Parent Directory | Revision Log
ldb-1.5.5-1.mga7 was part of samba-4.10.8-3.mga7 update (mga#25591)
1 | type: security |
2 | subject: Updated samba packages fix security vulnerabilities |
3 | CVE: |
4 | - CVE-2019-10197 |
5 | - CVE-2019-12435 |
6 | - CVE-2019-12436 |
7 | src: |
8 | 7: |
9 | core: |
10 | - samba-4.10.8-3.mga7 |
11 | - ldb-1.5.5-1.mga7 |
12 | description: | |
13 | Updated samba packages fix security vulnerabilities: |
14 | |
15 | A combination of parameters and permissions in smb.conf can allow user |
16 | to escape from the share path definition (CVE-2019-10197). |
17 | |
18 | An authenticated user can crash the Samba AD DC's RPC server process via |
19 | a NULL pointer dereference (CVE-2019-12435) |
20 | |
21 | An user with read access to the directory can cause a NULL pointer |
22 | dereference using the paged search control (CVE-2019-12436). |
23 | |
24 | For other fixes in this update, see the referenced changelogs. |
25 | references: |
26 | - https://bugs.mageia.org/show_bug.cgi?id=24980 |
27 | - https://www.samba.org/samba/history/samba-4.10.5.html |
28 | - https://www.samba.org/samba/history/samba-4.10.6.html |
29 | - https://www.samba.org/samba/history/samba-4.10.7.html |
30 | - https://www.samba.org/samba/history/samba-4.10.8.html |
31 | - https://www.samba.org/samba/security/CVE-2019-12435.html |
32 | - https://www.samba.org/samba/security/CVE-2019-12436.html |
33 | - https://www.samba.org/samba/security/CVE-2019-10197.html |
34 | ID: MGASA-2019-0286 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |