ELSA-2018-1860

ULN >
Oracle Linux Errata repository >
ELSA-2018-1860

ELSA-2018-1860 - samba security and bug fix update

Type:	SECURITY
Severity:	LOW
Release Date:	2018-06-25

Description

[3.6.23-51.0.1]
- Remove use-after-free talloc_tos() inlined function problem (John Haxby) [orabug 18253258]

[3.6.24-51]
- resolves: #1513877 - Fix memory leak in winbind

[3.6.24-50]
- resolves: #1553018 - Fix CVE-2018-1050

[3.6.24-49]
- resolves: #1536053 - Fix regression with non-wide symlinks to directories

[3.6.24-48]
- resolves: #1519884 - Fix segfault in winbind when querying groups

[3.6.24-47]
- resolves: #1413484 - Fix guest login with signing required

[3.6.24-46]
- resolves: #1509455 - Fix regression of CVE-2017-2619

[3.6.24-45]
- resolves: #1491211 - CVE-2017-2619 CVE-2017-12150 CVE-2017-12163

[3.6.24-44]
- resolves: #1451105 - Fix trusted domain handling in winbind
- resolves: #1431000 - Fix crash while trying to authenticate with a disabled
account
- resolves: #1467395 - Add 'winbind request timeout' option

[3.6.23-43]
- resolves: #1450783 - Fix CVE-2017-7494

[3.6.23-42]
- resolves: #1391256 - Performance issues with vfs_dirsort and extended
attributes

[3.6.23-41]
- resolves: #1413672 - Auth regression after secret changed

[3.6.23-40]
- resolves: #1405356 - CVE-2016-2125 CVE-2016-2126

[3.6.23-39]
- resolves: #1297805 - Fix issues with printer unpublishing from AD

[3.6.23-38]
- resolves: #1347843 - Fix RPC queryUserList returning NO_MEMORY for
empty list

[3.6.23-37]
- resolves: #1380151 - Fix memory leak in idmap_ad module
- resolves: #1333561 - Fix smbclient connection issues to DFS shares
- resolves: #1372611 - Allow ntlmsssp session key setup without signing
(Workaround for broken NetApp and EMC NAS)

[3.6.23-35]
- resolves: #1282289 - Fix winbind memory leak with each cached creds login

[3.6.23-34]
- resolves: #1327697 - Fix netlogon credential checks
- resolves: #1327746 - Fix dcerpc trailer verificaton

[3.6.23-33]
- related: #1322687 - Update CVE patchset

[3.6.23-32]
- related: #1322687 - Update manpages

[3.6.23-31]
- related: #1322687 - Update CVE patchset

[3.6.23-30]
- related: #1322687 - Update CVE patchset

[3.6.23-29]
- resolves: #1322687 - Fix CVE-2015-5370
- resolves: #1322687 - Fix CVE-2016-2110
- resolves: #1322687 - Fix CVE-2016-2111
- resolves: #1322687 - Fix CVE-2016-2112
- resolves: #1322687 - Fix CVE-2016-2115
- resolves: #1322687 - Fix CVE-2016-2118 (Known as Badlock)

[3.6.23-28]
- resolves: #1305870 - Fix symlink verification

[3.6.23-27]
- resolves: #1314671 - Fix CVE-2015-7560

[3.6.23-26]
- resolves: #1211744 - Fix DFS client access with Windows Server 2008

[3.6.23-25]
- resolves: #1242614 - Fix unmappable S-1-18-1 sid truncates group lookups

[3.6.23-24]
- resolves: #1271763 - Fix segfault in NTLMv2_generate_names_blob()
- resolves: #1261265 - Add '--no-dns-updates' option for 'net ads join'

[3.6.23-23]
- resolves: #1290707 - CVE-2015-5299
- related: #1290707 - CVE-2015-5296
- related: #1290707 - CVE-2015-5252
- related: #1290707 - CVE-2015-5330

[3.6.23-22]
- resolves: #1232021 - Do not overwrite smb.conf manpage
- resolves: #1216060 - Document netbios name length limitations
- resolves: #1234249 - Fix 'map to guest = Bad Uid' option
- resolves: #1219570 - Fix 'secuirtiy = server' (obsolete) share access
- resolves: #1211657 - Fix stale cache entries if a printer gets renamed

[3.6.23-21]
- resolves: #1252180 - Fix 'force group' with 'winbind use default domain'.
- resolves: #1250100 - Fix segfault in pam_winbind if option parsing fails
- resolves: #1222985 - Fix segfault with 'mangling method = hash' option

[3.6.23-20]
- resolves: #1164269 - Fix rpcclient timeout command.

