SUSE-SU-2023:3066-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:3066-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2023:3066-1
- Related
- Published
- 2023-07-31T13:09:54Z
- Modified
- 2023-07-31T13:09:54Z
- Summary
- Security update for samba
- Details
-
This update for samba fixes the following issues:
- CVE-2022-2127: Fixed issue where lmresplen was not checked properly in winbinddpamauthcrapsend (bsc#1213174).
- CVE-2023-34966: Fixed samba spotlight mdssvc RPC Request Infinite Loop Denial-of-Service Vulnerability (bsc#1213173).
- CVE-2023-34967: Fixed samba spotlight mdssvc RPC Request Type Confusion Denial-of-Service Vulnerability (bsc#1213172).
CVE-2023-34968: Fixed spotlight server-side Share Path Disclosure (bsc#1213171).
Bugfixes:
Fixed trust relationship failure (bsc#1213384).
- References
-
- https://www.suse.com/support/update/announcement/2023/suse-su-20233066-1/
- https://bugzilla.suse.com/1213171
- https://bugzilla.suse.com/1213172
- https://bugzilla.suse.com/1213173
- https://bugzilla.suse.com/1213174
- https://bugzilla.suse.com/1213384
- https://www.suse.com/security/cve/CVE-2022-2127
- https://www.suse.com/security/cve/CVE-2023-34966
- https://www.suse.com/security/cve/CVE-2023-34967
- https://www.suse.com/security/cve/CVE-2023-34968
Affected packages
SUSE:Enterprise Storage 7 / samba
Package
- Name
- samba
- Purl
- purl:rpm/suse/samba&distro=SUSE%20Enterprise%20Storage%207
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.13.13+git.643.8caa136952b-150200.3.26.3
Ecosystem specific
{
"binaries": [
{
"libsamba-credentials0": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"samba-ceph": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"samba-libs": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"libdcerpc0": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"libsamdb0": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"libndr-nbt0": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"libdcerpc-binding0": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"ctdb": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"libndr1": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"libsamba-util0": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"libwbclient0": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"libsamba-hostconfig0": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"libsmbldap2": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"libsamba-errors0": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"samba-client": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"libsmbconf0": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"libnetapi0": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"libndr-krb5pac0": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"libndr-standard0": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"libtevent-util0": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"samba-libs-python3": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"samba-winbind": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"samba": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"libsamba-passdb0": "4.13.13+git.643.8caa136952b-150200.3.26.3",
"libsmbclient0": "4.13.13+git.643.8caa136952b-150200.3.26.3"
}
]
}