samba-3.6.23-30.AXS4

エラータID: AXSA:2016-206:03

Release date: 
Wednesday, April 13, 2016 - 01:13
Subject: 
samba-3.6.23-30.AXS4
Affected Channels: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
High
Description: 

Samba is the suite of programs by which a lot of PC-related machines
share files, printers, and other information (such as lists of
available files and printers). The Windows NT, OS/2, and Linux
operating systems support this natively, and add-on packages can
enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS,
and more. This package provides an SMB/CIFS server that can be used to
provide network services to SMB/CIFS clients.
Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT
need the NetBEUI (Microsoft Raw NetBIOS frame) protocol.

Security issues fixed with this release:

CVE-2015-5370
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-2111
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-2112
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-2115
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-2118
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.

Solution: 

Update packages.

CVEs: 
CVE-2015-5370
Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service (application crash or CPU consumption), or possibly execute arbitrary code on a client system via unspecified vectors.
CVE-2016-2111
The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005.
CVE-2016-2112
The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream.
CVE-2016-2115
Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream.
CVE-2016-2118
The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."
Additional Info: 

N/A

Download: 

SRPMS
  1. samba-3.6.23-30.AXS4.src.rpm
    MD5: 1cd89316eb0a8e587d52697c5e61bd26
    SHA-256: 42811fb642c8e9267bec3733b4d79a52957d5bb294e63ae9af5890eeb62bc956
    Size: 28.27 MB

Asianux Server 4 for x86
  1. libsmbclient-3.6.23-30.AXS4.i686.rpm
    MD5: a005b5a25e4e852ff9ba0ee6e4b7936d
    SHA-256: bdb5ce5b0d8b7bf2e8325a98d52c2e9fe66db00ea17684612034a51c39c66c0a
    Size: 1.59 MB
  2. samba-3.6.23-30.AXS4.i686.rpm
    MD5: c10474fc07dcbf639e8528371eee5e71
    SHA-256: 2d9a84409795015dce2037e2732c57da37648709c952df46a41f772031e5ec5f
    Size: 5.08 MB
  3. samba-client-3.6.23-30.AXS4.i686.rpm
    MD5: 021b786e29fc6c31b025bd3f60c12aca
    SHA-256: 4b8e37f9e9de359d3b474732bb7061f37a3520539ad4cb81dd81860be95b78e8
    Size: 10.90 MB
  4. samba-common-3.6.23-30.AXS4.i686.rpm
    MD5: 1d1fbaf00d83043b8f560c561902fcc2
    SHA-256: a378af6837f958974b31c32d9895292671fb58e7a15a778eec98e514c58c2715
    Size: 10.10 MB
  5. samba-winbind-3.6.23-30.AXS4.i686.rpm
    MD5: fc27b93640ed37b75ee1512e4546c380
    SHA-256: aa72095b175ee807f618a65beba90ab875f744c6f7d86668122667f749f0979d
    Size: 2.17 MB
  6. samba-winbind-clients-3.6.23-30.AXS4.i686.rpm
    MD5: 7f05735b309d6bb0b8e1764fa0d765d2
    SHA-256: def9fd8d16af53e8c6a4f744ccd5e5ecf01ef29a4954ac064972c76c319ea5f5
    Size: 2.02 MB

Asianux Server 4 for x86_64
  1. libsmbclient-3.6.23-30.AXS4.x86_64.rpm
    MD5: 818dcb2176cd26d239e44fa63bdaad03
    SHA-256: e98917b252a4981ce1cd7d41c34a105d6e5aa374cfa2d3749ed7c872f2b0b171
    Size: 1.61 MB
  2. samba-3.6.23-30.AXS4.x86_64.rpm
    MD5: 20def138e666f342786b4fdce4c1eedc
    SHA-256: c40257874fa11305d91c7bce64d6e274d8514e7f3d827c83b1c2b881d802657a
    Size: 5.08 MB
  3. samba-client-3.6.23-30.AXS4.x86_64.rpm
    MD5: dfe6ddb8cae09427d605d8b130889357
    SHA-256: 8140030985368022a5779834d7f73ed0a5584f9eec76da95709cec10a1744b93
    Size: 10.97 MB
  4. samba-common-3.6.23-30.AXS4.x86_64.rpm
    MD5: 234b7b49e1a5a6da7b3be131613df3d3
    SHA-256: 7d3619fe134e235f24ba4d46c97e3d7fb2a9dd07f5d0817ebce79dcc0643c18c
    Size: 10.13 MB
  5. samba-winbind-3.6.23-30.AXS4.x86_64.rpm
    MD5: 271d405528530aa5f492fd4ef41d23fd
    SHA-256: 1758d3ca9e883f4ac4dbcf40c8f34f005c4600fd607933ee5679e738a746d7cf
    Size: 2.17 MB
  6. samba-winbind-clients-3.6.23-30.AXS4.x86_64.rpm
    MD5: 94359ba871ea4ed04978e996439d8805
    SHA-256: 66bd826efc64b4a3c066a7fc0136f5477cbfa24fa740c0d67b70ff2d9a128f0f
    Size: 2.02 MB
  7. libsmbclient-3.6.23-30.AXS4.i686.rpm
    MD5: a005b5a25e4e852ff9ba0ee6e4b7936d
    SHA-256: bdb5ce5b0d8b7bf2e8325a98d52c2e9fe66db00ea17684612034a51c39c66c0a
    Size: 1.59 MB
  8. samba-common-3.6.23-30.AXS4.i686.rpm
    MD5: 1d1fbaf00d83043b8f560c561902fcc2
    SHA-256: a378af6837f958974b31c32d9895292671fb58e7a15a778eec98e514c58c2715
    Size: 10.10 MB
  9. samba-winbind-clients-3.6.23-30.AXS4.i686.rpm
    MD5: 7f05735b309d6bb0b8e1764fa0d765d2
    SHA-256: def9fd8d16af53e8c6a4f744ccd5e5ecf01ef29a4954ac064972c76c319ea5f5
    Size: 2.02 MB