Articles / SuSE: New samba packages fi…

SuSE: New samba packages fix security vulnerabilities

This Samba file server update fixes various security issues. A heap-based buffer overflow that could be exploited by remote, unauthenticated attackers to crash the smbd daemon or potentially execute arbitrary code via specially crafted SMB AndX request packets was fixed. A cross site scripting problem in SWAT was fixed. A possible denial of service caused by memory corruption was fixed. A buffer overflow in sid_parse() was fixed to correctly check the input lengths when reading a binary representation of a Windows Security ID (SID).

A possible buffer overrun in chain_reply code of pre-3.4 versions was addressed. An uninitialized variable read could have caused an smbd crash, which was fixed. Samba now takes extra care that a mount point of mount.cifs isn’t changed during mount.

Updated packages are available from download.opensuse.org.

  SUSE Security Update: Security update for Samba
______________________________________________________________________________

Announcement ID:    SUSE-SU-2012:0348-1
Rating:             critical
References:         #550002 #561894 #577868 #592198 #599873 #605935 
                   #611927 #613459 #637218 #652620 #670431 #705241 
                   #708503 #747934 
Cross-References:   CVE-2012-0870
Affected Products:
                   SUSE Linux Enterprise Server 10 SP2
______________________________________________________________________________

  An update that solves one vulnerability and has 13 fixes is
  now available. It includes one version update.

Description:


  This Samba file server update fixes various security issues:

  * CVE-2012-0870: A heap-based buffer overflow that
  could be exploited by remote, unauthenticated attackers to
  crash the smbd daemon or potentially execute arbitrary code
  via specially crafted SMB AndX request packets.
  * CVE-2011-2694: A cross site scripting problem in SWAT
  was fixed.
  * CVE-2011-0719: Fixed a possible denial of service
  caused by memory corruption.
  * CVE-2010-3069: Fix buffer overflow in sid_parse() to
  correctly check the input lengths when reading a binary
  representation of a Windows Security ID (SID).
  * CVE-2010-2063: Addressed possible buffer overrun in
  chain_reply code of pre-3.4 versions.
  * CVE-2010-1642: An uninitialized variable read could
  have caused an smbd crash.
  * CVE-2010-0787: Take extra care that a mount point of
  mount.cifs isn't changed during mount;

  Also the following bugs have been fixed:

  * Add Provides samba-client-gplv2 and samba-doc-gplv2
  to pre-3.2 versions; (bnc#652620).
  * Initialize workgroup of nmblookup as empty string.
  * Fix trusts with Windows 2008R2 DCs; (bnc#613459);
  (bnc#599873); (bnc#592198); (bso#6697).
  * Document "wide links" defaults to "no" in the
  smb.conf man page for versions pre-3.4.6; (bnc#577868).
  * Allow forced pw change even with min pw age;
  (bnc#561894).

  Security Issue reference:

  * CVE-2012-0870
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870




Package List:

  - SUSE Linux Enterprise Server 10 SP2 (i586 s390x x86_64) [New Version: 3.0.32]:

     cifs-mount-3.0.32-0.20.1
     libmsrpc-3.0.32-0.20.1
     libmsrpc-devel-3.0.32-0.20.1
     libsmbclient-3.0.32-0.20.1
     libsmbclient-devel-3.0.32-0.20.1
     samba-3.0.32-0.20.1
     samba-client-3.0.32-0.20.1
     samba-krb-printing-3.0.32-0.20.1
     samba-python-3.0.32-0.20.1
     samba-vscan-0.3.6b-42.85.20.1
     samba-winbind-3.0.32-0.20.1

  - SUSE Linux Enterprise Server 10 SP2 (s390x x86_64) [New Version: 3.0.32]:

     libsmbclient-32bit-3.0.32-0.20.1
     samba-32bit-3.0.32-0.20.1
     samba-client-32bit-3.0.32-0.20.1
     samba-winbind-32bit-3.0.32-0.20.1

  - SUSE Linux Enterprise Server 10 SP2 (noarch) [New Version: 3.0.32]:

     samba-doc-3.0.32-0.20.1


References:

  http://support.novell.com/security/cve/CVE-2012-0870.html
  https://bugzilla.novell.com/550002
  https://bugzilla.novell.com/561894
  https://bugzilla.novell.com/577868
  https://bugzilla.novell.com/592198
  https://bugzilla.novell.com/599873
  https://bugzilla.novell.com/605935
  https://bugzilla.novell.com/611927
  https://bugzilla.novell.com/613459
  https://bugzilla.novell.com/637218
  https://bugzilla.novell.com/652620
  https://bugzilla.novell.com/670431
  https://bugzilla.novell.com/705241
  https://bugzilla.novell.com/708503
  https://bugzilla.novell.com/747934
  http://download.novell.com/patch/finder/?keywords=7647f10c23183441620c089dfae68cd9
Screenshot

Project Spotlight

Kigo Video Converter Ultimate for Mac

A tool for converting and editing videos.

Screenshot

Project Spotlight

Kid3

An efficient tagger for MP3, Ogg/Vorbis, and FLAC files.