You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa samba

Sigurnosni nedostaci programskog paketa samba

——————————————————————————–
Fedora Update Notification
FEDORA-2019-be98a08835
2019-12-12 01:53:43.055751
——————————————————————————–

Name : samba
Product : Fedora 31
Version : 4.11.3
Release : 0.fc31
URL : https://www.samba.org
Summary : Server and Client software to interoperate with Windows machines
Description :
Samba is the standard Windows interoperability suite of programs for Linux and
Unix.

——————————————————————————–
Update Information:

Update to Samba 4.11.3 – Security fixes for CVE-2019-14861, CVE-2019-14870 —-
Restart winbindd on samba-winbind package upgrade
——————————————————————————–
ChangeLog:

* Tue Dec 10 2019 Guenther Deschner <gdeschner@redhat.com> – 4.11.3-0
– Update to Samba 4.11.3
– resolves: #1778586, #1781542 – Security fixes for CVE-2019-14861
– resolves: #1778589, #1781545 – Security fixes for CVE-2019-14870
* Thu Dec 5 2019 Andreas Schneider <asn@redhat.com> – 4.11.2-2
– Restart winbindd on samba-winbind package upgrade
* Wed Nov 6 2019 Alexander Bokovoy <abokovoy@redhat.com> – 4.11.2-1
– Update DES removal patch
* Tue Oct 29 2019 Guenther Deschner <gdeschner@redhat.com> – 4.11.2-0
– Update to Samba 4.11.2
– resolves: #1763137, #1766558 – Security fixes for CVE-2019-10218
– resolves: #1764126, #1766559 – Security fixes for CVE-2019-14833
* Sun Oct 27 2019 Alexander Bokovoy <abokovoy@redhat.com> – 4.11.1-1
– resolves: #1757071 – Deploy new samba DC fails
* Fri Oct 18 2019 Guenther Deschner <gdeschner@redhat.com> – 4.11.1-0
– Update to Samba 4.11.1
——————————————————————————–
References:

[ 1 ] Bug #1778586 – CVE-2019-14861 samba: An authenticated user can crash the DCE/RPC DNS management server by creating records with matching the zone name
https://bugzilla.redhat.com/show_bug.cgi?id=1778586
[ 2 ] Bug #1778589 – CVE-2019-14870 samba: The DelegationNotAllowed Kerberos feature restriction was not being applied when processing protocol transition requests (S4U2Self), in the AD DC KDC
https://bugzilla.redhat.com/show_bug.cgi?id=1778589
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2019-be98a08835’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

Top
More in Preporuke
Sigurnosni nedostaci programskih paketa RPM

Otkriveni su sigurnosni nedostaci u programskim paketima RPM za Red Hat OpenShift Service Mesh. Otkriveni nedostaci potencijalnim udaljenim napadačima omogućuju...

Close