SUSE-SU-2020:2673-1: important: Security update for samba
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Thu Sep 17 13:14:17 MDT 2020
SUSE Security Update: Security update for samba
______________________________________________________________________________
Announcement ID: SUSE-SU-2020:2673-1
Rating: important
References: #1141267 #1144902 #1154289 #1154598 #1158108
#1158109 #1160850 #1160852 #1160888 #1169850
#1169851 #1173159 #1173160 #1173359 #1174120
Cross-References: CVE-2019-10197 CVE-2019-10218 CVE-2019-14833
CVE-2019-14847 CVE-2019-14861 CVE-2019-14870
CVE-2019-14902 CVE-2019-14907 CVE-2019-19344
CVE-2020-10700 CVE-2020-10704 CVE-2020-10730
CVE-2020-10745 CVE-2020-10760 CVE-2020-14303
Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP5
SUSE Linux Enterprise Server 12-SP5
SUSE Linux Enterprise High Availability 12-SP5
______________________________________________________________________________
An update that fixes 15 vulnerabilities is now available.
Description:
This update for samba to version 4.10.17 fixes the following issues:
- Fixed net command unable to negotiate SMB2; (bsc#1174120);
- Update to 4.10.17
- CVE-2020-10745: Invalid DNS or NBT queries containing dots use several
seconds of CPU each; (bso#14378); (bsc#1173160).
- CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and
VLV combined; (bso#14364); (bsc#1173159).
- CVE-2020-10760: Fix use-after-free in AD DC Global Catalog LDAP server
with paged_result or VLV; (bso#14402); (1173161).
- CVE-2020-14303: Fix endless loop from empty UDP packet sent to AD DC
nbt_server; (bso#14417); (bsc#1173359).
- CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and
VLV combined, ldb: Bump version to 1.5.8; (bso#14364); (bsc#1173159).
- Update to 4.10.16 s3: lib: Paranoia around use of snprintf copying into
a fixed-size buffer from a getenv() pointer. lib:util: Fix smbclient -l
basename dir; (bso#14345). Malicous SMB1 server can crash libsmbclient;
(bso#14366). s3:libads: Fix ads_get_upn(); (bso#14336). docs-xml: Fix
usernames in pam_winbind manpages; (bso#14358). Client tools are not
able to read gencache anymore since 4.10; (bso#14370).
- Update to 4.10.15
- CVE-2020-10700: Fix use-after-free in AD DC LDAP server when ASQ and
paged_results combined; (bso#14331); (bsc#1169850).
- CVE-2020-10704: Fix LDAP Denial of Service (stack overflow) in Samba
AD DC; (bso#20454); (bsc#1169851).
- Update to 4.10.14 s3: lib: nmblib. Clean up and harden nmb packet
processing; (bso#14239). s3: VFS: full_audit. Use system session_info if
called from a temporary share definition; (bso#14283). nmblib: Avoid
undefined behaviour in handle_name_ptrs(); (bso#20193). dsdb: Correctly
handle memory in objectclass_attrs; (bso#14258). auth: Fix CID 1458418
Null pointer dereferences (REVERSE_INULL), auth: Fix CID 1458420 Null
pointer dereferences (REVERSE_INULL); (bso#14247). winbind member
(source3) fails local SAM auth with empty domain name; (bso#14247).
winbindd: Handling missing idmap in getgrgid(); (bso#14265). lib:util:
Log mkdir error on correct debug levels; (bso#14253). wafsamba: Do not
use 'rU' as the 'U' is deprecated in Python 3.9; (bso#14266). ctdb-tcp:
Make error handling for outbound connection consistent; (bso#14274).
Starting ctdb node that was powered off hard before results in recovery
loop; (bso#14295).
