-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-703e299870 2019-11-15 03:20:21.101692 --------------------------------------------------------------------------------
Name : samba Product : Fedora 29 Version : 4.9.15 Release : 0.fc29 URL : http://www.samba.org/ Summary : Server and Client software to interoperate with Windows machines Description : Samba is the standard Windows interoperability suite of programs for Linux and Unix.
-------------------------------------------------------------------------------- Update Information:
Update to Samba 4.9.15 - Security fixes for CVE-2019-10218, CVE-2019-14833, CVE-2019-14847 -------------------------------------------------------------------------------- ChangeLog:
* Tue Oct 29 2019 Guenther Deschner gdeschner@redhat.com - 4.9.15-0 - Update to Samba 4.9.15 - resolves: #1763137, #1766558 - Security fixes for CVE-2019-10218 - resolves: #1764126, #1766559 - Security fixes for CVE-2019-14833 - resolves: #1764142, #1766847 - Security fixes for CVE-2019-14847 * Wed Oct 23 2019 Guenther Deschner gdeschner@redhat.com - 4.9.14-0 - Update to Samba 4.9.14 * Tue Sep 3 2019 Guenther Deschner gdeschner@redhat.com - 4.9.13-0 - Update to Samba 4.9.13 - resolves: #1746225, #1748308 - Security fixes for CVE-2019-10197 * Tue Aug 27 2019 Guenther Deschner gdeschner@redhat.com - 4.9.12-0 - Update to Samba 4.9.12 * Wed Jul 3 2019 Guenther Deschner gdeschner@redhat.com - 4.9.11-0 - Update to Samba 4.9.11 * Wed Jun 19 2019 Guenther Deschner gdeschner@redhat.com - 4.9.9-0 - Update to Samba 4.9.9 - resolves: #1711816, #1721872 - Security fixes for CVE-2019-12435 * Tue May 28 2019 Guenther Deschner gdeschner@redhat.com - 4.9.8-1 - Add missing ctdb directories - resolves: #1656777 * Tue May 14 2019 Guenther Deschner gdeschner@redhat.com - 4.9.8-0 - Update to Samba 4.9.8 - resolves: #1705877, #1709679 - Security fixes for CVE-2018-16860 * Wed May 1 2019 Guenther Deschner gdeschner@redhat.com - 4.9.7-0 - Update to Samba 4.9.7 * Mon Apr 8 2019 Guenther Deschner gdeschner@redhat.com - 4.9.6-0 - Update to Samba 4.9.6 - resolves: #1689010, #1697718 - Security fixes for CVE-2019-3870 - resolves: #1691518, #1697717 - Security fixes for CVE-2019-3880 * Tue Mar 12 2019 Guenther Deschner gdeschner@redhat.com - 4.9.5-0 - Update to Samba 4.9.5 * Tue Feb 12 2019 Guenther Deschner gdeschner@redhat.com - 4.9.4-1 - resolves: #1674547 - Move samba.xattr modules out of python3 test package * Thu Dec 20 2018 Guenther Deschner gdeschner@redhat.com - 4.9.4-0 - Update to Samba 4.9.4 * Tue Nov 27 2018 Guenther Deschner gdeschner@redhat.com - 4.9.3-0 - Update to Samba 4.9.3 - resolves: #1625449, #1654078 - Security fixes for CVE-2018-14629 - resolves: #1642545, #1654082 - Security fixes for CVE-2018-16841 - resolves: #1646377, #1654091 - Security fixes for CVE-2018-16851 - resolves: #1646386, #1654092 - Security fixes for CVE-2018-16852 - resolves: #1647246, #1654093 - Security fixes for CVE-2018-16853 - resolves: #1649278, #1654095 - Security fixes for CVE-2018-16857 * Thu Nov 8 2018 Guenther Deschner gdeschner@redhat.com - 4.9.2-0 - Update to Samba 4.9.2 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1763137 - CVE-2019-10218 samba: smb client vulnerable to filenames containing path separators https://bugzilla.redhat.com/show_bug.cgi?id=1763137 [ 2 ] Bug #1764126 - CVE-2019-14833 samba: AD DC check password script does not receive full password when non-ASCII characters are used https://bugzilla.redhat.com/show_bug.cgi?id=1764126 [ 3 ] Bug #1764142 - CVE-2019-14847 samba: samba AD DC LDAP denial of service via dirsync https://bugzilla.redhat.com/show_bug.cgi?id=1764142 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-703e299870' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------