Bug 22765

Assigning to the registered maintainer, but CC'ing all packagers collectively, in case the maintainer is unavailable.

CC: (none) => marja11, pkg-bugs
Assignee: bugsquad => bgmilne

Fedora has issued advisories for this on March 14:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/TSEA6GWWGBHUTR2IVCLHKI5VCXTHRA3U/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/W4YHPBMSDW7MNTSL66Q2USGUGNTJKIW5/

They also updated ldb to 1.3.2 as part of this update.

Fedora advisory for samba 4.6.14 from March 20:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/3W6SCHFMINJOBDMPSQTSDO2ZG2AX67PC/

Ubuntu has issued an advisory for this on March 23:
https://usn.ubuntu.com/3595-2/

So CVE-2018-1050 also affects 3.6.x in Mageia 5.

Updates built by Buchan.  Thanks!

Advisory:
========================

Updated samba packages fix security vulnerabilities:

It was discovered that Samba is prone to a denial of service attack when the
RPC spoolss service is configured to be run as an external daemon
(CVE-2018-1050).

Bjoern Baumbach from Sernet discovered that on Samba 4 AD DC the LDAP server
incorrectly validates permissions to modify passwords over LDAP allowing
authenticated users to change any other users passwords, including
administrative users (CVE-2018-1057).

Note that Mageia 5 was only affected by the CVE-2018-1050 issue.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057
https://www.samba.org/samba/security/CVE-2018-1050.html
https://www.samba.org/samba/security/CVE-2018-1057.html
https://www.debian.org/security/2018/dsa-4135
========================

Updated packages in core/updates_testing:
========================
samba-server-3.6.25-2.8.mga5
samba-client-3.6.25-2.8.mga5
samba-common-3.6.25-2.8.mga5
samba-doc-3.6.25-2.8.mga5
samba-swat-3.6.25-2.8.mga5
samba-winbind-3.6.25-2.8.mga5
nss_wins-3.6.25-2.8.mga5
libsmbclient0-3.6.25-2.8.mga5
libsmbclient0-devel-3.6.25-2.8.mga5
libsmbclient0-static-devel-3.6.25-2.8.mga5
libnetapi0-3.6.25-2.8.mga5
libnetapi-devel-3.6.25-2.8.mga5
libsmbsharemodes0-3.6.25-2.8.mga5
libsmbsharemodes-devel-3.6.25-2.8.mga5
libwbclient0-3.6.25-2.8.mga5
libwbclient-devel-3.6.25-2.8.mga5
samba-virusfilter-clamav-3.6.25-2.8.mga5
samba-virusfilter-fsecure-3.6.25-2.8.mga5
samba-virusfilter-sophos-3.6.25-2.8.mga5
samba-domainjoin-gui-3.6.25-2.8.mga5
samba-4.6.12-1.1.mga6
samba-client-4.6.12-1.1.mga6
samba-common-4.6.12-1.1.mga6
samba-dc-4.6.12-1.1.mga6
libsamba-dc0-4.6.12-1.1.mga6
libkdc-samba4_2-4.6.12-1.1.mga6
libsamba-devel-4.6.12-1.1.mga6
samba-krb5-printing-4.6.12-1.1.mga6
libsamba1-4.6.12-1.1.mga6
libsmbclient0-4.6.12-1.1.mga6
libsmbclient-devel-4.6.12-1.1.mga6
libwbclient0-4.6.12-1.1.mga6
libwbclient-devel-4.6.12-1.1.mga6
python-samba-4.6.12-1.1.mga6
samba-pidl-4.6.12-1.1.mga6
samba-test-4.6.12-1.1.mga6
libsamba-test0-4.6.12-1.1.mga6
samba-winbind-4.6.12-1.1.mga6
samba-winbind-clients-4.6.12-1.1.mga6
samba-winbind-krb5-locator-4.6.12-1.1.mga6
samba-winbind-modules-4.6.12-1.1.mga6
ctdb-4.6.12-1.1.mga6
ctdb-tests-4.6.12-1.1.mga6

from SRPMS:
samba-3.6.25-2.8.mga5.src.rpm
samba-4.6.12-1.1.mga6.src.rpm

CC: pkg-bugs => bgmilne
Whiteboard: MGA6TOO => MGA5TOO
Assignee: bgmilne => qa-bugs
Version: Cauldron => 6

$ uname -a
Linux localhost 4.14.30-desktop-3.mga6 #1 SMP Sun Mar 25 23:26:07 UTC 2018 i686 i686 i686 GNU/Linux



The following 17 packages are going to be installed:

- libkdc-samba4_2-4.6.12-1.1.mga6.i586
- libsamba-dc0-4.6.12-1.1.mga6.i586
- libsamba-test0-4.6.12-1.1.mga6.i586
- libsamba1-4.6.12-1.1.mga6.i586
- libsmbclient0-4.6.12-1.1.mga6.i586
- libwbclient0-4.6.12-1.1.mga6.i586
- python-samba-4.6.12-1.1.mga6.i586
- samba-4.6.12-1.1.mga6.i586
- samba-client-4.6.12-1.1.mga6.i586
- samba-common-4.6.12-1.1.mga6.i586
- samba-dc-4.6.12-1.1.mga6.i586
- samba-krb5-printing-4.6.12-1.1.mga6.i586
- samba-test-4.6.12-1.1.mga6.i586
- samba-winbind-4.6.12-1.1.mga6.i586
- samba-winbind-clients-4.6.12-1.1.mga6.i586
- samba-winbind-krb5-locator-4.6.12-1.1.mga6.i586
- samba-winbind-modules-4.6.12-1.1.mga6.i586

4KB of additional disk space will be used.

13MB of packages will be retrieve


rebooted

---------

System is serving samba requests and supporting a/d file requests.

--------

Also tried client, seems to recognize the network, etc.

CC: (none) => brtians1
Whiteboard: MGA5TOO => MGA5TOO mga6-32-ok

mga5 is already at 3.6.25-2.8

http://advisories.mageia.org/MGASA-2018-0022.html

This update would appear to be redundant for mga5

CC: (none) => jim

Of course it's not redundant, we just forgot to update the subrel.

samba-3.6.25-2.9.mga5.src.rpm building now.

on mga5-64 4.4.114-desktop kde  

packages updated cleanly:
- lib64smbclient0-3.6.25-2.9.mga5.x86_64
- nss_wins-3.6.25-2.9.mga5.x86_64
- samba-client-3.6.25-2.9.mga5.x86_64
- samba-common-3.6.25-2.9.mga5.x86_64
- samba-server-3.6.25-2.9.mga5.x86_64

I only use samba for file sharing on my LAN.

After applying this update, shares on this system are still accessible by other devices and this system can access shares on other devices.

This update should perhaps be tested by someone who makes more extensive use of samba.

If this test is sufficient, I'll add the OK.

per IRC this test is enough. OK added

Whiteboard: MGA5TOO mga6-32-ok => MGA5TOO mga6-32-ok MGA5-64-OK

Thank you Brian & James for the testing. Advisoried, validating.

CC: (none) => sysadmin-bugs
Keywords: (none) => advisory, validated_update

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2018-0201.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED