[Buildroot] [PATCH-2018.02.x 2/2] samba4: security bump to version 4.8.7
Peter Korsgaard
peter at korsgaard.com
Mon Dec 3 21:59:13 UTC 2018
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Fixes the following security vulnerabilities:
> - CVE-2018-14629:
> All versions of Samba from 4.0.0 onwards are vulnerable to infinite
> query recursion caused by CNAME loops. Any dns record can be added via
> ldap by an unprivileged user using the ldbadd tool, so this is a
> security issue.
> - CVE-2018-16841:
> When configured to accept smart-card authentication, Samba's KDC will call
> talloc_free() twice on the same memory if the principal in a validly signed
> certificate does not match the principal in the AS-REQ.
> This is only possible after authentication with a trusted certificate.
> talloc is robust against further corruption from a double-free with
> talloc_free() and directly calls abort(), terminating the KDC process.
> There is no further vulnerability associated with this issue, merely a
> denial of service.
> - CVE-2018-16851:
> During the processing of an LDAP search before Samba's AD DC returns
> the LDAP entries to the client, the entries are cached in a single
> memory object with a maximum size of 256MB. When this size is
> reached, the Samba process providing the LDAP service will follow the
> NULL pointer, terminating the process.
> There is no further vulnerability associated with this issue, merely a
> denial of service.
> - CVE-2018-16853:
> A user in a Samba AD domain can crash the KDC when Samba is built in the
> non-default MIT Kerberos configuration.
> With this advisory we clarify that the MIT Kerberos build of the Samba
> AD DC is considered experimental. Therefore the Samba Team will not
> issue security patches for this configuration.
> For more details, see the release notes:
> https://www.samba.org/samba/history/samba-4.8.7.html
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed to 2018.02.x and 2018.08.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list