SUSE-SU-2018:2318-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2018/suse-su-20182318-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:2318-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2018:2318-1
Related
Published
2018-08-14T09:53:11Z
Modified
2018-08-14T09:53:11Z
Summary
Security update for samba
Details

This update for samba fixes the following issues:

The following security vulnerabilities were fixed:

  • CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't allow it; (bsc#1095048)
  • CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes; (bsc#1095056)
  • CVE-2018-10919: Confidential attribute disclosure via substring search; (bsc#1095057)
  • CVE-2018-10858: smbc_urlencode helper function is a subject to buffer overflow; (bsc#1103411)
  • CVE-2018-10918: Fix NULL ptr dereference in DsCrackNames on a user without a SPN; (bsc#1103414)
References

Affected packages

SUSE:Linux Enterprise Module for Basesystem 15 / samba

Package

Name
samba
Purl
purl:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.7.8+git.86.94b6d10f7dd-4.15.1

Ecosystem specific 

{
    "binaries": [
        {
            "libsamba-credentials0": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "samba-libs": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libdcerpc-binding0": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libsamba-util0": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libsamba-policy-devel": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libwbclient-devel": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libsamba-credentials-devel": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libsamba-passdb-devel": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libsmbldap2": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libsamba-errors0": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "samba-core-devel": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libnetapi-devel": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libsmbconf-devel": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "samba-client": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libtevent-util0": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libsamba-hostconfig-devel": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libndr-devel": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "samba-winbind": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libsamdb0": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libsamba-passdb0": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libndr-nbt-devel": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libwbclient0": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "samba": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libdcerpc-samr0": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libsamdb-devel": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libtevent-util-devel": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libdcerpc0": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libsamba-util-devel": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libsamba-hostconfig0": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libndr-standard-devel": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libsamba-policy0": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libndr0": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libdcerpc-devel": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libsmbclient-devel": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libndr-krb5pac0": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libndr-standard0": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libsamba-errors-devel": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libnetapi0": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libndr-krb5pac-devel": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libsmbconf0": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libdcerpc-samr-devel": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libndr-nbt0": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libsmbldap-devel": "4.7.8+git.86.94b6d10f7dd-4.15.1",
            "libsmbclient0": "4.7.8+git.86.94b6d10f7dd-4.15.1"
        }
    ]
}

SUSE:Linux Enterprise High Availability Extension 15 / samba

Package

Name
samba
Purl
purl:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.7.8+git.86.94b6d10f7dd-4.15.1

Ecosystem specific 

{
    "binaries": [
        {
            "ctdb": "4.7.8+git.86.94b6d10f7dd-4.15.1"
        }
    ]
}