#11916: Samba-4.10.2
-------------------------+-----------------------
Reporter: renodr | Owner: renodr
Type: enhancement | Status: assigned
Priority: highest | Milestone: 8.5
Component: BOOK | Version: SVN
Severity: normal | Resolution:
Keywords: |
-------------------------+-----------------------
Changes (by renodr):
* owner: blfs-book => renodr
* priority: normal => highest
* status: new => assigned
Comment:
{{{
Release Announcements
---------------------
These are a security releases in order to address the following defects:
o CVE-2019-3870 (World writable files in Samba AD DC private/ dir)
o CVE-2019-3880 (Save registry file outside share as unprivileged user)
=======
Details
=======
o CVE-2019-3870:
During the provision of a new Active Directory DC, some files in the
private/
directory are created world-writable.
o CVE-2019-3880:
Authenticated users with write permission can trigger a symlink
traversal to
write or detect files outside the Samba share.
For more details and workarounds, please refer to the security advisories.
Changes:
--------
o Andrew Bartlett <[email protected]>
* BUG 13834: CVE-2019-3870: pysmbd: Ensure a zero umask is set for
smbd.mkdir().
o Jeremy Allison <[email protected]>
* BUG 13851: CVE-2018-14629: rpc: winreg: Remove implementations of
SaveKey/RestoreKey.
#######################################
Reporting bugs & Development Discussion
#######################################
Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical IRC channel on irc.freenode.net.
If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored. All bug reports should
be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
database (https://bugzilla.samba.org/).
======================================================================
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
======================================================================
================
Download Details
================
The uncompressed tarballs and patch files have been signed
using GnuPG (ID 6F33915B6568B7EA). The source code can be downloaded
from:
https://download.samba.org/pub/samba/stable/
The release notes are available online at:
https://www.samba.org/samba/history/samba-4.10.2.html
https://www.samba.org/samba/history/samba-4.9.6.html
https://www.samba.org/samba/history/samba-4.8.11.html
Our Code, Our Bugs, Our Responsibility.
(https://bugzilla.samba.org/)
--Enjoy
The Samba Team
}}}
{{{
Hi,
This is a heads-up that there will be Samba security updates on
Monday, April 8 2019. Please make sure that your Samba
servers will be updated soon after the release!
Impacted components:
- AD DC (CVSS 6.1, Medium)
- File Server (CVSS 6.3, Medium)
Andrew Bartlett
--
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Development and Support, Catalyst IT
https://catalyst.net.nz/services/samba
}}}
--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/11916#comment:1>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
