[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-OPENSUSE-SU-2020:1313-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":26,"duplicates":27,"related":28,"reserved_at":9,"published_at":35,"modified_at":36,"state":9,"summary":37,"references_raw":39,"kevs":124,"epss":9,"epss_history":125,"metrics":126,"affected":127},"OPENSUSE-SU-2020:1313-1","Security update for ldb, samba\n\nThis update for ldb, samba fixes the following issues:\n\nChanges in samba:\n- Update to samba 4.11.11\n  + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ\n    and VLV combined; (bso#14364); (bsc#1173159]\n  + CVE-2020-10745: invalid DNS or NBT queries containing dots use\n    several seconds of CPU each; (bso#14378); (bsc#1173160).\n  + CVE-2020-10760: Use-after-free in AD DC Global Catalog LDAP\n    server with paged_result or VLV; (bso#14402); (bsc#1173161)\n  + CVE-2020-14303: Endless loop from empty UDP packet sent to\n    AD DC nbt_server; (bso#14417); (bsc#1173359).\n- Update to samba 4.11.10\n  + Fix segfault when using SMBC_opendir_ctx() routine for share\n    folder that contains incorrect symbols in any file name;\n    (bso#14374).\n  + vfs_shadow_copy2 doesn't fail case looking in\n    snapdirseverywhere mode; (bso#14350)\n  + ldb_ldap: Fix off-by-one increment in lldb_add_msg_attr;\n    (bso#14413).\n  + Malicous SMB1 server can crash libsmbclient; (bso#14366)\n  + winbindd: Fix a use-after-free when winbind clients exit;\n    (bso#14382)\n  + ldb: Bump version to 2.0.11, LMDB databases can grow without\n    bounds. (bso#14330)\n- Update to samba 4.11.9\n  + nmblib: Avoid undefined behaviour in handle_name_ptrs();\n    (bso#14242).\n  + 'samba-tool group' commands do not handle group names with\n    special chars correctly; (bso#14296).\n  + smbd: avoid calling vfs_file_id_from_sbuf() if statinfo\n    is not valid; (bso#14237).\n  + Missing check for DMAPI offline status in async DOS\n    attributes; (bso#14293).\n  + smbd: Ignore set NTACL requests which contain\n    S-1-5-88 NFS ACEs; (bso#14307).\n  + vfs_recycle: Prevent flooding the log if we're called on\n    non-existant paths; (bso#14316)\n  + smbd mistakenly updates a file's write-time on close;\n    (bso#14320).\n  + RPC handles cannot be differentiated in source3 RPC server;\n    (bso#14359).\n  + librpc: Fix IDL for svcctl_ChangeServiceConfigW; (bso#14313).\n  + nsswitch: Fix use-after-free causing segfault in\n    _pam_delete_cred; (bso#14327).\n  + Fix fruit:time machine max size on arm; (bso#13622)\n  + CTDB recovery corner cases can cause record resurrection\n    and node banning; (bso#14294).\n  + ctdb: Fix a memleak; (bso#14348).\n  + libsmb: Don't try to find posix stat info in SMBC_getatr().\n  + ctdb-tcp: Move free of inbound queue to TCP restart;\n    (bso#14295); (bsc#1162680).\n  + s3/librpc/crypto: Fix double free with unresolved\n    credential cache; (bso#14344); (bsc#1169095)\n  + s3:libads: Fix ads_get_upn(); (bso#14336).\n  + CTDB recovery corner cases can cause record resurrection\n    and node banning; (bso#14294)\n  + Starting ctdb node that was powered off hard before\n    results in recovery loop; (bso#14295); (bsc#1162680).\n  + ctdb-recoverd: Avoid dereferencing NULL rec->nodemap;\n    (bso#14324)\n- Update to samba 4.11.8\n  + CVE-2020-10700: Use-after-free in Samba AD DC LDAP\n    Server with ASQ; (bso#14331); (bsc#1169850);\n  + CVE-2020-10704: LDAP Denial of Service (stack overflow)\n    in Samba AD DC; (bso#14334); (bsc#1169851);\n- Update to samba 4.11.7\n  + s3: lib: nmblib. Clean up and harden nmb packet\n    processing; (bso#14239).\n  + s3: VFS: full_audit. Use system session_info if called\n    from a temporary share definition; (bso#14283)\n  + dsdb: Correctly handle memory in objectclass_attrs;\n    (bso#14258).\n  + ldb: version 2.0.9, Samba 4.11 and later give incorrect\n    results for SCOPE_ONE searches; (bso#14270)\n  + auth: Fix CIDs 1458418 and 1458420 Null pointer\n    dereferences; (bso#14247).\n  + smbd: Handle EINTR from open(2) properly; (bso#14285)\n  + winbind member (source3) fails local SAM auth with empty\n    domain name; (bso#14247)\n  + winbindd: Handling missing idmap in getgrgid(); (bso#14265).\n  + lib:util: Log mkdir error on correct debug levels;\n    (bso#14253).\n  + wafsamba: Do not use 'rU' as the 'U' is deprecated in\n    Python 3.9; (bso#14266).\n  + ctdb-tcp: Make error handling for outbound connection\n    consistent; (bso#14274).\n- Update to samba 4.11.6\n  + pygpo: Use correct method flags; (bso#14209).\n  + vfs_ceph_snapshots: Fix root relative path handling;\n    (bso#14216); (bsc#1141320).\n  + Avoiding bad call flags with python 3.8, using METH_NOARGS\n    instead of zero; (bso#14209).