SUSE-SU-2023:0122-1: important: Security update for samba
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Mon Jan 23 14:15:36 UTC 2023
SUSE Security Update: Security update for samba
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0122-1
Rating: important
References: #1173994 #1201496 #1205385 #1206504 #1206546
Cross-References: CVE-2020-14323 CVE-2021-20251 CVE-2022-32742
CVE-2022-37966 CVE-2022-38023
CVSS scores:
CVE-2020-14323 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-14323 (SUSE): 5 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
CVE-2021-20251 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-32742 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-32742 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-37966 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-37966 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-38023 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-38023 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Server 12-SP2-BCL
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update for samba fixes the following issues:
- CVE-2021-20251: Fixed an issue where the bad password count would not be
properly incremented, which could allow attackers to brute force a
user's password (bsc#1206546).
- CVE-2022-38023: Disabled weak ciphers by default in the Netlogon Secure
channel (bsc#1206504).
- CVE-2022-37966: Fixed an issue where a weak cipher would be selected to
encrypt session keys, which could lead to privilege escalation
(bsc#1205385).
- CVE-2020-14323: Fixed a denial of service in winbindd (bsc#1173994).
- CVE-2022-32742: Fixed incorrect length check in SMB1write,
SMB1write_and_close, SMB1write_and_unlock (bsc#1201496).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 12-SP2-BCL:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2023-122=1
Package List:
- SUSE Linux Enterprise Server 12-SP2-BCL (noarch):
samba-doc-4.4.2-38.55.1
- SUSE Linux Enterprise Server 12-SP2-BCL (x86_64):
libdcerpc-binding0-32bit-4.4.2-38.55.1
libdcerpc-binding0-4.4.2-38.55.1
libdcerpc-binding0-debuginfo-32bit-4.4.2-38.55.1
libdcerpc-binding0-debuginfo-4.4.2-38.55.1
libdcerpc0-32bit-4.4.2-38.55.1
libdcerpc0-4.4.2-38.55.1
libdcerpc0-debuginfo-32bit-4.4.2-38.55.1
libdcerpc0-debuginfo-4.4.2-38.55.1
libndr-krb5pac0-32bit-4.4.2-38.55.1
libndr-krb5pac0-4.4.2-38.55.1
libndr-krb5pac0-debuginfo-32bit-4.4.2-38.55.1
libndr-krb5pac0-debuginfo-4.4.2-38.55.1
libndr-nbt0-32bit-4.4.2-38.55.1
libndr-nbt0-4.4.2-38.55.1
libndr-nbt0-debuginfo-32bit-4.4.2-38.55.1
libndr-nbt0-debuginfo-4.4.2-38.55.1
libndr-standard0-32bit-4.4.2-38.55.1
libndr-standard0-4.4.2-38.55.1
libndr-standard0-debuginfo-32bit-4.4.2-38.55.1
libndr-standard0-debuginfo-4.4.2-38.55.1
libndr0-32bit-4.4.2-38.55.1
libndr0-4.4.2-38.55.1
libndr0-debuginfo-32bit-4.4.2-38.55.1
libndr0-debuginfo-4.4.2-38.55.1
libnetapi0-32bit-4.4.2-38.55.1
libnetapi0-4.4.2-38.55.1
libnetapi0-debuginfo-32bit-4.4.2-38.55.1
libnetapi0-debuginfo-4.4.2-38.55.1
libsamba-credentials0-32bit-4.4.2-38.55.1
libsamba-credentials0-4.4.2-38.55.1
libsamba-credentials0-debuginfo-32bit-4.4.2-38.55.1
libsamba-credentials0-debuginfo-4.4.2-38.55.1
libsamba-errors0-32bit-4.4.2-38.55.1
libsamba-errors0-4.4.2-38.55.1
libsamba-errors0-debuginfo-32bit-4.4.2-38.55.1
libsamba-errors0-debuginfo-4.4.2-38.55.1
libsamba-hostconfig0-32bit-4.4.2-38.55.1
libsamba-hostconfig0-4.4.2-38.55.1
libsamba-hostconfig0-debuginfo-32bit-4.4.2-38.55.1
libsamba-hostconfig0-debuginfo-4.4.2-38.55.1
libsamba-passdb0-32bit-4.4.2-38.55.1
libsamba-passdb0-4.4.2-38.55.1
libsamba-passdb0-debuginfo-32bit-4.4.2-38.55.1
libsamba-passdb0-debuginfo-4.4.2-38.55.1
libsamba-util0-32bit-4.4.2-38.55.1
libsamba-util0-4.4.2-38.55.1
libsamba-util0-debuginfo-32bit-4.4.2-38.55.1
libsamba-util0-debuginfo-4.4.2-38.55.1
libsamdb0-32bit-4.4.2-38.55.1
libsamdb0-4.4.2-38.55.1
libsamdb0-debuginfo-32bit-4.4.2-38.55.1
libsamdb0-debuginfo-4.4.2-38.55.1
libsmbclient0-32bit-4.4.2-38.55.1
libsmbclient0-4.4.2-38.55.1
libsmbclient0-debuginfo-32bit-4.4.2-38.55.1
libsmbclient0-debuginfo-4.4.2-38.55.1
libsmbconf0-32bit-4.4.2-38.55.1
libsmbconf0-4.4.2-38.55.1
libsmbconf0-debuginfo-32bit-4.4.2-38.55.1
libsmbconf0-debuginfo-4.4.2-38.55.1
libsmbldap0-32bit-4.4.2-38.55.1
libsmbldap0-4.4.2-38.55.1
libsmbldap0-debuginfo-32bit-4.4.2-38.55.1
libsmbldap0-debuginfo-4.4.2-38.55.1
libtevent-util0-32bit-4.4.2-38.55.1
libtevent-util0-4.4.2-38.55.1
libtevent-util0-debuginfo-32bit-4.4.2-38.55.1
libtevent-util0-debuginfo-4.4.2-38.55.1
libwbclient0-32bit-4.4.2-38.55.1
libwbclient0-4.4.2-38.55.1
libwbclient0-debuginfo-32bit-4.4.2-38.55.1
libwbclient0-debuginfo-4.4.2-38.55.1
samba-4.4.2-38.55.1
samba-client-32bit-4.4.2-38.55.1
samba-client-4.4.2-38.55.1
samba-client-debuginfo-32bit-4.4.2-38.55.1
samba-client-debuginfo-4.4.2-38.55.1
samba-debuginfo-4.4.2-38.55.1
samba-debugsource-4.4.2-38.55.1
samba-libs-32bit-4.4.2-38.55.1
samba-libs-4.4.2-38.55.1
samba-libs-debuginfo-32bit-4.4.2-38.55.1
samba-libs-debuginfo-4.4.2-38.55.1
samba-winbind-32bit-4.4.2-38.55.1
samba-winbind-4.4.2-38.55.1
samba-winbind-debuginfo-32bit-4.4.2-38.55.1
samba-winbind-debuginfo-4.4.2-38.55.1
References:
https://www.suse.com/security/cve/CVE-2020-14323.html
https://www.suse.com/security/cve/CVE-2021-20251.html
https://www.suse.com/security/cve/CVE-2022-32742.html
https://www.suse.com/security/cve/CVE-2022-37966.html
https://www.suse.com/security/cve/CVE-2022-38023.html
https://bugzilla.suse.com/1173994
https://bugzilla.suse.com/1201496
https://bugzilla.suse.com/1205385
https://bugzilla.suse.com/1206504
https://bugzilla.suse.com/1206546
More information about the sle-security-updates
mailing list