Revision Date: | 2020-10-29 | Version: | 1 |
Title: | Security update for samba (Important) |
Description: |
This update for samba fixes the following issues:
Update to samba 4.11.14
- CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records (bsc#1177613). - CVE-2020-14323: Unprivileged user can crash winbind (bsc#1173994). - CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify (bsc#1173902). - lib/util: Do not install /usr/bin/test_util - smbd: don't log success as error - idmap_ad does not deal properly with a RFC4511 section 4.4.1 response; - winbind: Fix a memleak - idmap_ad: Pass tldap debug messages on to DEBUG() - lib/replace: Move lib/replace/closefrom.c from ROKEN_HOSTCC_SOURCE to REPLACE_HOSTCC_SOURCE - ctdb disable/enable can fail due to race condition
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | 1173902 1173994 1177613 CVE-2020-14318 CVE-2020-14323 CVE-2020-14383 SUSE-SU-2020:3081-1
|
Platform(s): | SUSE Linux Enterprise High Availability 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Storage 7 SUSE Manager Proxy 4.1 SUSE Manager Server 4.1
| Product(s): | |
Definition Synopsis |
SUSE Linux Enterprise High Availability 15 SP2 is installed AND ctdb-4.11.14+git.202.344b137b75d-4.14.1 is installed
|