[prev in list] [next in list] [prev in thread] [next in thread]
List: samba-announce
Subject: [Announce] Samba 4.8.4, 4.7.9 and 4.6.16 Security Releases Available for Download
From: Karolin Seeger via samba-announce <samba-announce () lists ! samba ! org>
Date: 2018-08-14 8:33:42
Message-ID: 20180814083341.ujvqtgjdi2eotvxm () carrie2
[Download RAW message or body]
Release Announcements
---------------------
These are security releases in order to address the following defects:
o CVE-2018-1139 (Weak authentication protocol allowed.)
o CVE-2018-1140 (Denial of Service Attack on DNS and LDAP server.)
o CVE-2018-10858 (Insufficient input validation on client directory
listing in libsmbclient.)
o CVE-2018-10918 (Denial of Service Attack on AD DC DRSUAPI server.)
o CVE-2018-10919 (Confidential attribute disclosure from the AD LDAP
server.)
Samba 4.8.4 addresses all CVEs listed above, Samba 4.7.9 all except CVE 2018-1140 and \
4.6.16 only CVE-2018-10858 and CVE-2018-10919. Please see the release notes for \
details.
=======
Details
=======
o CVE-2018-1139:
Vulnerability that allows authentication via NTLMv1 even if disabled.
o CVE-2018-1140:
Missing null pointer checks may crash the Samba AD DC, both over
DNS and LDAP.
o CVE-2018-10858:
A malicious server could return a directory entry that could corrupt
libsmbclient memory.
o CVE-2018-10918:
Missing null pointer checks may crash the Samba AD DC, over the
authenticated DRSUAPI RPC service.
o CVE-2018-10919:
Missing access control checks allow discovery of confidential attribute
values via authenticated LDAP search expressions.
Changes:
--------
o Jeremy Allison <jra@samba.org>
* BUG 13453: CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against
returns from malicious servers.
o Andrew Bartlett <abartlet@samba.org>
* BUG 13374: CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query
with escapes crashes, ldb: Release LDB 1.3.5 for CVE-2018-1140
* BUG 13552: CVE-2018-10918: cracknames: Fix DoS (NULL pointer de-ref) when
not servicePrincipalName is set on a user.
o Tim Beale <timbeale@catalyst.net.nz>
* BUG 13434: CVE-2018-10919: acl_read: Fix unauthorized attribute access via
searches.
o Günther Deschner <gd@samba.org>
* BUG 13360: CVE-2018-1139 libcli/auth: Do not allow ntlmv1 over SMB1 when it
is disabled via "ntlm auth".
o Andrej Gessel <Andrej.Gessel@janztec.com>
* BUG 13374: CVE-2018-1140 Add NULL check for ldb_dn_get_casefold() in
ltdb_index_dn_attr().
#######################################
Reporting bugs & Development Discussion
#######################################
Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical IRC channel on irc.freenode.net.
If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored. All bug reports should
be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
database (https://bugzilla.samba.org/).
======================================================================
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
======================================================================
================
Download Details
================
The uncompressed tarballs and patch files have been signed
using GnuPG (ID 6F33915B6568B7EA). The source code can be downloaded
from:
https://download.samba.org/pub/samba/stable/
The release notes are available online at:
https://www.samba.org/samba/history/samba-4.8.4.html
https://www.samba.org/samba/history/samba-4.7.9.html
https://www.samba.org/samba/history/samba-4.6.16.html
Our Code, Our Bugs, Our Responsibility.
(https://bugzilla.samba.org/)
--Enjoy
The Samba Team
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic