openSUSE Security Update : samba / ldb / talloc / etc (openSUSE-2015-945)

high Nessus Plugin ID 87622

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for ldb, samba, talloc, tdb, tevent fixes the following issues :

ldb was updated to 1.1.24.

+ Fix ldap \00 search expression attack dos;
cve-2015-3223; (bso#11325)

+ Fix remote read memory exploit in ldb; cve-2015-5330;
(bso#11599)

+ Move ldb_(un)pack_data into ldb_module.h for testing

+ Fix installation of _ldb_text.py

+ Fix propagation of ldb errors through tdb

+ Fix bug triggered by having an empty message in database during search

+ Test improvements

+ Improved python bindings

+ Validate_ldb of string(generalized-time) does not accept millisecond format '.000Z'; (bso#9810)

+ Fix logic in ldb_val_to_time()

+ Allow to register extended match rules

+ Fixes for segfaults in pyldb

+ Documentation fixes

+ Build system improvements

+ Fix a typo in the comment, ldb_flags_mod_xxx -> ldb_flag_mod_xxx

+ Fix check for third_party

+ Make the successful ldb_transaction_start() message clearer

+ Ldb-samba: fix a memory leak in ldif_canonicalise_objectcategory()

+ Ldb-samba: move pyldb-utils dependency to python_samba__ldb

+ Build: improve detection of srcdir

Samba was updated to 4.1.22.

+ Malicious request can cause samba ldap server to hang, spinning using cpu; CVE-2015-3223; (bso#11325);
(boo#958581).

+ Remote read memory exploit in ldb; cve-2015-5330;
(bso#11599); (boo#958586).

+ Insufficient symlink verification (file access outside the share); CVE-2015-5252; (bso#11395); (boo#958582).

+ No man in the middle protection when forcing smb encryption on the client side; CVE-2015-5296;
(bso#11536); (boo#958584).

+ Currently the snapshot browsing is not secure thru windows previous version (shadow_copy2); CVE-2015-5299;
(bso#11529); (boo#958583).

+ Fix microsoft ms15-096 to prevent machine accounts from being changed into user accounts; CVE-2015-8467;
(bso#11552); (boo#958585).

+ Fix remote dos in samba (ad) ldap server; cve-2015-7540;
(bso#9187); (boo#958580).

+ Ensure attempt to ssh into locked account triggers 'Your account is disabled.....' to the console; (boo#953382).

+ Prevent NULL pointer access in samlogon fallback when security credentials are null; (boo#949022).

talloc was updated to 2.1.5; (boo#954658).

+ Minor build fixes

+ Point ld_library_path to the just-built libraries while calling make test.

+ Disable rpath-install and silent-rules while configure.

+ Update to 2.1.4; (boo#951660).

+ Test that talloc magic differs between processes.

+ Increment minor version due to added talloc_test_get_magic.

+ Provide tests access to talloc_magic.

+ Test magic protection measures.

+ Update the samba library distribution key file 'talloc.keyring'; (bso#945116).

+ Update to 2.1.3; (boo#939051).

+ Improved python3 bindings

+ Documentation fixes regarding talloc_reference() and talloc_unlink()

tdb was updated to version 1.3.8; (boo#954658).

+ Fix broken build with --disable-python

+ Minor build fixes

+ Disable rpath-install and silent-rules while configure.

+ Update the samba library distribution key file 'tdb.keyring'; (bso#945116).

+ Update to version 1.3.7.

+ First fix deadlock in the interaction between fcntl and mutex locking; (bso#11381)

+ Improved python3 bindings

+ Update to version 1.3.6.

+ Fix runtime detection for robust mutexes in the standalone build; (bso#11326).

+ Possible fix for the build with robust mutexes on solaris 11; (bso#11319).

+ Update to version 1.3.5.

