SUSE-SU-2015:0386-1

Source
https://www.suse.com/support/update/announcement/2015/suse-su-20150386-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:0386-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2015:0386-1
Related
Published
2013-12-13T21:39:19Z
Modified
2013-12-13T21:39:19Z
Summary
Security update for Samba
Details

This update fixes the following security issues with Samba:

* bnc#844720: DCERPC frag_len not checked (CVE-2013-4408)
* bnc#853347: winbind pam security problem (CVE-2012-6150)
* bnc#848101: No access check verification on stream files
  (CVE-2013-4475)

And fixes the following non-security issues:

* bnc#853021: libsmbclient0 package description contains comments
* bnc#817880: rpcclient adddriver and setdrive do not set all needed
  registry entries
* bnc#838472: Client trying to delete print job fails: Samba returns:
  WERR_INVALID_PRINTER_NAME
* bnc#854520 and bnc#849226: various upstream fixes

Security Issue references:

* CVE-2012-6150
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6150>
* CVE-2013-4408
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408>
* CVE-2013-4475
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475>
References

Affected packages