Bug 26893

Note that there's also a bugfix update 4.12.5:
https://www.samba.org/samba/history/samba-4.12.5.html

Whiteboard: (none) => MGA7TOO

Cauldron:
SRPMS: 
ldb-2.1.4-1.mga8
samba-4.12.5-1.mga8

7 updates_testing:
SRPMS:
ldb-1.5.8-1.mga7
samba-4.10.17-1.mga7 (currently building)

Status: NEW => ASSIGNED
CC: (none) => bgmilne
Assignee: bgmilne => bugsquad

Advisory:
========================

Updated samba packages fix security vulnerabilities:

Andrew Bartlett discovered that Samba incorrectly handled certain LDAP queries.
A remote attacker could use this issue to cause Samba to crash, resulting in a
denial of service, or possibly execute arbitrary code (CVE-2020-10730).

Douglas Bagnall discovered that Samba incorrectly handled certain queries. A
remote attacker could possibly use this issue to cause a denial of service
(CVE-2020-10745).

Andrei Popa discovered that Samba incorrectly handled certain LDAP queries. A
remote attacker could use this issue to cause Samba to crash, resulting in a
denial of service, or possibly execute arbitrary code (CVE-2020-10760).

The AD DC NBT server in Samba 4.0 will enter a CPU spin and not process further
requests once it receives a empty (zero-length) UDP packet to port 137
(CVE-2020-14303).

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10730
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10745
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10760
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14303
https://www.samba.org/samba/security/CVE-2020-10730.html
https://www.samba.org/samba/security/CVE-2020-10745.html
https://www.samba.org/samba/security/CVE-2020-10760.html
https://www.samba.org/samba/security/CVE-2020-14303.html
https://www.samba.org/samba/history/samba-4.10.17.html
https://ubuntu.com/security/notices/USN-4409-1
========================

Updated packages in core/updates_testing:
========================
libldb1-1.5.8-1.mga7
ldb-utils-1.5.8-1.mga7
libldb-devel-1.5.8-1.mga7
python2-ldb-1.5.8-1.mga7
python3-ldb-1.5.8-1.mga7
libpyldb-util1-1.5.8-1.mga7
libpyldb-util-devel-1.5.8-1.mga7
samba-4.10.17-1.mga7
samba-client-4.10.17-1.mga7
samba-common-4.10.17-1.mga7
samba-dc-4.10.17-1.mga7
libsamba-dc0-4.10.17-1.mga7
libkdc-samba4_2-4.10.17-1.mga7
libheimntlm-samba4_1-4.10.17-1.mga7
libsamba-devel-4.10.17-1.mga7
samba-krb5-printing-4.10.17-1.mga7
libsamba1-4.10.17-1.mga7
libsmbclient0-4.10.17-1.mga7
libsmbclient-devel-4.10.17-1.mga7
libwbclient0-4.10.17-1.mga7
libwbclient-devel-4.10.17-1.mga7
python2-samba-4.10.17-1.mga7
python3-samba-4.10.17-1.mga7
samba-pidl-4.10.17-1.mga7
samba-test-4.10.17-1.mga7
libsamba-test0-4.10.17-1.mga7
samba-winbind-4.10.17-1.mga7
samba-winbind-clients-4.10.17-1.mga7
samba-winbind-krb5-locator-4.10.17-1.mga7
samba-winbind-modules-4.10.17-1.mga7
ctdb-4.10.17-1.mga7
ctdb-tests-4.10.17-1.mga7

from SRPMS:
ldb-1.5.8-1.mga7.src.rpm
samba-4.10.17-1.mga7.src.rpm

Whiteboard: MGA7TOO => (none)
Version: Cauldron => 7
Assignee: bugsquad => qa-bugs

This is an upgrade from existing on x86_64 box.

