samba4-4.2.10-11.AXS4

エラータID: AXSA:2017-2304:03

Release date: 
Monday, October 9, 2017 - 21:18
Subject: 
samba4-4.2.10-11.AXS4
Affected Channels: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
Moderate
Description: 

Samba is an open-source implementation of the Server Message Block (SMB) or
Common Internet File System (CIFS) protocol, which allows PC-compatible
machines to share files, printers, and other information.

Security Fix(es):

* It was found that samba did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text. (CVE-2017-12150)

* An information leak flaw was found in the way SMB1 protocol was implemented by Samba. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker. (CVE-2017-12163)

Asianux would like to thank the Samba project for reporting CVE-2017-12150 and
Yihan Lian and Zhibin Hu (Qihoo 360 GearTeam), Stefan Metzmacher (SerNet), and
Jeremy Allison (Google) for reporting CVE-2017-12163. Upstream acknowledges
Stefan Metzmacher (SerNet) as the original reporter of CVE-2017-12150.

CVE-2017-12150
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2017-12163
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.

Solution: 

Update packages.

CVEs: 
CVE-2017-12150
It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
CVE-2017-12163
An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker.
Additional Info: 

N/A

Download: 

SRPMS
  1. samba4-4.2.10-11.AXS4.src.rpm
    MD5: dea017ff71a562bf6a70b649b1215350
    SHA-256: 54d24bb00259d147a2aa5f2f0bec862f54b4bbf966a5be970df3bb36aa80ff8b
    Size: 16.07 MB

Asianux Server 4 for x86
  1. samba4-4.2.10-11.AXS4.i686.rpm
    MD5: 6e36ae203596f27b9150a6a37603e329
    SHA-256: 8799b8448ad9b70feaf4cd8ee6b0f5020f316df12ed433f64393ba2318b9859e
    Size: 426.11 kB
  2. samba4-client-4.2.10-11.AXS4.i686.rpm
    MD5: 545c63383a0198211bf20c875ab823b5
    SHA-256: ff7829bf6fff637d15212f387b585bcd6c4442e39fe27c0ae7238371bb505a1e
    Size: 411.96 kB
  3. samba4-common-4.2.10-11.AXS4.i686.rpm
    MD5: d5766594cda8cbbfb4011e3f214ea929
    SHA-256: 4da8b72491f60084a45dacef460a29310281c151d1097ed96b3153ad36ad85d2
    Size: 653.20 kB
  4. samba4-dc-4.2.10-11.AXS4.i686.rpm
    MD5: 8cc458c78294c9516c158b6e8051db4b
    SHA-256: 60b0ce6b187deaa2dbd0483276b5d93b890c0c60b43c12758ec10c140a303eb8
    Size: 14.69 kB
  5. samba4-dc-libs-4.2.10-11.AXS4.i686.rpm
    MD5: 62eebb8e849158b3667c652717c12283
    SHA-256: 309c2b185197ab28d4f0d617929f9b2b0ecd8f3fc49f9eb8019b66917472fd2a
    Size: 14.72 kB
  6. samba4-devel-4.2.10-11.AXS4.i686.rpm
    MD5: 2c1929aff47f02ebf6061cb5f1fb400d
    SHA-256: d02e51298717991aa967ef3b9b0dc6068d5cd43f6fcbd58fd697521df4c2e495
    Size: 316.34 kB
  7. samba4-libs-4.2.10-11.AXS4.i686.rpm
    MD5: 11d93c01f0e780a8a4b5fe14ff5d082f
    SHA-256: 0926b9597785e3ff9660c415b3d93544185664e7bef9841839d0ab4e7da70893
    Size: 4.41 MB
  8. samba4-pidl-4.2.10-11.AXS4.i686.rpm
    MD5: 3c4c5f9e31bfb5dc9421552d77fd7738
    SHA-256: a75318e945537506acd82a34832e78440d65dc08089acdf0e10649a3cde0daf4
    Size: 110.81 kB
  9. samba4-python-4.2.10-11.AXS4.i686.rpm
    MD5: ce7e349f01d5426b628e3e78b6036373
    SHA-256: e066f5c31ba4bf92d5fba634ac76bee95683e4a57c3fef21d3103710361217e7
    Size: 1.87 MB
  10. samba4-test-4.2.10-11.AXS4.i686.rpm
    MD5: c40b7bd2c6324a3c8537413644543a98
    SHA-256: fa10df7e101eb54c2521bfa139143de90831257e2a9507899ce8a2b1a01f5517
    Size: 1.53 MB
  11. samba4-winbind-4.2.10-11.AXS4.i686.rpm
    MD5: 0a7a0487e60a5ed1bd078b6dd8b6cb0a
    SHA-256: 0b4255d52a3aa83100d460401ca4d04a12d30f15a24a159dfb02cbfedd734ba9
    Size: 406.11 kB
  12. samba4-winbind-clients-4.2.10-11.AXS4.i686.rpm
    MD5: 3b37c5f68c8a743733171c72ac8e6ce4
    SHA-256: 72714650081ac1dabf86ca0ecb05f76f97ca5ee85c61cc8aebdc7eafce2b3142
    Size: 91.42 kB
  13. samba4-winbind-krb5-locator-4.2.10-11.AXS4.i686.rpm
    MD5: c35e34de2c3107c22820647842f8f930
    SHA-256: f278e324779d7dbd7e41d697ef0c1f7245fdec7d930512f6d501229f5d2d6c46
    Size: 19.17 kB

