-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2020-2e1a1489be 2020-11-10 01:29:17.834586 --------------------------------------------------------------------------------
Name : samba Product : Fedora 32 Version : 4.12.10 Release : 0.fc32 URL : https://www.samba.org Summary : Server and Client software to interoperate with Windows machines Description : Samba is the standard Windows interoperability suite of programs for Linux and Unix.
-------------------------------------------------------------------------------- Update Information:
Update to Samba 4.12.10 ---- Update to Samba 4.12.9 - Security fixes for CVE-2020-14318, CVE-2020-14323 and CVE-2020-14383 -------------------------------------------------------------------------------- ChangeLog:
* Thu Nov 5 2020 Guenther Deschner gdeschner@redhat.com - 4.12.10-0 - Update to Samba 4.12.10 * Thu Oct 29 2020 Guenther Deschner gdeschner@redhat.com - 4.12.9-0 - Update to Samba 4.12.9 - resolves: #1892631, #1892634 - Security fixes for CVE-2020-14318 - resolves: #1891685, #1892628 - Security fixes for CVE-2020-14323 - resolves: #1892636, #1892640 - Security fixes for CVE-2020-14383 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1891685 - CVE-2020-14323 samba: Unprivileged user can crash winbind https://bugzilla.redhat.com/show_bug.cgi?id=1891685 [ 2 ] Bug #1892631 - CVE-2020-14318 samba: Missing handle permissions check in SMB1/2/3 ChangeNotify https://bugzilla.redhat.com/show_bug.cgi?id=1892631 [ 3 ] Bug #1892636 - CVE-2020-14383 samba: An authenticated user can crash the DCE/RPC DNS with easily crafted records https://bugzilla.redhat.com/show_bug.cgi?id=1892636 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-2e1a1489be' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------