ALSA-2023:7139
- Source
- https://errata.almalinux.org/8/ALSA-2023-7139.html
- Import Source
- https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7139.json
- JSON Data
- https://api.osv.dev/v1/vulns/ALSA-2023:7139
- Related
- Published
- 2023-11-14T00:00:00Z
- Modified
- 2023-11-23T10:21:55Z
- Summary
- Moderate: samba security, bug fix, and enhancement update
- Details
-
Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.
The following packages have been upgraded to a later upstream version: samba (4.18.6). (BZ#2190417)
Security Fix(es):
- samba: out-of-bounds read in winbind AUTH_CRAP (CVE-2022-2127)
- samba: infinite loop in mdssvc RPC service for spotlight (CVE-2023-34966)
- samba: type confusion in mdssvc RPC service for spotlight (CVE-2023-34967)
- samba: spotlight server-side share path disclosure (CVE-2023-34968)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
- References
-
- https://access.redhat.com/errata/RHSA-2023:7139
- https://access.redhat.com/security/cve/CVE-2022-2127
- https://access.redhat.com/security/cve/CVE-2023-34966
- https://access.redhat.com/security/cve/CVE-2023-34967
- https://access.redhat.com/security/cve/CVE-2023-34968
- https://bugzilla.redhat.com/2222791
- https://bugzilla.redhat.com/2222793
- https://bugzilla.redhat.com/2222794
- https://bugzilla.redhat.com/2222795
- https://errata.almalinux.org/8/ALSA-2023-7139.html
Affected packages
AlmaLinux:8 / ctdb
Package
- Name
- ctdb
AlmaLinux:8 / libnetapi
Package
- Name
- libnetapi
AlmaLinux:8 / libnetapi-devel
Package
- Name
- libnetapi-devel
AlmaLinux:8 / libsmbclient
Package
- Name
- libsmbclient
AlmaLinux:8 / libsmbclient-devel
Package
- Name
- libsmbclient-devel
AlmaLinux:8 / libwbclient
Package
- Name
- libwbclient
AlmaLinux:8 / libwbclient-devel
Package
- Name
- libwbclient-devel
AlmaLinux:8 / python3-samba
Package
- Name
- python3-samba
AlmaLinux:8 / python3-samba-dc
Package
- Name
- python3-samba-dc
AlmaLinux:8 / python3-samba-devel
Package
- Name
- python3-samba-devel
AlmaLinux:8 / python3-samba-test
Package
- Name
- python3-samba-test
AlmaLinux:8 / samba
Package
- Name
- samba
AlmaLinux:8 / samba-client
Package
- Name
- samba-client
AlmaLinux:8 / samba-client-libs
Package
- Name
- samba-client-libs
AlmaLinux:8 / samba-common
Package
- Name
- samba-common
AlmaLinux:8 / samba-common-libs
Package
- Name
- samba-common-libs
AlmaLinux:8 / samba-common-tools
Package
- Name
- samba-common-tools
AlmaLinux:8 / samba-dc-libs
Package
- Name
- samba-dc-libs
AlmaLinux:8 / samba-dcerpc
Package
- Name
- samba-dcerpc
AlmaLinux:8 / samba-devel
Package
- Name
- samba-devel
AlmaLinux:8 / samba-krb5-printing
Package
- Name
- samba-krb5-printing
AlmaLinux:8 / samba-ldb-ldap-modules
Package
- Name
- samba-ldb-ldap-modules
AlmaLinux:8 / samba-libs
Package
- Name
- samba-libs
AlmaLinux:8 / samba-pidl
Package
- Name
- samba-pidl
AlmaLinux:8 / samba-test
Package
- Name
- samba-test
AlmaLinux:8 / samba-test-libs
Package
- Name
- samba-test-libs
AlmaLinux:8 / samba-tools
Package
- Name
- samba-tools
AlmaLinux:8 / samba-usershares
Package
- Name
- samba-usershares
AlmaLinux:8 / samba-vfs-iouring
Package
- Name
- samba-vfs-iouring
AlmaLinux:8 / samba-winbind
Package
- Name
- samba-winbind
AlmaLinux:8 / samba-winbind-clients
Package
- Name
- samba-winbind-clients
AlmaLinux:8 / samba-winbind-krb5-locator
Package
- Name
- samba-winbind-krb5-locator
AlmaLinux:8 / samba-winbind-modules
Package
- Name
- samba-winbind-modules