==========================================================================
Ubuntu Security Notice USN-4018-1
June 19, 2019

samba vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 19.04

Summary:

Samba could be made to crash if it received specially crafted network
traffic.

Software Description:
– samba: SMB/CIFS file, print, and login server for Unix

Details:

It was discovered that Samba incorrectly handled certain RPC messages. A
remote attacker could possibly use this issue to cause Samba to crash,
resulting in a denial of service. (CVE-2019-12435)

It was discovered that Samba incorrectly handled LDAP pages searches. A
remote attacker could possibly use this issue to cause Samba to crash,
resulting in a denial of service. (CVE-2019-12436)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.04:
samba 2:4.10.0+dfsg-0ubuntu2.2

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4018-1
CVE-2019-12435, CVE-2019-12436

Package Information:
https://launchpad.net/ubuntu/+source/samba/2:4.10.0+dfsg-0ubuntu2.2

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl0KLuQACgkQZWnYVadE
vpMwphAApwd5urTScczUVLUKd2nMY5JHO6AT2kzuwLIyxbUrqxME/p+kxtti9HlP
5BSVwW0ezInReJVDhx5dwKPRYuq7/gnDV5GJsWihrsQNzoTYj4w1Fu2wJc6tf+cO
b8oTa1IeDRSkEnkpVxUooPW9VvcH0E4ukigamztFHLz74EVQWpWGstPlmcbmRbAU
TDyhfMSa8zq/d7qlUczm3y8UW1EAWHbpyzm5u86O/jWoOs5/ZYnkmRVdxicuROIB
U4Pc1WXT/4f17TVNl2ZRrL+PEWU50KXMWq3ICQoBOOLdrsbaLmCyXiw0tWdlFjpk
c2Oiz2de960zvSKE38GvY4+Zt+5gweK3aRam94mM56/hZGtXdx899AcMwuCeh49e
3Mp/Mh9Qd1v7AnV3lRzsgxeFLdAc2HhEjVdRoSlWk7C48ORCPuxrNRPOnufUtMwI
t6Z8UixZDbpe3IWVFs22GLv9ZjxJVYFx7h4wwPufq/3O27oZir89iKOus6+PaUAX
DwWTyjmI4Li6+qlYAd+DP1uUIpmnN1G+1JWljCoKZIrh2/SyHzBdPcMr1QMlmFB7
qoweckdAsvRY+R9eU6vmmNJAAQ948Rbz96VTSCUo15QghvShGVNnsOAGlw6qUEuF
J9vHxj8afCO4y7ytkbr77IggXsMEkItt0A1ot3jRJ7eyDkvVutc=
=uGgP
—–END PGP SIGNATURE—–
—