Revision Date: | 2022-08-03 | Version: | 1 |
Title: | Security update for ldb, samba (Important) |
Description: |
This update for ldb, samba fixes the following issues:
- CVE-2022-32746: Fixed a use-after-free occurring in database audit logging (bsc#1201490). - CVE-2022-32745: Fixed a remote server crash with an LDAP add or modify request (bsc#1201492). - CVE-2022-2031: Fixed AD restrictions bypass associated with changing passwords (bsc#1201495). - CVE-2022-32742: Fixed a memory leak in SMB1 (bsc#1201496). - CVE-2022-32744: Fixed an arbitrary password change request for any AD user (bsc#1201493).
The following non-security bug were fixed:
ldb was updated to version 2.4.3:
+ Fix build problems, waf produces incorrect names for python extensions; (bso#15071);
samba was updated to 4.15.8:
Use pathref fd instead of io fd in vfs_default_durable_cookie; (bso#15042); * Setting fruit:resource = stream in vfs_fruit causes a panic; (bso#15099); * Add support for bind 9.18; (bso#14986); * logging dsdb audit to specific files does not work; (bso#15076); * vfs_gpfs with vfs_shadowcopy2 fail to restore file if original file had been deleted; (bso#15069); * netgroups support removed; (bso#15087); (bsc#1199247); * net ads info shows LDAP Server: 0.0.0.0 depending on contacted server; (bso#14674); (bsc#1199734); * waf produces incorrect names for python extensions with Python 3.11; (bso#15071); * smbclient commands del & deltree fail with NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS; (bso#15100); (bsc#1200556); * vfs_gpfs recalls=no option prevents listing files; (bso#15055); * waf produces incorrect names for python extensions with Python 3.11; (bso#15071); * Compile error in source3/utils/regedit_hexedit.c; (bso#15091); * ldconfig: /lib64/libsmbconf.so.0 is not a symbolic link; (bso#15108); * smbd doesn't handle UPNs for looking up names; (bso#15054); * Out-by-4 error in smbd read reply max_send clamp; (bso#14443);
- Move pdb backends from package samba-libs to package samba-client-libs and remove samba-libs requirement from samba-winbind; (bsc#1200964); (bsc#1198255); - Use the canonical realm name to refresh the Kerberos tickets; (bsc#1196224); (bso#14979); - Fix smbclient commands del & deltree failing with NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS; (bso#15100); (bsc#1200556).
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | 1122417 1125886 1178236 1188921 1196224 1198255 1199247 1199734 1200556 1200964 1201490 1201492 1201493 1201495 1201496 CVE-2021-37600 CVE-2022-2031 CVE-2022-32742 CVE-2022-32744 CVE-2022-32745 CVE-2022-32746 SUSE-SU-2022:2659-1
|
Platform(s): | SUSE Linux Enterprise High Availability 15 SP4 SUSE Linux Enterprise High Performance Computing 15 SP4 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Server 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3
| Product(s): | |
Definition Synopsis |
Release Information SUSE Linux Enterprise High Availability 15 SP4 is installed
OR SUSE Linux Enterprise High Performance Computing 15 SP4 is installed
OR SUSE Linux Enterprise Server 15 SP4 is installed
OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed
OR SUSE Manager Proxy 4.3 is installed
OR SUSE Manager Retail Branch Server 4.3 is installed
OR SUSE Manager Server 4.3 is installed
AND ctdb-4.15.8+git.500.d5910280cc7-150400.3.11.1 is installed
|