- Update to 4.10.13 s3: libsmb: Ensure SMB1 cli_qpathinfo2() doesn't
return an inode number; (bso#14161). s3: utils: smbtree. Ensure we don't
call cli_RNetShareEnum()
on an SMB1 connection; (bso#14174). s3: libsmb: Ensure return from
net_share_enum_rpc() sets cli->raw_status on error; (bso#14176). s3:
smbd: SMB2 - Ensure we use the correct session_id if encrypting an
interim response; (bso#14189). s3: smbd: Only set
xconn->smb1.negprot.done = true after
supported_protocols[protocol].proto_reply_fn() succeeds; (bso#14205).
pygpo: Use correct method flags; (bso#14209). s3: Remove now unneeded
call to cmdline_messaging_context(); (bso#13925). Incomplete
conversion of former parametric options; (bso#14069). Fix sync
dosmode fallback in async dosmode codepath; (bso#14070). vfs_fruit
returns capped resource fork length; (bso#14171). s3:printing: Fix %J
substition; (bso#13745). libnet_join: Add SPNs for
additional-dns-hostnames entries; (bso#14116). Avoiding bad call
flags with python 3.8, using METH_NOARGS instead of zero;
(bso#14209). docs-xml/winbindnssinfo: Clarify interaction with
idmap_ad etc; (bso#14122). ctdb-tcp: Close inflight connecting TCP
sockets after fork; (bso#14175). s4:dirsync: Fix interaction of
dirsync and extended_dn controls; (bso#14153). upgradedns: Ensure
lmdb lock files linked; (bso#14199). s3: VFS: glusterfs: Reset nlinks
for symlink entries during readdir; (bso#14182). wscript: Remove
checks for shm_open and shmget; (bso#14140). libsmbclient:
smbc_stat() doesn't return the correct st_mode and also the uid/gid
is not filled (SMBv1); (bso#14101). replace: Only link libnsl and
libsocket if required; (bso#14168). librpc: Fix string length
checking in ndr_pull_charset_to_null(); (bso#14219). heimdal-build:
Avoid hard-coded /usr/include/heimdal in asn1_compile-generated code;
(bso#13856). ctdb-tcp: Drop tracking of file descriptor for incoming
connections; (bso#14175). ctdb-scripts: Strip square brackets when
gathering connection info; (bso#14227).
- Update to 4.10.12
- CVE-2019-14902: Replication of ACLs down subtree on AD Directory not
automatic; (bso#12497); (bsc#1160850);
- CVE-2019-14907: lib/util: Do not print the failed to convert string
into the logs; (bso#14208); (bsc#1160888).
- CVE-2019-19344: kcc dns scavenging: Fix use after free in
dns_tombstone_records_zone; (bso#14050); (bsc#1160852).
- Update to 4.10.11
- CVE-2019-14861: Fix DNSServer RPC server crash; (bso#14138);
(bsc#1158108).
- CVE-2019-14870: DelegationNotAllowed not being enforced; (bso#14187);
(bsc#1158109).
- Update to 4.10.10
- CVE-2019-10218 - s3: libsmb: Protect SMB1 and SMB2 client code from
evil server returned names; (bso#14071); (bsc#1144902).
- CVE-2019-14833: Use utf8 characters in the unacceptable password;
(bso#12438); (bsc#1154289).
- CVE-2019-14847 dsdb: Correct behaviour of ranged_results when
combined with dirsync; (bso#14040); (bsc#1154598).
- CVE-2019-14833 dsdb: Send full password to check password script;
(bso#12438); (bsc#1154289).
- Update to 4.10.9 Different Device Id for GlusterFS FUSE mount is causing
data loss in CTDB cluster; (bso#13972). winbind: Provide passwd struct
for group sid with ID_TYPE_BOTH mapping (again); (bso#14141).
smbc_readdirplus() is incompatible with smbc_telldir() and
smbc_lseekdir(); (bso#14094). s3: smbclient: Stop an SMB2-connection
from blundering into SMB1-specific calls; (bso#14152). s4/scripting:
MORE py3 compatible print functions. ldb: Release ldb 1.5.6;
(bso#13978). undoduididx: Add "or later" to warning about using tools
from Samba 4.8; (bso#13978). ldb_tdb fails to check error return when
parsing pack formats; (bso#13959). ctdb: Fix compilation on systems with
glibc robust mutexes; (bso#14038). GPO security filtering based on the
groups in Kerberos PAC (but primary group is missing); (bso#11362). Fix
spnego fallback from kerberos to ntlmssp in smbd server; (bso#14106).
s3-winbindd: fix forest trusts with additional trust attributes;
(bso#14130). vfs_glusterfs: Use pthreadpool for scheduling aio
operations; (bso#14098). ldb: baseinfo pack format check on init;
(bso#13977). ldb: ldbdump key and pack format version comments;
(bso#13978). Overlinking libreplace against librt and pthread against
every binary or library causes issues; (bso#14140). ctdb-vacuum: Process
all records not deleted on a remote node; (bso#14147). classicupgrade:
Fix uncaught exception; (bso#14136). fault.c: Improve fault_report
message text pointing to our wiki; (bso#14139). s3:client:Use
DEVICE_URI, instead of argv[0],for Device URI; (bso#14128). We should
send SMB2_NETNAME_NEGOTIATE_CONTEXT_ID negotiation context; (bso#14055).
'pam_winbind' with 'krb5_auth' or 'wbinfo -K' doesn't work for users of
trusted domains/forests principals" logic; (bso#14124). vfs_glusterfs:
Enable profiling for file system operations; (bso#14093). vfs_gpfs:
Implement special case for denying owner access to ACL; (bso#14032).
Joining Active Directory should not use SAMR to set the password;
(bso#13884). s3:libsmb: Do not check the SPNEGO neg token for KRB5;
(bso#14106). Overlinking libreplace against librt and pthread against
every binary or library causes issues; (bso#14140). 'kpasswd' fails when
built with MIT Kerberos; (bso#14155). CTDB replies can be lost before
nodes are bidirectionally connected; (bso#14084). "ctdb stop" command
completes before databases are frozen; (bso#14087). ctdb-tools: Stop
deleted nodes from influencing ctdb nodestatus exit code; (bso#14129).
s3:ldap: Fix join with don't exists machine account; (bso#14007).
- Update to 4.10.8
- CVE-2019-10197: Permissions check deny can allow user to escape from
the share; (bso#14035); (bsc#1141267).
- CVE-2019-10197: Permissions check deny can allow user to escape from
the share; (bso#14035); (bsc#1141267).
- Update to 4.10.7 Unable to create or rename file/directory inside shares
configured with vfs_glusterfs_fuse module; (bso#14010). build: Allow
build when '--disable-gnutls' is set; (bso#13844). samba-tool: Add
'import samba.drs_utils' to fsmo.py; (bso#13973). Fix 'Error 32
determining PSOs in system' message on old DB with FL upgrade;
(bso#14008). s4/libnet: Fix joining a Windows pre-2008R2 DC;
(bso#14021). join: Use a specific attribute order for the DsAddEntry
nTDSDSA object; (bso#14046). vfs_catia: Pass stat info to
synthetic_smb_fname(); (bso#14015). lookup_name: Allow own domain lookup
when flags == 0; (bso#14091). s4 librpc rpc pyrpc: Ensure tevent_context
deleted last; (bso#13932). DEBUGC and DEBUGADDC doesn't print into a
class specific log file; (bso#13915). Request to keep deprecated option
"server schannel", VMWare Quickprep requires "auto"; (bso#13949).
dbcheck: Fallback to the default tombstoneLifetime of 180 days;
(bso#13967). dnsProperty fails to decode values from older Windows
versions; (bso#13969). samba-tool: Use only one LDAP modify for dns
partition fsmo role transfer; (bso#13973). third_party: Update waf to
version 2.0.17; (bso#13960). netcmd: Allow 'drs replicate --local' to
create partitions; (bso#14051). ctdb-config: Depend on /etc/ctdb/nodes
file; (bso#14017).
- Update to 4.10.6 s3: winbind: Fix crash when invoking winbind idmap
scripts; (bso#13956). smbd does not correctly parse arguments passed to
dfree and quota scripts; (bso#13964). samba-tool dns: use bytes for
inet_ntop; (bso#13965). samba-tool domain provision: Fix --interactive
module in python3; (bso#13828). ldb_kv: Skip @ records early in a search
full scan; (bso#13893). docs: Improve documentation of "lanman auth" and
"ntlm auth" connection; (bso#13981). python/ntacls: Use correct "state
directory" smb.conf option instead of "state dir"; (bso#14002).