+ Abi change: tdb_chainlock_read_nonblock() has been added, a nonblock variant of tdb_chainlock_read()

+ Do not build test binaries if it's not a standalone build

+ Fix cid 1034842 resource leak

+ Fix cid 1034841 resource leak

+ Don't let tdb_wrap_open() segfault with name==null

+ Update to version 1.3.4.

+ Toos: allow transactions with tdb_mutex_locking

+ Test: add tdb1-run-mutex-transaction1 test

+ Allow transactions on on tdb's with tdb_mutex_locking

+ Update to version 1.3.3.

+ Test: tdb_clear_if_first | tdb_mutex_locking, o_rdonly is a valid combination

+ Update to version 1.3.2.

+ Allow tdb_open_ex() with o_rdonly of tdb_feature_flag_mutex tdbs.

+ Fix a comment

+ Fix tdb_runtime_check_for_robust_mutexes()

+ Improve wording in a comment

+ Tdb.h needs bool type; obsoletes include_stdbool_bso10625.patch

+ Tdb_wrap: make mutexes easier to use

+ Tdb_wrap: only pull in samba-debug

+ Tdb_wrap: standalone compile without includes.h

+ Tdb_wrap: tdb_wrap.h doesn't need struct loadparm_context

- Update to version 1.3.1.

+ Tools: fix a compiler warning

+ Defragment the freelist in tdb_allocate_from_freelist()

+ Add 'freelist_size' sub-command to tdbtool

+ Use tdb_freelist_merge_adjacent in tdb_freelist_size()

+ Add tdb_freelist_merge_adjacent()

+ Add utility function check_merge_ptr_with_left_record()

+ Simplify tdb_free() using check_merge_with_left_record()

+ Add utility function check_merge_with_left_record()

+ Improve comments for tdb_free().

+ Factor merge_with_left_record() out of tdb_free()

+ Fix debug message in tdb_free()

+ Reduce indentation in tdb_free() for merging left

+ Increase readability of read_record_on_left()

+ Factor read_record_on_left() out of tdb_free()

+ Build: improve detection of srcdir.

tevent was update to version 0.9.26; (boo#954658).

+ New tevent_thread_proxy api

+ Minor build fixes

+ Update the samba library distribution key file 'tevent.keyring'; (bso#945116).

+ Update to 0.9.25.

+ Fix compile error in solaris ports backend.

+ Fix access after free in tevent_common_check_signal();
(bso#11308).

+ Improve pytevent bindings.

+ Testsuite fixes.

+ Improve the documentation of the tevent_add_fd() assumtions. it must be talloc_free'ed before closing the fd! (bso##11141); (bso#11316).

+ Update to 0.9.24.

+ Ignore unexpected signal events in the same way the epoll backend does.

+ Update to 0.9.23.

+ Update the tevent_data.dox tutrial stuff to fix some errors, including white space problems.

+ Use tevent_req_simple_recv_unix in a few places.

+ Update to 0.9.22.

+ Remove unused exit_code in tevent_select.c

+ Remove unused exit_code in tevent_poll.c

+ Build: improve detection of srcdir

+ Lib: tevent: make tevent_sig_increment atomic.

+ Update flags in tevent pkgconfig file

+ Utilize doxygen to generate the api documentation and package it.

Solution

Update the affected samba / ldb / talloc / etc packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=958586

