Wednesday, April 29, 2020

[USN-4341-3] Samba regression

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl6pmB0ACgkQZWnYVadE
vpM+kg/+PUYEmkKl4XtvZ7gvG1F6IKwY8VaVg5gDGOpV4UhBXwY/qajYmMLVyNoy
p9sABjnpEEZBVKavQle5Nf+w6LPa94CffK4bYdt5oJihGa2No3cKzqLX8LTqO+qV
CZ4mWSvYN3GucHxiKbL1JvneYe7I6WnO9BbAIo+YEeoT7Abc2paUk5u+1iDeukvx
yTt+ZKU+xqjCsPI5eUeE0N42oz8zdiQuZ44mBXQo2/QybYOFvJ+m/9hmFn3CxNB3
dxN3PD9ePZ5qrIILHJA3n9eRe/vuv+pdJpO4/De5KSAJ4lb5D0kKaQRSGdnV3hGa
5HQO9RItni+cn/pcJzBpC87Znsc/W31iT9Cmo3vvEXEUWDgHwkmby/3Dhu6Aety0
5sDNoxYiKSCuuHlFdWghZ7LzY9mO9WNhNsjHl8UMobPVmtuw8rSMIq7OcMMRCVxz
CzHrBgXeWB/Hb1pkHmPhnAWJ30IRsFpnQahpHZS9eOHnypzh+eZlb4PTerq+zHVC
380klvVT0on9LigiPN9zB/48ZPxv47/3KQD0//gFaZnTIJbgp8j34GVuN9hshaqM
CUe9V/Oj06uBHEqzKQuVwSIc+BMOWRUrvTyeM32rf5GJdWXoenUQ9x9jGqLKMMZC
u3npb9c9aDOFyzHJ08F97yW431c/I5y4qQFlkJVPQxF66gbo0kk=
=LcOY
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-4341-3
April 29, 2020

samba regression
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS

Summary:

USN-4341-1 introduced a regression in Samba.

Software Description:
- samba: SMB/CIFS file, print, and login server for Unix

Details:

USN-4341-1 fixed vulnerabilities in Samba. The updated packages for
Ubuntu 16.04 LTS introduced a regression when using LDAP. This update fixes
the problem.

We apologize for the inconvenience.

Original advisory details:

It was discovered that Samba incorrectly handled certain LDAP queries. A
remote attacker could possibly use this issue to cause Samba to consume
resources, resulting in a denial of service. (CVE-2020-10704)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
samba 2:4.3.11+dfsg-0ubuntu0.16.04.27

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4341-3
https://usn.ubuntu.com/4341-1
https://launchpad.net/bugs/1875798

Package Information:
https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.27

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)