SUSE-SU-2017:3086-1

UNKNOWN

Security update for samba

Published Nov 24, 2017

Modified 8 years ago

Fix available

Details

This update for samba fixes the following issues:

Security issues fixed:

CVE-2017-14746: Fixed a use-after-free vulnerability that could be used to crash smbd or potentially execute code (bsc#1060427).
CVE-2017-15275: Fixed a server heap memory information leak (bsc#1063008).

Non-security issues fixed:

Update 'winbind expand groups' doc in smb.conf man page; (bsc#1027593).

Affected Packages(51 packages)

libdcerpc-atsvc0

SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Server 12 SP2SUSE Linux Enterprise Server for Raspberry Pi 12 SP2SUSE Linux Enterprise Server for SAP Applications 12 SP2

Fixed in:

4.2.4-28.24.1

samba

SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise High Availability Extension 12 SP1SUSE Linux Enterprise Server 12 SP1-LTSSSUSE Linux Enterprise Server 12 SP2SUSE Linux Enterprise Server for Raspberry Pi 12 SP2

Fixed in:

4.2.4-28.24.1

ctdb

SUSE Linux Enterprise High Availability Extension 12 SP1SUSE Linux Enterprise Server 12 SP1-LTSSSUSE Linux Enterprise Server for SAP Applications 12 SP1SUSE OpenStack Cloud 6

Fixed in:

4.2.4-28.24.1

libdcerpc-binding0

SUSE Linux Enterprise Server 12 SP1-LTSSSUSE Linux Enterprise Server for SAP Applications 12 SP1SUSE OpenStack Cloud 6

Fixed in:

4.2.4-28.24.1

libdcerpc-binding0-32bit

SUSE Linux Enterprise Server 12 SP1-LTSSSUSE Linux Enterprise Server for SAP Applications 12 SP1SUSE OpenStack Cloud 6

Fixed in:

4.2.4-28.24.1

libdcerpc0

SUSE Linux Enterprise Server 12 SP1-LTSSSUSE Linux Enterprise Server for SAP Applications 12 SP1SUSE OpenStack Cloud 6