registry: Add a missing include; (bso#13840). Fix SMB guest
authentication; (bso#13944). AppleDouble conversion breaks
Resourceforks; (bso#13958). vfs_fruit makes direct use of syscalls like
mmap() and pread(); (bso#13968). s3:mdssvc: Fix flex compilation error;
(bso#13987). s3/vfs_glusterfs[_fuse]: Avoid using NAME_MAX directly:;
(bso#13872). dsdb:samdb: schemainfo update with relax control;
(bso#13799). s3:util: Move static file_pload() function to lib/util;
(bso#13964). smbd: Fix a panic; (bso#13957). ldap server: Generate
correct referral schemes; (bso#12478). s4 dsdb/repl_meta_data: fix use
after free in dsdb_audit_add_ldb_value; (bso#13941). s4 dsdb: Fix use
after free in samldb_rename_search_base_callback; (bso#13942).
dsdb/repl: we need to replicate the whole schema before we can apply it;
(bso#12204). ldb: Release ldb 1.5.5; (bso#12478). Schema replication
fails if link crosses chunk boundary backwards; (bso#13713). 'samba-tool
domain schemaupgrade' uses relax control and skips the schemaInfo update
provision; (bso#13799). dsdb_audit: avoid printing "... remote host
[Unknown] SID [(NULL SID)] ..."; (bso#13916). python/ntacls: We only
need security.SEC_STD_READ_CONTROL in
order to get the ACL; (bso#13917). s3:loadparm: Ensure to truncate FS
Volume Label at multibyte boundary; (bso#13947). Using Kerberos
credentials to print using spoolss doesn't work; (bso#13939).
wafsamba: Use native waf timer; (bso#13998). ctdb-scripts: Fix
tcp_tw_recycle existence check; (bso#13984).
This update for ldb to version 1.5.8 fixes the following issues:
- Update to 1.5.8
- CVE-2020-10730: Fixed a null de-reference in AD DC LDAP server when
ASQ and VLV combined (bsc#1173159).
- Update to 1.5.7
- CVE-2020-10700: Fixed a use-after-free in AD DC LDAP server when ASQ
and paged_results combined (bsc#1169850).
- Update to 1.5.6
- Fix segfault parsing new pack formats or invalid packed data
- Check for new pack formats during startup
- Making ldbdump print out pack format info and keys so we have low
level visibility for testing in python
- Update to 1.5.5 LDAP_REFERRAL_SCHEME_OPAQUE was added Skip @ records
early in a search full scan
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 12-SP5:
zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-2673=1
- SUSE Linux Enterprise Server 12-SP5:
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-2673=1
- SUSE Linux Enterprise High Availability 12-SP5:
zypper in -t patch SUSE-SLE-HA-12-SP5-2020-2673=1
Package List:
- SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64):
ldb-debugsource-1.5.8-3.5.1
libldb-devel-1.5.8-3.5.1
libndr-devel-4.10.17+git.203.862547088ca-3.14.1
libndr-krb5pac-devel-4.10.17+git.203.862547088ca-3.14.1
libndr-nbt-devel-4.10.17+git.203.862547088ca-3.14.1
libndr-standard-devel-4.10.17+git.203.862547088ca-3.14.1
libsamba-util-devel-4.10.17+git.203.862547088ca-3.14.1
libsmbclient-devel-4.10.17+git.203.862547088ca-3.14.1
libwbclient-devel-4.10.17+git.203.862547088ca-3.14.1
python-ldb-1.5.8-3.5.1
python-ldb-debuginfo-1.5.8-3.5.1
python-ldb-devel-1.5.8-3.5.1
samba-core-devel-4.10.17+git.203.862547088ca-3.14.1
samba-debuginfo-4.10.17+git.203.862547088ca-3.14.1
samba-debugsource-4.10.17+git.203.862547088ca-3.14.1
- SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):
ldb-debugsource-1.5.8-3.5.1
ldb-tools-1.5.8-3.5.1
ldb-tools-debuginfo-1.5.8-3.5.1
libdcerpc-binding0-4.10.17+git.203.862547088ca-3.14.1
libdcerpc-binding0-debuginfo-4.10.17+git.203.862547088ca-3.14.1
libdcerpc0-4.10.17+git.203.862547088ca-3.14.1
