Karolin Seeger
2018-Aug-14 08:33 UTC
[Samba] [Announce] Samba 4.8.4, 4.7.9 and 4.6.16 Security Releases Available for Download
Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2018-1139 (Weak authentication protocol allowed.) o CVE-2018-1140 (Denial of Service Attack on DNS and LDAP server.) o CVE-2018-10858 (Insufficient input validation on client directory listing in libsmbclient.) o CVE-2018-10918 (Denial of Service Attack on AD DC DRSUAPI server.) o CVE-2018-10919 (Confidential attribute disclosure from the AD LDAP server.) Samba 4.8.4 addresses all CVEs listed above, Samba 4.7.9 all except CVE 2018-1140 and 4.6.16 only CVE-2018-10858 and CVE-2018-10919. Please see the release notes for details. ======Details ====== o CVE-2018-1139: Vulnerability that allows authentication via NTLMv1 even if disabled. o CVE-2018-1140: Missing null pointer checks may crash the Samba AD DC, both over DNS and LDAP. o CVE-2018-10858: A malicious server could return a directory entry that could corrupt libsmbclient memory. o CVE-2018-10918: Missing null pointer checks may crash the Samba AD DC, over the authenticated DRSUAPI RPC service. o CVE-2018-10919: Missing access control checks allow discovery of confidential attribute values via authenticated LDAP search expressions. Changes: -------- o Jeremy Allison <jra at samba.org> * BUG 13453: CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against returns from malicious servers. o Andrew Bartlett <abartlet at samba.org> * BUG 13374: CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes, ldb: Release LDB 1.3.5 for CVE-2018-1140 * BUG 13552: CVE-2018-10918: cracknames: Fix DoS (NULL pointer de-ref) when not servicePrincipalName is set on a user. o Tim Beale <timbeale at catalyst.net.nz> * BUG 13434: CVE-2018-10919: acl_read: Fix unauthorized attribute access via searches. o Günther Deschner <gd at samba.org> * BUG 13360: CVE-2018-1139 libcli/auth: Do not allow ntlmv1 over SMB1 when it is disabled via "ntlm auth". o Andrej Gessel <Andrej.Gessel at janztec.com> * BUG 13374: CVE-2018-1140 Add NULL check for ldb_dn_get_casefold() in ltdb_index_dn_attr(). ####################################### Reporting bugs & Development Discussion ####################################### Please discuss this release on the samba-technical mailing list or by joining the #samba-technical IRC channel on irc.freenode.net. If you do report problems then please try to send high quality feedback. If you don't provide vital information to help us track down the problem then you will probably be ignored. All bug reports should be filed under the "Samba 4.1 and newer" product in the project's Bugzilla database (https://bugzilla.samba.org/). ======================================================================= Our Code, Our Bugs, Our Responsibility. == The Samba Team ===================================================================== ===============Download Details =============== The uncompressed tarballs and patch files have been signed using GnuPG (ID 6F33915B6568B7EA). The source code can be downloaded from: https://download.samba.org/pub/samba/stable/ The release notes are available online at: https://www.samba.org/samba/history/samba-4.8.4.html https://www.samba.org/samba/history/samba-4.7.9.html https://www.samba.org/samba/history/samba-4.6.16.html Our Code, Our Bugs, Our Responsibility. (https://bugzilla.samba.org/) --Enjoy The Samba Team -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 163 bytes Desc: not available URL: <http://lists.samba.org/pipermail/samba/attachments/20180814/4c3f3052/signature.sig>
Apparently Analagous Threads
- [Samba] [Announce] Samba 4.8.4, 4.7.9 and 4.6.16 Security Releases Available for Download
- [Announce] Samba 4.9.0rc4 Available for Download
- [Samba] [Announce] Samba 4.9.0rc4 Available for Download
- [Announce] Samba 4.9.0rc5 Available for Download
- [Samba] [Announce] Samba 4.9.0rc5 Available for Download