Parent Directory
| 
Revision Log
ldb-1.5.5-1.mga7 was part of samba-4.10.8-3.mga7 update (mga#25591)
| 1 | type: security |
| 2 | subject: Updated samba packages fix security vulnerabilities |
| 3 | CVE: |
| 4 | - CVE-2019-10197 |
| 5 | - CVE-2019-12435 |
| 6 | - CVE-2019-12436 |
| 7 | src: |
| 8 | 7: |
| 9 | core: |
| 10 | - samba-4.10.8-3.mga7 |
| 11 | - ldb-1.5.5-1.mga7 |
| 12 | description: | |
| 13 | Updated samba packages fix security vulnerabilities: |
| 14 | |
| 15 | A combination of parameters and permissions in smb.conf can allow user |
| 16 | to escape from the share path definition (CVE-2019-10197). |
| 17 | |
| 18 | An authenticated user can crash the Samba AD DC's RPC server process via |
| 19 | a NULL pointer dereference (CVE-2019-12435) |
| 20 | |
| 21 | An user with read access to the directory can cause a NULL pointer |
| 22 | dereference using the paged search control (CVE-2019-12436). |
| 23 | |
| 24 | For other fixes in this update, see the referenced changelogs. |
| 25 | references: |
| 26 | - https://bugs.mageia.org/show_bug.cgi?id=24980 |
| 27 | - https://www.samba.org/samba/history/samba-4.10.5.html |
| 28 | - https://www.samba.org/samba/history/samba-4.10.6.html |
| 29 | - https://www.samba.org/samba/history/samba-4.10.7.html |
| 30 | - https://www.samba.org/samba/history/samba-4.10.8.html |
| 31 | - https://www.samba.org/samba/security/CVE-2019-12435.html |
| 32 | - https://www.samba.org/samba/security/CVE-2019-12436.html |
| 33 | - https://www.samba.org/samba/security/CVE-2019-10197.html |
| 34 | ID: MGASA-2019-0286 |
| ViewVC Help | |
| Powered by ViewVC 1.1.30 |