libdcerpc0-debuginfo-4.10.17+git.203.862547088ca-3.14.1
libldb1-1.5.8-3.5.1
libldb1-debuginfo-1.5.8-3.5.1
libndr-krb5pac0-4.10.17+git.203.862547088ca-3.14.1
libndr-krb5pac0-debuginfo-4.10.17+git.203.862547088ca-3.14.1
libndr-nbt0-4.10.17+git.203.862547088ca-3.14.1
libndr-nbt0-debuginfo-4.10.17+git.203.862547088ca-3.14.1
libndr-standard0-4.10.17+git.203.862547088ca-3.14.1
libndr-standard0-debuginfo-4.10.17+git.203.862547088ca-3.14.1
libndr0-4.10.17+git.203.862547088ca-3.14.1
libndr0-debuginfo-4.10.17+git.203.862547088ca-3.14.1
libnetapi0-4.10.17+git.203.862547088ca-3.14.1
libnetapi0-debuginfo-4.10.17+git.203.862547088ca-3.14.1
libsamba-credentials0-4.10.17+git.203.862547088ca-3.14.1
libsamba-credentials0-debuginfo-4.10.17+git.203.862547088ca-3.14.1
libsamba-errors0-4.10.17+git.203.862547088ca-3.14.1
libsamba-errors0-debuginfo-4.10.17+git.203.862547088ca-3.14.1
libsamba-hostconfig0-4.10.17+git.203.862547088ca-3.14.1
libsamba-hostconfig0-debuginfo-4.10.17+git.203.862547088ca-3.14.1
libsamba-passdb0-4.10.17+git.203.862547088ca-3.14.1
libsamba-passdb0-debuginfo-4.10.17+git.203.862547088ca-3.14.1
libsamba-util0-4.10.17+git.203.862547088ca-3.14.1
libsamba-util0-debuginfo-4.10.17+git.203.862547088ca-3.14.1
libsamdb0-4.10.17+git.203.862547088ca-3.14.1
libsamdb0-debuginfo-4.10.17+git.203.862547088ca-3.14.1
libsmbclient0-4.10.17+git.203.862547088ca-3.14.1
libsmbclient0-debuginfo-4.10.17+git.203.862547088ca-3.14.1
libsmbconf0-4.10.17+git.203.862547088ca-3.14.1
libsmbconf0-debuginfo-4.10.17+git.203.862547088ca-3.14.1
libsmbldap2-4.10.17+git.203.862547088ca-3.14.1
libsmbldap2-debuginfo-4.10.17+git.203.862547088ca-3.14.1
libtevent-util0-4.10.17+git.203.862547088ca-3.14.1
libtevent-util0-debuginfo-4.10.17+git.203.862547088ca-3.14.1
libwbclient0-4.10.17+git.203.862547088ca-3.14.1
libwbclient0-debuginfo-4.10.17+git.203.862547088ca-3.14.1
samba-4.10.17+git.203.862547088ca-3.14.1
samba-client-4.10.17+git.203.862547088ca-3.14.1
samba-client-debuginfo-4.10.17+git.203.862547088ca-3.14.1
samba-debuginfo-4.10.17+git.203.862547088ca-3.14.1
samba-debugsource-4.10.17+git.203.862547088ca-3.14.1
samba-libs-4.10.17+git.203.862547088ca-3.14.1
samba-libs-debuginfo-4.10.17+git.203.862547088ca-3.14.1
samba-libs-python3-4.10.17+git.203.862547088ca-3.14.1
samba-libs-python3-debuginfo-4.10.17+git.203.862547088ca-3.14.1
samba-winbind-4.10.17+git.203.862547088ca-3.14.1
samba-winbind-debuginfo-4.10.17+git.203.862547088ca-3.14.1
- SUSE Linux Enterprise Server 12-SP5 (s390x x86_64):
libdcerpc-binding0-32bit-4.10.17+git.203.862547088ca-3.14.1
libdcerpc-binding0-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
libdcerpc0-32bit-4.10.17+git.203.862547088ca-3.14.1
libdcerpc0-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
libldb1-32bit-1.5.8-3.5.1
libldb1-debuginfo-32bit-1.5.8-3.5.1
libndr-krb5pac0-32bit-4.10.17+git.203.862547088ca-3.14.1
libndr-krb5pac0-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
libndr-nbt0-32bit-4.10.17+git.203.862547088ca-3.14.1
libndr-nbt0-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
libndr-standard0-32bit-4.10.17+git.203.862547088ca-3.14.1
libndr-standard0-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
libndr0-32bit-4.10.17+git.203.862547088ca-3.14.1
libndr0-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
libnetapi0-32bit-4.10.17+git.203.862547088ca-3.14.1
libnetapi0-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
libsamba-credentials0-32bit-4.10.17+git.203.862547088ca-3.14.1
libsamba-credentials0-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
