Oval Definition:oval:org.opensuse.security:def:67435
Revision Date:2020-12-01Version:1
Title:Security update for samba (Important)
Description:

This update for samba fixes the following issues:

Update to samba 4.11.14

- CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records (bsc#1177613). - CVE-2020-14323: Unprivileged user can crash winbind (bsc#1173994). - CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify (bsc#1173902). - lib/util: Do not install /usr/bin/test_util - smbd: don't log success as error - idmap_ad does not deal properly with a RFC4511 section 4.4.1 response; - winbind: Fix a memleak - idmap_ad: Pass tldap debug messages on to DEBUG() - lib/replace: Move lib/replace/closefrom.c from ROKEN_HOSTCC_SOURCE to REPLACE_HOSTCC_SOURCE - ctdb disable/enable can fail due to race condition
Family:unixClass:patch
Status:Reference(s):1173902
1173994
1177613
1178682
CVE-2020-14318
CVE-2020-14323
CVE-2020-14383
CVE-2020-25708
SUSE-SU-2020:3081-1
SUSE-SU-2020:3515-1
Platform(s):SUSE Linux Enterprise Module for Python2 packages 15 SP2
SUSE Linux Enterprise Workstation Extension 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Python2 packages 15 SP2 is installed
  • AND Package Information
  • samba-4.11.14+git.202.344b137b75d-4.14 is installed
  • OR samba-ad-dc-4.11.14+git.202.344b137b75d-4.14 is installed
  • OR samba-dsdb-modules-4.11.14+git.202.344b137b75d-4.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND Package Information
  • LibVNCServer-0.9.10-4.25 is installed
  • OR libvncclient0-0.9.10-4.25 is installed
  • OR libvncserver0-0.9.10-4.25 is installed
    • BACK