$ uname -a
Linux linux.local 5.6.14-desktop-2.mga7 #1 SMP Wed May 20 23:14:20 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

Gnome

- ldb-utils-1.5.8-1.mga7.x86_64
- lib64ldb1-1.5.8-1.mga7.x86_64
- lib64pyldb-util1-1.5.8-1.mga7.x86_64
- lib64samba-dc0-4.10.17-1.mga7.x86_64
- lib64samba-test0-4.10.17-1.mga7.x86_64
- lib64samba1-4.10.17-1.mga7.x86_64
- lib64smbclient0-4.10.17-1.mga7.x86_64
- lib64wbclient0-4.10.17-1.mga7.x86_64
- python2-ldb-1.5.8-1.mga7.x86_64
- python3-ldb-1.5.8-1.mga7.x86_64
- python3-samba-4.10.17-1.mga7.x86_64
- samba-4.10.17-1.mga7.x86_64
- samba-client-4.10.17-1.mga7.x86_64
- samba-common-4.10.17-1.mga7.x86_64
- samba-dc-4.10.17-1.mga7.x86_64
- samba-winbind-4.10.17-1.mga7.x86_64
- samba-winbind-clients-4.10.17-1.mga7.x86_64
- samba-winbind-krb5-locator-4.10.17-1.mga7.x86_64
- samba-winbind-modules-4.10.17-1.mga7.x86_64

-- rebooted --

after reboot

root      1298     1  0 10:05 ?        00:00:00 /usr/sbin/smbd --foreground --no-process-group
root      1895  1298  0 10:05 ?        00:00:00 /usr/sbin/smbd --foreground --no-process-group
root      1896  1298  0 10:05 ?        00:00:00 /usr/sbin/smbd --foreground --no-process-group
root      1900  1298  0 10:05 ?        00:00:00 /usr/sbin/smbd --foreground --no-process-group

Configured ipv6 and ipv4 firewalls




-- connected from a windows 10 PC --

able to transfer files to the server.

Working for me.

CC: (none) => brtians1

$ uname -a
Linux localhost 5.6.14-desktop-2.mga7 #1 SMP Wed May 20 23:14:20 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux


----
- ldb-utils-1.5.8-1.mga7.x86_64
- lib64heimntlm-samba4_1-4.10.17-1.mga7.x86_64
- lib64kdc-samba4_2-4.10.17-1.mga7.x86_64
- lib64ldb1-1.5.8-1.mga7.x86_64
- lib64samba-dc0-4.10.17-1.mga7.x86_64
- lib64samba1-4.10.17-1.mga7.x86_64
- lib64smbclient0-4.10.17-1.mga7.x86_64
- lib64wbclient0-4.10.17-1.mga7.x86_64
- samba-client-4.10.17-1.mga7.x86_64
- samba-common-4.10.17-1.mga7.x86_64

---rebooted---

Able to transfer files between systems.  Working as needed.

Whiteboard: (none) => MGA7-64-OK

$ uname -a
Linux localhost 5.6.14-server-2.mga7 #1 SMP Thu May 21 00:23:13 UTC 2020 i686 i686 i386 GNU/Linux

----

- ldb-utils-1.5.8-1.mga7.i586
- libheimntlm-samba4_1-4.10.17-1.mga7.i586
- libkdc-samba4_2-4.10.17-1.mga7.i586
- libldb1-1.5.8-1.mga7.i586
- libsamba-dc0-4.10.17-1.mga7.i586
- libsamba1-4.10.17-1.mga7.i586
- libsmbclient0-4.10.17-1.mga7.i586
- libwbclient0-4.10.17-1.mga7.i586
- samba-4.10.17-1.mga7.i586
- samba-client-4.10.17-1.mga7.i586
- samba-common-4.10.17-1.mga7.i586

----

rebooted

It operated normally as a samba server - no issues identified.

Whiteboard: MGA7-64-OK => MGA7-64-OK MGA7-32-OK

Thank you, Brian. Validating. Advisory in Comment 3.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2020-0289.html

Resolution: (none) => FIXED
Status: ASSIGNED => RESOLVED