\n  + source4/utils/oLschema2ldif: Include stdint.h before\n    cmocka.h; (bso#14218).\n  + docs-xml/winbindnssinfo: Clarify interaction with\n    idmap_ad etc; (bso#14122).\n  + smbd: Fix the build with clang; (bso#14251).\n  + upgradedns: Ensure lmdb lock files linked; (bso#14199).\n  + s3: VFS: glusterfs: Reset nlinks for symlink entries during\n    readdir; (bso#14182).\n  + smbc_stat() doesn't return the correct st_mode and also\n    the uid/gid is not filled (SMBv1) file; (bso#14101).\n  + librpc: Fix string length checking in\n    ndr_pull_charset_to_null(); (bso#14219).\n  + ctdb-scripts: Strip square brackets when gathering\n    connection info; (bso#14227).\n\n- Add libnetapi-devel to baselibs conf, for wine usage; (bsc#1172307);\n\n- Installing: samba - samba-ad-dc.service does not exist and unit\n  not found; (bsc#1171437);\n\n- Fix samba_winbind package is installing python3-base without\n  python3 package; (bsc#1169521);\n\nChanges in ldb:\n- Update to version 2.0.12\n  + CVE-2020-10730: NULL de-reference in AD DC LDAP server\n    when ASQ and VLV combined; (bso#14364); (bsc#1173159).\n  + ldb_ldap: fix off-by-one increment in lldb_add_msg_attr;\n    (bso#14413).\n  + lib/ldb: add unit test for ldb_ldap internal code.\n- Update to version 2.0.11\n  + lib ldb: lmdb init var before calling mdb_reader_check.\n  + lib ldb: lmdb clear stale readers on write txn start;\n    (bso#14330).\n  + ldb tests: Confirm lmdb free list handling\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.",null,[],[],[],[14,16,18,20,22,24],{"_key":15},"CVE-2020-10700",{"_key":17},"CVE-2020-10704",{"_key":19},"CVE-2020-10730",{"_key":21},"CVE-2020-10745",{"_key":23},"CVE-2020-10760",{"_key":25},"CVE-2020-14303",[],[],[29,30,31,32,33,34],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},"2020-09-01T10:31:13Z","2025-05-07T18:11:16.054386Z",{"cisa_kev":38,"cisa_ransomware":38,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[40,46,51,55,59,63,67,71,75,79,83,87,91,95,99,104,108,112,116,120],{"url":41,"sources":42,"tags":44},"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/G6CWABZYPZM5WM3TNQERK2OMN6VELZKV/",[43],"osv_opensuse",[45],"Advisory",{"url":47,"sources":48,"tags":49},"https://bugzilla.suse.com/1141320",[43],[50],"REPORT",{"url":52,"sources":53,"tags":54},"https://bugzilla.suse.com/1162680",[43],[50],{"url":56,"sources":57,"tags":58},"https://bugzilla.suse.com/1169095",[43],[50],{"url":60,"sources":61,"tags":62},"https://bugzilla.suse.com/1169521",[43],[50],{"url":64,"sources":65,"tags":66},"https://bugzilla.suse.com/1169850",[43],[50],{"url":68,"sources":69,"tags":70},"https://bugzilla.suse.com/1169851",[43],[50],{"url":72,"sources":73,"tags":74},"https://bugzilla.suse.com/1171437",[43],[50],{"url":76,"sources":77,"tags":78},"https://bugzilla.suse.com/1172307",[43],[50],{"url":80,"sources":81,"tags":82},"https://bugzilla.suse.com/1173159",[43],[50],{"url":84,"sources":85,"tags":86},"https://bugzilla.suse.com/1173160",[43],[50],{"url":88,"sources":89,"tags":90},"https://bugzilla.suse.com/1173161",[43],[50],{"url":92,"sources":93,"tags":94},"https://bugzilla.suse.com/1173359",[43],[50],{"url":96,"sources":97,"tags":98},"https://bugzilla.suse.com/1174120",[43],[50],{"url":100,"sources":101,"tags":102},"https://www.suse.com/security/cve/CVE-2020-10700",[43],[103],"WEB",{"url":105,"sources":106,"tags":107},"https://www.suse.com/security/cve/CVE-2020-10704",[43],[103],{"url":109,"sources":110,"tags":111},"https://www.suse.com/security/cve/CVE-2020-10730",[43],[103],{"url":113,"sources":114,"tags":115},"https://www.suse.com/security/cve/CVE-2020-10745",[43],[103],{"url":117,"sources":118,"tags":119},"https://www.suse.com/security/cve/CVE-2020-10760",[43],[103],{"url":121,"sources":122,"tags":123},"https://www.suse.com/security/cve/CVE-2020-14303",[43],[103],[],[],[],[128,141],{"ecosystem":129,"name":130,"vendor":131,"product":132,"cpe_part":9,"purl_type":133,"purl_namespace":131,"purl_name":132,"source":9,"versions":134},"openSUSE","ldb","opensuse","ldb&distro=openSUSE Leap 15.2","rpm",[135],{"version":136,"is_range":137,"range_type":138,"version_start":9,"version_start_type":9,"version_end":139,"version_end_type":140,"fixed_in":9},"lt2_0_12_lp152_2_6_1",true,"ecosystem","2.0.12-lp152.2.6.1","excluding",{"ecosystem":129,"name":142,"vendor":131,"product":143,"cpe_part":9,"purl_type":133,"purl_namespace":131,"purl_name":143,"source":9,"versions":144},"samba","samba&distro=openSUSE Leap 15.2",[145],{"version":146,"is_range":137,"range_type":138,"version_start":9,"version_start_type":9,"version_end":147,"version_end_type":140,"fixed_in":9},"lt4_11_11+git_180_2cf3b203f07_lp152_3_6_1","4.11.11+git.180.2cf3b203f07-lp152.3.6.1"]