Bug 17911 - samba new security issue CVE-2015-7560
Summary: samba new security issue CVE-2015-7560
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 5
Hardware: All Linux
Priority: Normal major
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL: http://lwn.net/Vulnerabilities/679264/
Whiteboard: MGA5-32-OK MGA6-64-OK advisory
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2016-03-08 17:53 CET by David Walser
Modified: 2016-03-11 00:38 CET (History)
3 users (show)

See Also:
Source RPM: samba-3.6.25-2.1.mga5.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2016-03-08 17:53:53 CET
Upstream has issued advisories today (March 8):
https://www.samba.org/samba/security/CVE-2015-7560.html
https://www.samba.org/samba/security/CVE-2016-0771.html

CVE-2016-0771 only affects Samba 4 (Cauldron) and is fixed in 4.3.6.

CVE-2015-7560 also affects Mageia 5 and is also fixed in 4.3.6.

Ubuntu has issued an advisory for this today (March 8):
http://www.ubuntu.com/usn/usn-2922-1/

Patch from Ubuntu added to the Mageia 5 package to fix CVE-2015-7560.

Advisory:
========================

Updated samba packages fix security vulnerability:

Jeremy Allison discovered that Samba incorrectly handled ACLs on symlink
paths. A remote attacker could use this issue to overwrite the ownership of
ACLs using symlinks (CVE-2015-7560).

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560
https://www.samba.org/samba/security/CVE-2015-7560.html
http://www.ubuntu.com/usn/usn-2922-1
========================

Updated packages in core/updates_testing:
========================
samba-server-3.6.25-2.2.mga5
samba-client-3.6.25-2.2.mga5
samba-common-3.6.25-2.2.mga5
samba-doc-3.6.25-2.2.mga5
samba-swat-3.6.25-2.2.mga5
samba-winbind-3.6.25-2.2.mga5
nss_wins-3.6.25-2.2.mga5
libsmbclient0-3.6.25-2.2.mga5
libsmbclient0-devel-3.6.25-2.2.mga5
libsmbclient0-static-devel-3.6.25-2.2.mga5
libnetapi0-3.6.25-2.2.mga5
libnetapi-devel-3.6.25-2.2.mga5
libsmbsharemodes0-3.6.25-2.2.mga5
libsmbsharemodes-devel-3.6.25-2.2.mga5
libwbclient0-3.6.25-2.2.mga5
libwbclient-devel-3.6.25-2.2.mga5
samba-virusfilter-clamav-3.6.25-2.2.mga5
samba-virusfilter-fsecure-3.6.25-2.2.mga5
samba-virusfilter-sophos-3.6.25-2.2.mga5
samba-domainjoin-gui-3.6.25-2.2.mga5

from samba-3.6.25-2.2.mga5.src.rpm
David Walser 2016-03-08 18:05:12 CET

URL: (none) => http://lwn.net/Vulnerabilities/679264/

Comment 1 Brian Rockwell 2016-03-10 18:15:35 CET
[root@localhost brian]# urpmi samba-server
Package samba-server-3.6.25-2.2.mga5.i586 is already installed

Package samba-virusfilter-clamav-3.6.25-2.2.mga5.i586 is already installed
Package samba-virusfilter-fsecure-3.6.25-2.2.mga5.i586 is already installed
Package samba-client-3.6.25-2.2.mga5.i586 is already installed



[root@localhost brian]# uname -a
Linux localhost 4.1.15-desktop-2.mga5 #1 SMP Wed Jan 20 17:37:30 UTC 2016 i686 i686 i686 GNU/Linux

I installed the various modules.  Configured the samba-server and was able to transfer files from windows box.

not extensive testing obviously, but services are running and it is moving files.

CC: (none) => brtians1

Brian Rockwell 2016-03-10 18:16:39 CET

Whiteboard: (none) => MGA5-32-OK

Comment 2 Dave Hodgins 2016-03-10 19:44:31 CET
Been a while since I've tested samba. Trying to start smb.service is failing with
smbd: error while loading shared libraries: libreplace-samba4.so: cannot open shared object file: No such file or directory

CC: (none) => davidwhodgins

Comment 3 Dave Hodgins 2016-03-10 19:46:37 CET
I should add, this is on Mageia 5 x86_64

Whiteboard: MGA5-32-OK => MGA5-32-OK feedback

Comment 4 David Walser 2016-03-10 19:53:30 CET
Dave, you installed samba4 packages from updates_testing that were never assigned to QA and have since been removed.  You need to remove those and actually install this update.

Whiteboard: MGA5-32-OK feedback => MGA5-32-OK

Dave Hodgins 2016-03-10 20:36:34 CET

Whiteboard: MGA5-32-OK => MGA5-32-OK feedback

David Walser 2016-03-10 20:37:33 CET

Whiteboard: MGA5-32-OK feedback => MGA5-32-OK

Comment 5 Dave Hodgins 2016-03-10 20:52:50 CET
I missed reverting the lib64smbclient0 and lib64wbclient0. Fixed now, thanks.

Validating the update.

Keywords: (none) => validated_update
Whiteboard: MGA5-32-OK => MGA5-32-OK MGA6-64-OK advisory
CC: (none) => sysadmin-bugs

Comment 6 Mageia Robot 2016-03-11 00:38:18 CET
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2016-0106.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.