openSUSE Security Update : samba (openSUSE-2016-399)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for the samba server fixes the following issues :

Security issue fixed :

- CVE-2015-7560: Getting and setting Windows ACLs on
symlinks can change permissions on link target;
(bso#11648); (bsc#968222).

Other bugs fixed :

- Enable clustering (CTDB) support; (bsc#966271).

- s3: smbd: Fix timestamp rounding inside SMB2 create;
(bso#11703); (bsc#964023).

- vfs_fruit: Fix renaming directories with open files;
(bso#11065).

- Fix MacOS finder error 36 when copying folder to Samba;
(bso#11347).

- s3:smbd/oplock: Obey kernel oplock setting when
releasing oplocks; (bso#11400).

- Fix copying files with vfs_fruit when using
vfs_streams_xattr without stream prefix and type suffix;
(bso#11466).

- s3:libsmb: Correctly initialize the list head when
keeping a list of primary followed by DFS connections;
(bso#11624).

- Reduce the memory footprint of empty string options;
(bso#11625).

- lib/async_req: Do not install async_connect_send_test;
(bso#11639).

- docs: Fix typos in man vfs_gpfs; (bso#11641).

- smbd: make 'hide dot files' option work with 'store dos
attributes = yes'; (bso#11645).

- smbcacls: Fix uninitialized variable; (bso#11682).

- s3:smbd: Ignore initial allocation size for directory
creation; (bso#11684).

- Add quotes around path of update-apparmor-samba-profile;
(bsc#962177).

- Prevent access denied if the share path is '/';
(bso#11647); (bsc#960249).

- Ensure samlogon fallback requests are rerouted after
kerberos failure; (bsc#953972).

- samba: winbind crash ->
netlogon_creds_client_authenticator; (bsc#953972)

This update was imported from the SUSE:SLE-12-SP1:Update update
project.

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=953382
https://bugzilla.opensuse.org/show_bug.cgi?id=953972
https://bugzilla.opensuse.org/show_bug.cgi?id=960249
https://bugzilla.opensuse.org/show_bug.cgi?id=962177
https://bugzilla.opensuse.org/show_bug.cgi?id=964023
https://bugzilla.opensuse.org/show_bug.cgi?id=966271
https://bugzilla.opensuse.org/show_bug.cgi?id=968222

Solution :

Update the affected samba packages.

Risk factor :

Medium / CVSS Base Score : 4.0
(CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N)

Family: SuSE Local Security Checks

Nessus Plugin ID: 90173 ()

Bugtraq ID:

CVE ID: CVE-2015-7560

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now