https://bugzilla.opensuse.org/show_bug.cgi?id=939050

https://bugzilla.opensuse.org/show_bug.cgi?id=939051

https://bugzilla.opensuse.org/show_bug.cgi?id=949022

https://bugzilla.opensuse.org/show_bug.cgi?id=951660

https://bugzilla.opensuse.org/show_bug.cgi?id=953382

https://bugzilla.opensuse.org/show_bug.cgi?id=954658

https://bugzilla.opensuse.org/show_bug.cgi?id=958580

https://bugzilla.opensuse.org/show_bug.cgi?id=958581

https://bugzilla.opensuse.org/show_bug.cgi?id=958582

https://bugzilla.opensuse.org/show_bug.cgi?id=958583

https://bugzilla.opensuse.org/show_bug.cgi?id=958584

https://bugzilla.opensuse.org/show_bug.cgi?id=958585

Plugin Details

Severity: High

ID: 87622

File Name: openSUSE-2015-945.nasl

Version: 2.8

Type: local

Agent: unix

Published: 12/29/2015

Updated: 1/19/2021

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:ldb-debugsource, p-cpe:/a:novell:opensuse:libndr-standard0-32bit, p-cpe:/a:novell:opensuse:libdcerpc-atsvc0-32bit, p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo, p-cpe:/a:novell:opensuse:libpdb-devel, p-cpe:/a:novell:opensuse:libldb-devel, p-cpe:/a:novell:opensuse:libsamdb0-debuginfo, p-cpe:/a:novell:opensuse:libtalloc2, p-cpe:/a:novell:opensuse:libgensec0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libdcerpc-atsvc0, p-cpe:/a:novell:opensuse:libndr-krb5pac0, p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo, p-cpe:/a:novell:opensuse:libtdb-devel, p-cpe:/a:novell:opensuse:libndr-standard0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libtevent0, p-cpe:/a:novell:opensuse:libpdb0-32bit, p-cpe:/a:novell:opensuse:samba-python, p-cpe:/a:novell:opensuse:libsmbsharemodes-devel, p-cpe:/a:novell:opensuse:libnetapi0-32bit, p-cpe:/a:novell:opensuse:libsmbclient-raw0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsmbldap0-debuginfo, p-cpe:/a:novell:opensuse:python-tdb-debuginfo, p-cpe:/a:novell:opensuse:samba-debugsource, p-cpe:/a:novell:opensuse:samba-libs-32bit, p-cpe:/a:novell:opensuse:libtevent0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libregistry0-debuginfo-32bit, p-cpe:/a:novell:opensuse:samba-client, p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libtevent0-debuginfo, p-cpe:/a:novell:opensuse:libgensec-devel, p-cpe:/a:novell:opensuse:libtevent-util0-debuginfo, p-cpe:/a:novell:opensuse:pyldb, p-cpe:/a:novell:opensuse:tevent-debugsource, p-cpe:/a:novell:opensuse:libsmbsharemodes0, p-cpe:/a:novell:opensuse:libsamdb-devel, cpe:/o:novell:opensuse:13.1, p-cpe:/a:novell:opensuse:libsamba-credentials-devel, p-cpe:/a:novell:opensuse:libsamba-hostconfig0-32bit, p-cpe:/a:novell:opensuse:samba-client-32bit, p-cpe:/a:novell:opensuse:libtalloc-devel, p-cpe:/a:novell:opensuse:libregistry0-32bit, p-cpe:/a:novell:opensuse:libsamba-credentials0, p-cpe:/a:novell:opensuse:samba-winbind-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsmbclient0, p-cpe:/a:novell:opensuse:libwbclient0-debuginfo, p-cpe:/a:novell:opensuse:libndr-standard-devel, p-cpe:/a:novell:opensuse:python-tdb, p-cpe:/a:novell:opensuse:pyldb-devel, p-cpe:/a:novell:opensuse:libsmbconf0, p-cpe:/a:novell:opensuse:pytalloc-devel, p-cpe:/a:novell:opensuse:libtevent-devel, p-cpe:/a:novell:opensuse:libnetapi0