OPENSUSE-SU-2020:0984-1
Vulnerability Summary
Timeline
Description
Security update for samba This update for samba fixes the following issues: - CVE-2020-10745: Fixed an issue which parsing and packing of NBT and DNS packets containing dots could potentially have consumed excessive CPU (bsc#1173160). - CVE-2020-14303: Fixed an endless loop when receiving at AD DC empty UDP packets (bsc#1173359). - CVE-2020-10730: Fixed a null de-reference in AD DC LDAP server when ASQ and VLV combined (bsc#1173159). - CVE-2020-10760: Fixed a use-after-free in AD DC Global Catalog LDAP server with paged_result or VLV (bsc#1173161). - Added libnetapi-devel to baselibs conf, for wine usage (bsc#1172307). - Fixed an installing issue where samba - samba-ad-dc.service did not exist and unit was not found (bsc#1171437). This update was imported from the SUSE:SLE-15-SP1:Update update project.
Affected Systems
- opensuse•samba&distro=openSUSE Leap 15.1
< 4.9.5+git.343.4bc358522a9-lp151.2.27.1
References (11)
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CJGAJ5FTYBHYXLWFTGBCU5RWJLAH5ASP/
- https://bugzilla.suse.com/1171437
- https://bugzilla.suse.com/1172307
- https://bugzilla.suse.com/1173159
- https://bugzilla.suse.com/1173160
- https://bugzilla.suse.com/1173161
- https://bugzilla.suse.com/1173359
- https://www.suse.com/security/cve/CVE-2020-10730
- https://www.suse.com/security/cve/CVE-2020-10745
- https://www.suse.com/security/cve/CVE-2020-10760
- https://www.suse.com/security/cve/CVE-2020-14303