[3.6.23-19]
- resolves: #1201611 - Fix 'force user' with 'winbind use default domain'.

[3.6.23-18]
- resolves: #1194549 - Fix winbind caching issue and support SID compression.

[3.6.23-17]
- resolves: #1192211 - Fix restoring shadow copy snapshot with SMB2.

[3.6.23-16]
- resolves: #1117059 - Fix nss group enumeration with unresolved groups.

[3.6.23-15]
- resolves: #1165750 - Fix guid retrieval for published printers.
- resolves: #1163383 - Fix 'net ads join -k' with existing keytab entries.
- resolves: #1195456 - Fix starting daemons on read only filesystems.
- resolves: #1138552 - Fix CPU utilization when re-reading the printcap info.
- resolves: #1144916 - Fix smbclient NTLMv2 authentication.
- resolves: #1164336 - Document 'sharesec' command for
'access based share enum' option.

[3.6.23-14]
- related: #1191339 - Update patchset for CVE-2015-0240.

[3.6.23-13]
- resolves: #1191339 - CVE-2015-0240: RCE in netlogon.

[3.6.23-12]
- resolves: #1127723 - Fix samlogon secure channel recovery.

[3.6.23-11]
- resolves: #1129006 - Add config variables to set spoolss os version.

[3.6.23-10]
- resolves: #1124835 - Fix dropbox share.

[3.6.23-9]
- related: #1053886 - Fix receiving the gecos field with winbind.

[3.6.23-8]
- resolves: #1110733 - Fix write operations as guest with 'security = share'.
- resolves: #1053886 - Fix receiving the gecos field with winbind.

[3.6.23-7]
- resolves: #1107777 - Fix SMB2 with 'case sensitive = True'

[3.6.23-6]
- resolves: #1105500 - CVE-2014-0244: DoS in nmbd.
- resolves: #1108841 - CVE-2014-3493: DoS in smbd with unicode path names.

[3.6.23-5]
- related: #1061301 - Only link glusterfs libraries to vfs module.

[3.6.23-4]
- resolves: #1051656 - Fix gecos field copy debug warning.
- resolves: #1061301 - Add glusterfs vfs module.
- resolves: #1087472 - Fix libsmbclient crash when HOME variable isnt set.
- resolves: #1099443 - 'net ads testjoin' fails with IPv6.
- resolves: #1100670 - Fix 'force user' with 'security = ads'.
- resolves: #1096522 - Fix enabling SMB2 causes file operations to fail.

[3.6.23-3]
- resolves: #1081539 - Add timeout option to smbclient.

[3.6.23-2]
- resolves: #1022534 - Do not build Samba with fam support.
- resolves: #1059301 - Fix nbt query with many components.
- resolves: #1057332 - Fix force user with guest account.
- resolves: #1021706 - Fix %G substitution in 'template homedir'.
- resolves: #1040472 - Fix group expansion in service path.
- resolves: #1069570 - Fix memory leak reading printer list.
- resolves: #1067607 - Fix wbinfo -i with one-way trusts.
- resolves: #1050887 - Fix 100% CPU utilization in winbindd when trying to
free memory in winbindd_reinit_after_fork.
- resolves: #1029000 - Fix 'force user' with 'security = ads'.

[3.6.23-1]
- resolves: #1073356 - Fix CVE-2013-4496, CVE-2012-6150 and CVE-2013-6442.
- resolves: #1018038 - Fix CVE-2013-4408.

[3.6.22-1]
- resolves: #1003921 - Rebase Samba to 3.6.22.
- resolves: #1035332 - Fix force user with 'security = user'.

