openSUSE Security Update: Security update for samba and resource-agents
______________________________________________________________________________
Announcement ID: openSUSE-SU-2017:2311-1
Rating: important
References: #1048278 #1048339 #1048352 #1048387 #1048790
#1052577 #1054017
Cross-References: CVE-2017-11103
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________
An update that solves one vulnerability and has 6 fixes is
now available.
Description:
This update provides Samba 4.6.7, which fixes the following issues:
– CVE-2017-11103: Metadata were being taken from the unauthenticated
plaintext (the Ticket) rather than the authenticated and encrypted KDC
response. (bsc#1048278)
– Fix cephwrap_chdir(). (bsc#1048790)
– Fix ctdb logs to /var/log/log.ctdb instead of /var/log/ctdb.
(bsc#1048339)
– Fix inconsistent ctdb socket path. (bsc#1048352)
– Fix non-admin cephx authentication. (bsc#1048387)
– CTDB cannot start when there is no persistent database. (bsc#1052577)
The CTDB resource agent was also fixed to not fail when the database is
empty.
This update was imported from the SUSE:SLE-12-SP3:Update update project.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
– openSUSE Leap 42.3:
zypper in -t patch openSUSE-2017-987=1
To bring your system up-to-date, use “zypper patch”.
Package List:
– openSUSE Leap 42.3 (i586 x86_64):
ctdb-4.6.7+git.38.90b2cdb4f22-3.1
ctdb-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
ctdb-tests-4.6.7+git.38.90b2cdb4f22-3.1
ctdb-tests-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
ldirectord-4.0.1+git.1495055229.643177f1-3.1
libdcerpc-binding0-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc-binding0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc-devel-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc-samr-devel-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc-samr0-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc-samr0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc0-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libndr-devel-4.6.7+git.38.90b2cdb4f22-3.1
libndr-krb5pac-devel-4.6.7+git.38.90b2cdb4f22-3.1
libndr-krb5pac0-4.6.7+git.38.90b2cdb4f22-3.1
libndr-krb5pac0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libndr-nbt-devel-4.6.7+git.38.90b2cdb4f22-3.1
libndr-nbt0-4.6.7+git.38.90b2cdb4f22-3.1
libndr-nbt0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libndr-standard-devel-4.6.7+git.38.90b2cdb4f22-3.1
libndr-standard0-4.6.7+git.38.90b2cdb4f22-3.1
libndr-standard0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libndr0-4.6.7+git.38.90b2cdb4f22-3.1
libndr0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libnetapi-devel-4.6.7+git.38.90b2cdb4f22-3.1
libnetapi0-4.6.7+git.38.90b2cdb4f22-3.1
libnetapi0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-credentials-devel-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-credentials0-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-credentials0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-errors-devel-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-errors0-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-errors0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-hostconfig-devel-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-hostconfig0-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-hostconfig0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-passdb-devel-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-passdb0-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-passdb0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-policy-devel-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-policy0-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-policy0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-util-devel-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-util0-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-util0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libsamdb-devel-4.6.7+git.38.90b2cdb4f22-3.1
libsamdb0-4.6.7+git.38.90b2cdb4f22-3.1
libsamdb0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libsmbclient-devel-4.6.7+git.38.90b2cdb4f22-3.1
libsmbclient0-4.6.7+git.38.90b2cdb4f22-3.1
libsmbclient0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libsmbconf-devel-4.6.7+git.38.90b2cdb4f22-3.1
libsmbconf0-4.6.7+git.38.90b2cdb4f22-3.1
libsmbconf0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libsmbldap-devel-4.6.7+git.38.90b2cdb4f22-3.1
libsmbldap0-4.6.7+git.38.90b2cdb4f22-3.1
libsmbldap0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libtevent-util-devel-4.6.7+git.38.90b2cdb4f22-3.1
libtevent-util0-4.6.7+git.38.90b2cdb4f22-3.1
libtevent-util0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
libwbclient-devel-4.6.7+git.38.90b2cdb4f22-3.1
libwbclient0-4.6.7+git.38.90b2cdb4f22-3.1
libwbclient0-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
resource-agents-4.0.1+git.1495055229.643177f1-3.1
resource-agents-debuginfo-4.0.1+git.1495055229.643177f1-3.1
resource-agents-debugsource-4.0.1+git.1495055229.643177f1-3.1
samba-4.6.7+git.38.90b2cdb4f22-3.1
samba-client-4.6.7+git.38.90b2cdb4f22-3.1
samba-client-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
samba-core-devel-4.6.7+git.38.90b2cdb4f22-3.1
samba-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
samba-debugsource-4.6.7+git.38.90b2cdb4f22-3.1
samba-libs-4.6.7+git.38.90b2cdb4f22-3.1
samba-libs-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
samba-pidl-4.6.7+git.38.90b2cdb4f22-3.1
samba-python-4.6.7+git.38.90b2cdb4f22-3.1
samba-python-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
samba-test-4.6.7+git.38.90b2cdb4f22-3.1
samba-test-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
samba-winbind-4.6.7+git.38.90b2cdb4f22-3.1
samba-winbind-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
– openSUSE Leap 42.3 (noarch):
monitoring-plugins-metadata-4.0.1+git.1495055229.643177f1-3.1
samba-doc-4.6.7+git.38.90b2cdb4f22-3.1
– openSUSE Leap 42.3 (x86_64):
libdcerpc-binding0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc-binding0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc-samr0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc-samr0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libdcerpc0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libndr-krb5pac0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libndr-krb5pac0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libndr-nbt0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libndr-nbt0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libndr-standard0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libndr-standard0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libndr0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libndr0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libnetapi0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libnetapi0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-credentials0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-credentials0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-errors0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-errors0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-hostconfig0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-hostconfig0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-passdb0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-passdb0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-policy0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-policy0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-util0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamba-util0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamdb0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsamdb0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsmbclient0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsmbclient0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsmbconf0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsmbconf0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsmbldap0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libsmbldap0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libtevent-util0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libtevent-util0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libwbclient0-32bit-4.6.7+git.38.90b2cdb4f22-3.1
libwbclient0-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
samba-ceph-4.6.7+git.38.90b2cdb4f22-3.1
samba-ceph-debuginfo-4.6.7+git.38.90b2cdb4f22-3.1
samba-client-32bit-4.6.7+git.38.90b2cdb4f22-3.1
samba-client-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
samba-libs-32bit-4.6.7+git.38.90b2cdb4f22-3.1
samba-libs-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
samba-winbind-32bit-4.6.7+git.38.90b2cdb4f22-3.1
samba-winbind-debuginfo-32bit-4.6.7+git.38.90b2cdb4f22-3.1
References:
https://www.suse.com/security/cve/CVE-2017-11103.html
https://bugzilla.suse.com/1048278
https://bugzilla.suse.com/1048339
https://bugzilla.suse.com/1048352
https://bugzilla.suse.com/1048387
https://bugzilla.suse.com/1048790
https://bugzilla.suse.com/1052577
https://bugzilla.suse.com/1054017
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org