libsamba-errors0-32bit-4.10.17+git.203.862547088ca-3.14.1
libsamba-errors0-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
libsamba-hostconfig0-32bit-4.10.17+git.203.862547088ca-3.14.1
libsamba-hostconfig0-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
libsamba-passdb0-32bit-4.10.17+git.203.862547088ca-3.14.1
libsamba-passdb0-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
libsamba-util0-32bit-4.10.17+git.203.862547088ca-3.14.1
libsamba-util0-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
libsamdb0-32bit-4.10.17+git.203.862547088ca-3.14.1
libsamdb0-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
libsmbclient0-32bit-4.10.17+git.203.862547088ca-3.14.1
libsmbclient0-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
libsmbconf0-32bit-4.10.17+git.203.862547088ca-3.14.1
libsmbconf0-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
libsmbldap2-32bit-4.10.17+git.203.862547088ca-3.14.1
libsmbldap2-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
libtevent-util0-32bit-4.10.17+git.203.862547088ca-3.14.1
libtevent-util0-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
libwbclient0-32bit-4.10.17+git.203.862547088ca-3.14.1
libwbclient0-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
samba-client-32bit-4.10.17+git.203.862547088ca-3.14.1
samba-client-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
samba-libs-32bit-4.10.17+git.203.862547088ca-3.14.1
samba-libs-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
samba-libs-python3-32bit-4.10.17+git.203.862547088ca-3.14.1
samba-libs-python3-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
samba-winbind-32bit-4.10.17+git.203.862547088ca-3.14.1
samba-winbind-debuginfo-32bit-4.10.17+git.203.862547088ca-3.14.1
- SUSE Linux Enterprise Server 12-SP5 (noarch):
samba-doc-4.10.17+git.203.862547088ca-3.14.1
- SUSE Linux Enterprise High Availability 12-SP5 (ppc64le s390x x86_64):
ctdb-4.10.17+git.203.862547088ca-3.14.1
ctdb-debuginfo-4.10.17+git.203.862547088ca-3.14.1
samba-debuginfo-4.10.17+git.203.862547088ca-3.14.1
samba-debugsource-4.10.17+git.203.862547088ca-3.14.1
References:
https://www.suse.com/security/cve/CVE-2019-10197.html
https://www.suse.com/security/cve/CVE-2019-10218.html
https://www.suse.com/security/cve/CVE-2019-14833.html
https://www.suse.com/security/cve/CVE-2019-14847.html
https://www.suse.com/security/cve/CVE-2019-14861.html
https://www.suse.com/security/cve/CVE-2019-14870.html
https://www.suse.com/security/cve/CVE-2019-14902.html
https://www.suse.com/security/cve/CVE-2019-14907.html
https://www.suse.com/security/cve/CVE-2019-19344.html
https://www.suse.com/security/cve/CVE-2020-10700.html
https://www.suse.com/security/cve/CVE-2020-10704.html
https://www.suse.com/security/cve/CVE-2020-10730.html
https://www.suse.com/security/cve/CVE-2020-10745.html
https://www.suse.com/security/cve/CVE-2020-10760.html
https://www.suse.com/security/cve/CVE-2020-14303.html
https://bugzilla.suse.com/1141267
https://bugzilla.suse.com/1144902
https://bugzilla.suse.com/1154289
https://bugzilla.suse.com/1154598
https://bugzilla.suse.com/1158108
https://bugzilla.suse.com/1158109
https://bugzilla.suse.com/1160850
https://bugzilla.suse.com/1160852
https://bugzilla.suse.com/1160888
https://bugzilla.suse.com/1169850
https://bugzilla.suse.com/1169851
https://bugzilla.suse.com/1173159
https://bugzilla.suse.com/1173160
https://bugzilla.suse.com/1173359
https://bugzilla.suse.com/1174120
More information about the sle-security-updates
mailing list