalloc-32bit-2.1.5-7.1

pytalloc-debuginfo-32bit-2.1.5-7.1

python-tdb-32bit-1.3.8-7.1

python-tdb-debuginfo-32bit-1.3.8-7.1

python-tevent-32bit-0.9.26-7.1

python-tevent-debuginfo-32bit-0.9.26-7.1

samba-32bit-4.2.4-9.2

samba-client-32bit-4.2.4-9.2

samba-client-debuginfo-32bit-4.2.4-9.2

samba-debuginfo-32bit-4.2.4-9.2

samba-libs-32bit-4.2.4-9.2

samba-libs-debuginfo-32bit-4.2.4-9.2

samba-winbind-32bit-4.2.4-9.2

samba-winbind-debuginfo-32bit-4.2.4-9.2

 

- openSUSE Leap 42.1 (noarch):

 

samba-doc-4.2.4-9.2

 

 

References:

 

https://www.suse.com/security/cve/CVE-2015-3223.html

https://www.suse.com/security/cve/CVE-2015-5252.html

https://www.suse.com/security/cve/CVE-2015-5296.html

https://www.suse.com/security/cve/CVE-2015-5299.html

https://www.suse.com/security/cve/CVE-2015-5330.html

https://www.suse.com/security/cve/CVE-2015-8467.html

https://bugzilla.suse.com/949022

https://bugzilla.suse.com/951660

https://bugzilla.suse.com/954658

https://bugzilla.suse.com/958581

https://bugzilla.suse.com/958582

https://bugzilla.suse.com/958583

https://bugzilla.suse.com/958584

https://bugzilla.suse.com/958585

https://bugzilla.suse.com/958586

 

--

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org

For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

 

 

 

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

×