Related CVEs

CVE-2018-1050

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 6 (i386)	samba-3.6.23-51.0.1.el6.src.rpm	981941192aab9ae6082e99ac3dbdebe6	ELBA-2019-3858
	libsmbclient-3.6.23-51.0.1.el6.i686.rpm	f93dceadf0b112720a55e85c92e6732d	ELBA-2019-3858
	libsmbclient-devel-3.6.23-51.0.1.el6.i686.rpm	4a0619586b0fdee87bc0c52c10e9094c	ELBA-2019-3858
	samba-3.6.23-51.0.1.el6.i686.rpm	44fb4b61b41ec4b0f3907abdefa3d384	ELBA-2019-3858
	samba-client-3.6.23-51.0.1.el6.i686.rpm	56646edaaad62d8f4a1bcf870ae16261	ELBA-2019-3858
	samba-common-3.6.23-51.0.1.el6.i686.rpm	b45c6b6ae41d7eebd07cbf2c28bce07a	ELBA-2019-3858
	samba-doc-3.6.23-51.0.1.el6.i686.rpm	2cc8c74f5957ed77936d255210314682	ELBA-2019-3858
	samba-domainjoin-gui-3.6.23-51.0.1.el6.i686.rpm	431ef6b53a712ca7b02e1f5249d5d859	ELBA-2019-3858
	samba-swat-3.6.23-51.0.1.el6.i686.rpm	e1212b92f621cf771006571f052386a2	ELBA-2019-3858
	samba-winbind-3.6.23-51.0.1.el6.i686.rpm	2cd09ebcea312ce9eafbfc81e14af6e9	ELBA-2019-3858
	samba-winbind-clients-3.6.23-51.0.1.el6.i686.rpm	474450a0380bbaade1ee68d67cd03198	ELBA-2019-3858
	samba-winbind-devel-3.6.23-51.0.1.el6.i686.rpm	0ffceab6fd129dc7239b7e96f4a29b7d	ELBA-2019-3858
	samba-winbind-krb5-locator-3.6.23-51.0.1.el6.i686.rpm	a08d81080aff635635f0049efc871b9b	ELBA-2019-3858

Oracle Linux 6 (x86_64)	samba-3.6.23-51.0.1.el6.src.rpm	981941192aab9ae6082e99ac3dbdebe6	ELBA-2019-3858
	libsmbclient-3.6.23-51.0.1.el6.i686.rpm	f93dceadf0b112720a55e85c92e6732d	ELBA-2019-3858
	libsmbclient-3.6.23-51.0.1.el6.x86_64.rpm	d333de5a50977ef50656036ad571566e	ELBA-2019-3858
	libsmbclient-devel-3.6.23-51.0.1.el6.i686.rpm	4a0619586b0fdee87bc0c52c10e9094c	ELBA-2019-3858
	libsmbclient-devel-3.6.23-51.0.1.el6.x86_64.rpm	0c75b8e890d50adc777e89d15094035d	ELBA-2019-3858
	samba-3.6.23-51.0.1.el6.x86_64.rpm	8a6514380cbbe70a35cfce5e6c0f14ed	ELBA-2019-3858
	samba-client-3.6.23-51.0.1.el6.x86_64.rpm	50a81048b4b9c95f20858efe39d41c64	ELBA-2019-3858
	samba-common-3.6.23-51.0.1.el6.i686.rpm	b45c6b6ae41d7eebd07cbf2c28bce07a	ELBA-2019-3858
	samba-common-3.6.23-51.0.1.el6.x86_64.rpm	5b58bff9df8248a672f1231f33dbfbdd	ELBA-2019-3858
	samba-doc-3.6.23-51.0.1.el6.x86_64.rpm	8c939558e11a23157d691ec7fe9199c0	ELBA-2019-3858
	samba-domainjoin-gui-3.6.23-51.0.1.el6.x86_64.rpm	cf43d1b4ed54964080320401fa10c346	ELBA-2019-3858
	samba-glusterfs-3.6.23-51.0.1.el6.x86_64.rpm	28f564214c68984a1ab2644b1f96c098	ELBA-2019-3858
	samba-swat-3.6.23-51.0.1.el6.x86_64.rpm	5e7aee969a78b812f6e21c7caeaccfee	ELBA-2019-3858
	samba-winbind-3.6.23-51.0.1.el6.x86_64.rpm	f27d092525d19f25b4af4e1bdf0c4501	ELBA-2019-3858
	samba-winbind-clients-3.6.23-51.0.1.el6.i686.rpm	474450a0380bbaade1ee68d67cd03198	ELBA-2019-3858
	samba-winbind-clients-3.6.23-51.0.1.el6.x86_64.rpm	6ebf155e6c078d5805a4e3201152e4eb	ELBA-2019-3858
	samba-winbind-devel-3.6.23-51.0.1.el6.i686.rpm	0ffceab6fd129dc7239b7e96f4a29b7d	ELBA-2019-3858
	samba-winbind-devel-3.6.23-51.0.1.el6.x86_64.rpm	b8741d0bc4d4b52c6aa8f70cd41b245a	ELBA-2019-3858
	samba-winbind-krb5-locator-3.6.23-51.0.1.el6.x86_64.rpm	c1e2256bf2203b9f1053b9debb3cd35c	ELBA-2019-3858

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691