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libtalloc2-32bit, p-cpe:/a:novell:opensuse:libtdb1, p-cpe:/a:novell:opensuse:libdcerpc-atsvc0-debuginfo, p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo, p-cpe:/a:novell:opensuse:libndr0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libregistry-devel, p-cpe:/a:novell:opensuse:libsmbclient-raw0-32bit, p-cpe:/a:novell:opensuse:libsamba-policy0, p-cpe:/a:novell:opensuse:samba-test, p-cpe:/a:novell:opensuse:libdcerpc-samr0-32bit, p-cpe:/a:novell:opensuse:libdcerpc-samr-devel, p-cpe:/a:novell:opensuse:libsmbconf0-32bit, p-cpe:/a:novell:opensuse:libtdb1-32bit, p-cpe:/a:novell:opensuse:libdcerpc-binding0, p-cpe:/a:novell:opensuse:python-tevent, p-cpe:/a:novell:opensuse:python-tevent-debuginfo-32bit, p-cpe:/a:novell:opensuse:libnetapi0, p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo, p-cpe:/a:novell:opensuse:libsmbclient-raw0, p-cpe:/a:novell:opensuse:libsmbconf-devel, p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsmbclient-raw-devel, p-cpe:/a:novell:opensuse:samba-test-debuginfo, p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo, p-cpe:/a:novell:opensuse:samba-core-devel, p-cpe:/a:novell:opensuse:libpdb0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsmbldap0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsamba-util0-debuginfo, p-cpe:/a:novell:opensuse:samba-winbind-debuginfo, p-cpe:/a:novell:opensuse:samba-libs-debuginfo, p-cpe:/a:novell:opensuse:pyldb-debuginfo-32bit, p-cpe:/a:novell:opensuse:libgensec0, p-cpe:/a:novell:opensuse:pyldb-debuginfo, p-cpe:/a:novell:opensuse:libtevent-util0-32bit, p-cpe:/a:novell:opensuse:tdb-tools, p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsamba-policy0-32bit, p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo, p-cpe:/a:novell:opensuse:libsmbclient-devel, p-cpe:/a:novell:opensuse:libndr-krb5pac-devel, p-cpe:/a:novell:opensuse:libregistry0-debuginfo, p-cpe:/a:novell:opensuse:libsamba-hostconfig-devel, p-cpe:/a:novell:opensuse:libsamba-util0, p-cpe:/a:novell:opensuse:samba-libs-debuginfo-32bit, p-cpe:/a:novell:opensuse:tdb-tools-debuginfo, p-cpe:/a:novell:opensuse:libgensec0-debuginfo, p-cpe:/a:novell:opensuse:libtdb1-debuginfo, p-cpe:/a:novell:opensuse:libndr-nbt0-debuginfo, p-cpe:/a:novell:opensuse:tdb-debugsource, p-cpe:/a:novell:opensuse:libsamba-policy-devel, p-cpe:/a:novell:opensuse:libtalloc2-debuginfo, p-cpe:/a:novell:opensuse:libregistry0, p-cpe:/a:novell:opensuse:libsamba-policy0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsamba-util-devel, p-cpe:/a:novell:opensuse:samba-libs, p-cpe:/a:novell:opensuse:libdcerpc-atsvc0-debuginfo-32bit, p-cpe:/a:novell:opensuse:samba-pidl, p-cpe:/a:novell:opensuse:libndr-nbt0-32bit, p-cpe:/a:novell:opensuse:libndr-nbt0, p-cpe:/a:novell:opensuse:libsmbldap-devel, p-cpe:/a:novell:opensuse:samba-test-devel, p-cpe:/a:novell:opensuse:libndr-krb5pac0-32bit, p-cpe:/a:novell:opensuse:libsamdb0, p-cpe:/a:novell:opensuse:libtevent-util-devel, p-cpe:/a:novell:opensuse:libwbclient0, p-cpe:/a:novell:opensuse:libsmbsharemodes0-debuginfo, p-cpe:/a:novell:opensuse:libwbclient-devel, p-cpe:/a:novell:opensuse:libsmbconf0-debuginfo-32bit, p-cpe:/a:novell:opensuse:pytalloc, p-cpe:/a:novell:opensuse:libtalloc2-debuginfo-32bit, p-cpe:/a:novell:opensuse:samba-debuginfo, p-cpe:/a:novell:opensuse:libtdb1-debuginfo-32bit, p-cpe:/a:novell:opensuse:pyldb-32bit, p-cpe:/a:novell:opensuse:python-tevent-32bit, p-cpe:/a:novell:opensuse:pytalloc-debuginfo, p-cpe:/a:novell:opensuse:samba-winbind, p-cpe:/a:novell:opensuse:ldb-tools, p-cpe:/a:novell:opensuse:samba-python-debuginfo, p-cpe:/a:novell:opensuse:libpdb0, p-cpe:/a:novell:opensuse:libsamba-util0-32bit, p-cpe:/a:novell:opensuse:libsamdb0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libldb1-debuginfo, p-cpe:/a:novell:opensuse:libgensec0-32bit, p-cpe:/a:novell:opensuse:libldb1-debuginfo-32bit, p-cpe:/a:novell:opensuse:ldb-tools-debuginfo, p-cpe:/a:novell:opensuse:libwbclient0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libdcerpc-binding0-32bit, p-cpe:/a:novell:opensuse:libsamdb0-32bit, p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo, p-cpe:/a:novell:opensuse:libsamba-credentials0-32bit, p-cpe:/a:novell:opensuse:samba, p-cpe:/a:novell:opensuse:libnetapi0-debuginfo, p-cpe:/a:novell:opensuse:libsmbclient0-32bit, p-cpe:/a:novell:opensuse:libndr-standard0, p-cpe:/a:novell:opensuse:libpdb0-debuginfo, p-cpe:/a:novell:opensuse:libdcerpc-samr0, p-cpe:/a:novell:opensuse:libnetapi-devel, p-cpe:/a:novell:opensuse:libsmbldap0-32bit, p-cpe:/a:novell:opensuse:python-tdb-32bit, p-cpe:/a:novell:opensuse:libndr-krb5pac0-debuginfo-32bit, p-cpe:/a:novell:opensuse:pytalloc-debuginfo-32bit, p-cpe:/a:novell:opensuse:libldb1-32bit, p-cpe:/a:novell:opensuse:libdcerpc-binding0-debuginfo-32bit, p-cpe:/a:novell:opensuse:samba-client-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsamba-hostconfig0, p-cpe:/a:novell:opensuse:libndr0-debuginfo, p-cpe:/a:novell:opensuse:libdcerpc0-debuginfo, p-cpe:/a:novell:opensuse:samba-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsmbclient0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libdcerpc0, p-cpe:/a:novell:opensuse:libsamba-policy0-debuginfo, p-cpe:/a:novell:opensuse:libndr-devel, p-cpe:/a:novell:opensuse:libtevent0-32bit, p-cpe:/a:novell:opensuse:libsmbclient-raw0-debuginfo, p-cpe:/a:novell:opensuse:pytalloc-32bit, p-cpe:/a:novell:opensuse:libwbclient0-32bit, p-cpe:/a:novell:opensuse:python-tevent-debuginfo, p-cpe:/a:novell:opensuse:libndr-nbt-devel, p-cpe:/a:novell:opensuse:libdcerpc-atsvc-devel, p-cpe:/a:novell:opensuse:libldb1, p-cpe:/a:novell:opensuse:libdcerpc-samr0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libndr0-32bit, p-cpe:/a:novell:opensuse:libsamba-credentials0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libdcerpc0-32bit, p-cpe:/a:novell:opensuse:python-tdb-debuginfo-32bit, p-cpe:/a:novell:opensuse:samba-32bit, p-cpe:/a:novell:opensuse:samba-winbind-32bit, cpe:/o:novell:opensuse:13.2, p-cpe:/a:novell:opensuse:libtevent-util0, p-cpe:/a:novell:opensuse:samba-client-debuginfo, p-cpe:/a:novell:opensuse:libsmbldap0, p-cpe:/a:novell:opensuse:libdcerpc-devel, p-cpe:/a:novell:opensuse:libsamba-hostconfig0-debuginfo, p-cpe:/a:novell:opensuse:talloc-debugsource, p-cpe:/a:novell:opensuse:libndr0

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 12/24/2015

Reference Information

CVE: CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-7540, CVE-2015-8467