OPENSUSE-SU-2019:2442-1
Vulnerability Summary
Timeline
Description
Security update for samba This update for provides the following fixes: Following security issues were fixed: - CVE-2019-14847: User with 'get changes' permission could have crashed AD DC LDAP server via dirsync (bsc#1154598). - CVE-2019-10218: Client code could have returned filenames containing path separators (bsc#1144902). - CVE-2019-14833: Accent with 'check script password' where Samba AD DC check password script did not receive the full password (bsc#1154289). Also following non-security issues were fixed: - Fix auth problems when printing via smbspool backend with kerberos. (bsc#1148539) - Fix broken username/password authentication with CUPS and smbspool. (bsc#1152143) This update was imported from the SUSE:SLE-15-SP1:Update update project.
Affected Systems
- opensuse•samba&distro=openSUSE Leap 15.1
< 4.9.5+git.210.ab0549acb05-lp151.2.9.1
References (9)
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KL7HWA2VLDM4QBSVFP4UKNPEMH7WKMUL/#KL7HWA2VLDM4QBSVFP4UKNPEMH7WKMUL
- https://bugzilla.suse.com/1144902
- https://bugzilla.suse.com/1148539
- https://bugzilla.suse.com/1152143
- https://bugzilla.suse.com/1154289
- https://bugzilla.suse.com/1154598
- https://www.suse.com/security/cve/CVE-2019-10218
- https://www.suse.com/security/cve/CVE-2019-14833
- https://www.suse.com/security/cve/CVE-2019-14847