[Buildroot] [PATCH-2018.02.x 2/2] samba4: security bump to version 4.8.7

Peter Korsgaard peter at korsgaard.com
Mon Dec 3 21:59:13 UTC 2018 

>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > Fixes the following security vulnerabilities:
 >  - CVE-2018-14629:
 >    All versions of Samba from 4.0.0 onwards are vulnerable to infinite
 >    query recursion caused by CNAME loops. Any dns record can be added via
 >    ldap by an unprivileged user using the ldbadd tool, so this is a
 >    security issue.

 >  - CVE-2018-16841:
 >    When configured to accept smart-card authentication, Samba's KDC will call
 >    talloc_free() twice on the same memory if the principal in a validly signed
 >    certificate does not match the principal in the AS-REQ.

 >    This is only possible after authentication with a trusted certificate.

 >    talloc is robust against further corruption from a double-free with
 >    talloc_free() and directly calls abort(), terminating the KDC process.

 >    There is no further vulnerability associated with this issue, merely a
 >    denial of service.

 >  - CVE-2018-16851:
 >    During the processing of an LDAP search before Samba's AD DC returns
 >    the LDAP entries to the client, the entries are cached in a single
 >    memory object with a maximum size of 256MB.  When this size is
 >    reached, the Samba process providing the LDAP service will follow the
 >    NULL pointer, terminating the process.

 >    There is no further vulnerability associated with this issue, merely a
 >    denial of service.

 >  - CVE-2018-16853:
 >    A user in a Samba AD domain can crash the KDC when Samba is built in the
 >    non-default MIT Kerberos configuration.

 >    With this advisory we clarify that the MIT Kerberos build of the Samba
 >    AD DC is considered experimental.  Therefore the Samba Team will not
 >    issue security patches for this configuration.

 > For more details, see the release notes:

 > https://www.samba.org/samba/history/samba-4.8.7.html

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed to 2018.02.x and 2018.08.x, thanks.

-- 
Bye, Peter Korsgaard

More information about the buildroot mailing list