Articles / SuSE: New samba packages fi…

SuSE: New samba packages fix security vulnerabilities

This update of Samba fixes a heap-based buffer overflow that could be exploited by remote, unauthenticated attackers to crash the smbd daemon or potentially execute arbitrary code via specially crafted SMB AndX request packets. Updated packages are available from download.opensuse.org.

  SUSE Security Update: Security update for Samba
______________________________________________________________________________

Announcement ID:    SUSE-SU-2012:0337-1
Rating:             critical
References:         #633729 #703655 #747934 
Cross-References:   CVE-2012-0870
Affected Products:
                   SUSE Linux Enterprise Server 10 SP4
                   SUSE Linux Enterprise Server 10 SP3 LTSS
                   SUSE Linux Enterprise Desktop 10 SP4
                   SLE SDK 10 SP4
______________________________________________________________________________

  An update that solves one vulnerability and has two fixes
  is now available.

Description:


  This update of Samba fixes a heap-based buffer overflow
  that could be  exploited by remote, unauthenticated
  attackers to crash the smbd daemon or  potentially execute
  arbitrary code via specially crafted SMB AndX request
  packets (CVE-2012-0870).

  Also fixed two non security bugs:

  * Fix to handle domain join using NetBIOS name; (bnc
  #633729).
  * Fixed the DFS referral response for msdfs root;
  (bnc#703655).

  Security Issue reference:

  * CVE-2012-0870
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870




Package List:

  - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):

     cifs-mount-3.0.36-0.13.18.1
     ldapsmb-1.34b-25.13.18.1
     libmsrpc-3.0.36-0.13.18.1
     libmsrpc-devel-3.0.36-0.13.18.1
     libsmbclient-3.0.36-0.13.18.1
     libsmbclient-devel-3.0.36-0.13.18.1
     samba-3.0.36-0.13.18.1
     samba-client-3.0.36-0.13.18.1
     samba-krb-printing-3.0.36-0.13.18.1
     samba-python-3.0.36-0.13.18.1
     samba-vscan-0.3.6b-43.13.18.1
     samba-winbind-3.0.36-0.13.18.1

  - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):

     libsmbclient-32bit-3.0.36-0.13.18.1
     samba-32bit-3.0.36-0.13.18.1
     samba-client-32bit-3.0.36-0.13.18.1
     samba-winbind-32bit-3.0.36-0.13.18.1

  - SUSE Linux Enterprise Server 10 SP4 (ia64):

     libsmbclient-x86-3.0.36-0.13.18.1
     samba-client-x86-3.0.36-0.13.18.1
     samba-winbind-x86-3.0.36-0.13.18.1
     samba-x86-3.0.36-0.13.18.1

  - SUSE Linux Enterprise Server 10 SP4 (ppc):

     libsmbclient-64bit-3.0.36-0.13.18.1
     samba-64bit-3.0.36-0.13.18.1
     samba-client-64bit-3.0.36-0.13.18.1
     samba-winbind-64bit-3.0.36-0.13.18.1

  - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64):

     cifs-mount-3.0.36-0.13.18.1
     ldapsmb-1.34b-25.13.18.1
     libmsrpc-3.0.36-0.13.18.1
     libmsrpc-devel-3.0.36-0.13.18.1
     libsmbclient-3.0.36-0.13.18.1
     libsmbclient-devel-3.0.36-0.13.18.1
     samba-3.0.36-0.13.18.1
     samba-client-3.0.36-0.13.18.1
     samba-krb-printing-3.0.36-0.13.18.1
     samba-python-3.0.36-0.13.18.1
     samba-vscan-0.3.6b-43.13.18.1
     samba-winbind-3.0.36-0.13.18.1

  - SUSE Linux Enterprise Server 10 SP3 LTSS (s390x x86_64):

     libsmbclient-32bit-3.0.36-0.13.18.1
     samba-32bit-3.0.36-0.13.18.1
     samba-client-32bit-3.0.36-0.13.18.1
     samba-winbind-32bit-3.0.36-0.13.18.1

  - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):

     cifs-mount-3.0.36-0.13.18.1
     ldapsmb-1.34b-25.13.18.1
     libsmbclient-3.0.36-0.13.18.1
     libsmbclient-devel-3.0.36-0.13.18.1
     samba-3.0.36-0.13.18.1
     samba-client-3.0.36-0.13.18.1
     samba-krb-printing-3.0.36-0.13.18.1
     samba-vscan-0.3.6b-43.13.18.1
     samba-winbind-3.0.36-0.13.18.1

  - SUSE Linux Enterprise Desktop 10 SP4 (x86_64):

     libsmbclient-32bit-3.0.36-0.13.18.1
     samba-32bit-3.0.36-0.13.18.1
     samba-client-32bit-3.0.36-0.13.18.1
     samba-winbind-32bit-3.0.36-0.13.18.1

  - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):

     libmsrpc-3.0.36-0.13.18.1
     libmsrpc-devel-3.0.36-0.13.18.1
     libsmbclient-devel-3.0.36-0.13.18.1
     libsmbsharemodes-3.0.36-0.13.18.1
     libsmbsharemodes-devel-3.0.36-0.13.18.1
     samba-python-3.0.36-0.13.18.1


References:

  http://support.novell.com/security/cve/CVE-2012-0870.html
  https://bugzilla.novell.com/633729
  https://bugzilla.novell.com/703655
  https://bugzilla.novell.com/747934
  http://download.novell.com/patch/finder/?keywords=547e3b7057adb631e1439605662293be
  http://download.novell.com/patch/finder/?keywords=7da8ca4f10f91e5bf4d12b67b2bd7522
Screenshot

Project Spotlight

Kigo Video Converter Ultimate for Mac

A tool for converting and editing videos.

Screenshot

Project Spotlight

Kid3

An efficient tagger for MP3, Ogg/Vorbis, and FLAC files.