Update Info


Security update for samba

Type: security
Severity: important
Issued: 2019-10-30
This update for samba fixes the following issues:

Security issues fixed:

- CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP server via dirsync (bsc#1154598).
- CVE-2019-10218: Client code can return filenames containing path separators (bsc#1144902).
- CVE-2019-14833: Fixed Accent with "check script password" where the Samba AD DC check password script does not receive the full password (bsc#1154289).

Other issues fixed:

- Fix vfs_ceph realpath (bsc#1134452).
- MacOS credit accounting breaks with async SESSION SETUP (bsc#1125601).
- Mac OS X SMB2 implmenetation sees Input/output error or Resource temporarily unavailable and drops connection
- Explicitly enable libcephfs POSIX ACL support (bsc#1130245).
- Fix vfs_ceph ftruncate and fallocate handling (bsc#1127153).



  • samba-4.7.11+git.186.d75219614c3-4.30.1