samba-4.10.4-10.el7

エラータID: AXSA:2020-020:02

Release date: 
Friday, April 24, 2020 - 11:58
Subject: 
samba-4.10.4-10.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

protocol and the related Common Internet File System (CIFS) protocol, which
allow PC-compatible machines to share files, printers, and various information.

The following packages have been upgraded to a later upstream version: samba
(4.10.4).

Security Fix(es):

* samba: Combination of parameters and permissions can allow user to escape
from the share path definition (CVE-2019-10197)
* samba: smb client vulnerable to filenames containing path separators
(CVE-2019-10218)

Solution: 

Update packages.

CVEs: 
CVE-2019-10197
A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share.
CVE-2019-10218
A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working directory using the privileges of the client user.
Additional Info: 

N/A

Download: 

SRPMS
  1. samba-4.10.4-10.el7.src.rpm
    MD5: 3787da0ab44cd315fa4a14d9f35186f0
    SHA-256: 90f80c9f520843f0b84ff643f2971961d8c5fdcda75491774f933bfd1fb8a418
    Size: 11.51 MB

Asianux Server 7 for x86_64
  1. ctdb-4.10.4-10.el7.x86_64.rpm
    MD5: 5146f2f2f3d59599eab1f15fb166d6a8
    SHA-256: cbceb9680cda097b3a14f2d7c043124bd45f507cf959a8f5a13b2f2b592abf57
    Size: 755.34 kB
  2. ctdb-tests-4.10.4-10.el7.x86_64.rpm
    MD5: b554ad3da32cbdde1f7e0d104fc092ac
    SHA-256: 36f58339d1f76ff3f4c56a820dd5c2beda18718395e0d3ef8e5c51096cd8d362
    Size: 1.30 MB
  3. libsmbclient-4.10.4-10.el7.x86_64.rpm
    MD5: bba69ad2033dc8fb10a73d0d04d7d39a
    SHA-256: 716b9eb991f67de49aad5af52d3d1b14f55482f544429201fc93f909921226cf
    Size: 141.05 kB
  4. libwbclient-4.10.4-10.el7.x86_64.rpm
    MD5: f51e795dd60eb06fd204271e30621b37
    SHA-256: 5dc66b1dfd9be5d2cf771302337e7ade57c862f45f38b0243c545a141a300868
    Size: 111.87 kB
  5. samba-4.10.4-10.el7.x86_64.rpm
    MD5: c71c2b0d131661d7f1c7fb277c94fe3f
    SHA-256: 38bc767bc926069bd4a33414413063a9ab05264e809e300e12ed800fd18347ac
    Size: 707.23 kB
  6. samba-client-4.10.4-10.el7.x86_64.rpm
    MD5: 7b3a9b05d7fcb9d89bff7cd9ce394d88
    SHA-256: 82fb3dfe3ba4413a0eb931c9dccda9e04a519e8a90f7711508dc51075099241c
    Size: 641.44 kB
  7. samba-client-libs-4.10.4-10.el7.x86_64.rpm
    MD5: 62ec3d106b7dde8e34e223ce5680654d
    SHA-256: 373664f66e234f497b2fe7c56557cf927630d3f99b2ec30d3c12777c27eebbcf
    Size: 4.99 MB
  8. samba-common-4.10.4-10.el7.noarch.rpm
    MD5: f544dc16e0279d499bb51a26f801626c
    SHA-256: 3b53cffdf6bf0f382e7cdf9843f6af2dff57ff43b756018b3c2c10e6152737ae
    Size: 210.49 kB
  9. samba-common-libs-4.10.4-10.el7.x86_64.rpm
    MD5: a46c9875e10c363e8eddd2e3c1cf8a4c
    SHA-256: c754a5097d583cbba8170a33876e4f8623d12a923ae81d45eb7a3c21617ac0d5
    Size: 175.09 kB
  10. samba-common-tools-4.10.4-10.el7.x86_64.rpm
    MD5: 87da83a5fc945bd31085639e5bd80643
    SHA-256: 28dc623aa7f21319bea44886235ca9aa47c5bc424c1971953b7409dc611afc2c
    Size: 461.61 kB
  11. samba-krb5-printing-4.10.4-10.el7.x86_64.rpm
    MD5: b1cecef475547c46693b21c61d63e63f
    SHA-256: 71536e1a55f0caa7ef9a4b86a256473de8100c73cf4a4d937cca5203f6ed3221
    Size: 91.30 kB
  12. samba-libs-4.10.4-10.el7.x86_64.rpm
    MD5: b16c441f54719e298b07a39761b408cb
    SHA-256: 27e198b96efa4732ca5ccaff713305d9516b82d0643395e8d336dabeaeca81f3
    Size: 269.87 kB
  13. samba-python-4.10.4-10.el7.x86_64.rpm
    MD5: 237f46a424ee6b4a25e7cf55866d5a5c
    SHA-256: 8ea033e36f127d235fa9893defa7f9d4c0690298027b867444f6b536564c3197
    Size: 2.95 MB
  14. samba-winbind-4.10.4-10.el7.x86_64.rpm
    MD5: 2a3482490348211ee6aad3bcdca75991
    SHA-256: 56629af020e30794907c944398a70363cc73f71a3f6cf41dddc2187e38d40b70
    Size: 555.16 kB
  15. samba-winbind-clients-4.10.4-10.el7.x86_64.rpm
    MD5: 50fc623a2056b7128698d1c78b79d9b7
    SHA-256: 6208f885dfcde0ac802671d4a4730b81902e627fdea777b8259ebb042d866889
    Size: 144.54 kB
  16. samba-winbind-modules-4.10.4-10.el7.x86_64.rpm
    MD5: 5c2866a2673ac287f02711d65a54a690
    SHA-256: 25bd0c22130671100fe273f1b5d2b759bc6c6c7f07e873292d5b11646a3c619c
    Size: 118.65 kB
  17. libsmbclient-4.10.4-10.el7.i686.rpm
    MD5: 9207de6794bdd076ff7159aa4bb25f6c
    SHA-256: 2a8ccf43c9e9e94ae1ba8e6855483d5fb9a4c95dbe6ef5da8682e5d4540c24ed
    Size: 141.41 kB
  18. libwbclient-4.10.4-10.el7.i686.rpm
    MD5: e487645274fcca72443ae9c6256dc411
    SHA-256: a797f71e5a6a965f00262c25bc2f3570fd16261980a39157c2b967ea90f70d3c
    Size: 112.60 kB
  19. samba-client-libs-4.10.4-10.el7.i686.rpm
    MD5: 3f6ded52399ee354cca9f09a3fc49654
    SHA-256: 42dd217e4d022fc5a2eddea9ec8991da6bfa2bfa9bbf4dc050fc96ac0e2ccc8d
    Size: 5.06 MB
  20. samba-libs-4.10.4-10.el7.i686.rpm
    MD5: b82317f45777c6e7869d1533f4c26f06
    SHA-256: 9f2ade8768b689c7ca18dfcdb439c0ac7565b8534e8f73e9cabf0023a7a613b2
    Size: 275.05 kB
  21. samba-winbind-modules-4.10.4-10.el7.i686.rpm
    MD5: ec7e20a4f4e4c0d08be81aa98a806138
    SHA-256: 4c14eda1d4386ef2ffe21ab791cd6762d843b66c978d58aec0bb8a68a232b186
    Size: 118.87 kB