Asianux Server 4 for x86_64
  1. samba4-4.2.10-11.AXS4.x86_64.rpm
    MD5: cf205cd8c7bd7e799d0f94360900837a
    SHA-256: 3af3cdd1f72b53951917effea1c00f699a09eda2a6b873530ac850ee38d567c7
    Size: 426.50 kB
  2. samba4-client-4.2.10-11.AXS4.x86_64.rpm
    MD5: be9643bc98ddcfb577e311db54a60a14
    SHA-256: 16def53b7d882d2a62f18d59d07b7dd14cb9969af2bf4035079ccdc16045f5a2
    Size: 405.12 kB
  3. samba4-common-4.2.10-11.AXS4.x86_64.rpm
    MD5: d0cdd812839699485729794ec265932d
    SHA-256: b72b07af6fb13116d29038a7d2ba2a4eda2ff83de7b174787eef44e6578129c6
    Size: 644.96 kB
  4. samba4-dc-4.2.10-11.AXS4.x86_64.rpm
    MD5: bf9c60b1880a4bfce0eb32f4743ba331
    SHA-256: ea12c47a1c52313e9a554d476b3e4290a61da749dc532935dae1ca759c928354
    Size: 14.24 kB
  5. samba4-dc-libs-4.2.10-11.AXS4.x86_64.rpm
    MD5: ce852d1f1b23a7a4b90e4dda5e978f5b
    SHA-256: 8fd732888ae3ed31ec535ac01cf9e38fd15ced5a244749e7805260b370a111a5
    Size: 14.27 kB
  6. samba4-devel-4.2.10-11.AXS4.x86_64.rpm
    MD5: 334c7bf6ad82b4fdb44f0fa89de8e46e
    SHA-256: ecc69f1cfa7e7e7c6722df1e94d81503727fdf70c918b7319109c06a515b9908
    Size: 316.06 kB
  7. samba4-libs-4.2.10-11.AXS4.x86_64.rpm
    MD5: e28f014c10b2341772397d455b62a064
    SHA-256: 255787dac9480708279f3a9e023051ba6ea995cc52ea083dcee80fb2623ad98b
    Size: 4.35 MB
  8. samba4-pidl-4.2.10-11.AXS4.x86_64.rpm
    MD5: 1ecd4d5ea10925bd97a59651e700dcdf
    SHA-256: a2fe14480009f79f99656d174ce013c3f546d0bcb0c877fb4eb8e9ae8aed92dd
    Size: 110.37 kB
  9. samba4-python-4.2.10-11.AXS4.x86_64.rpm
    MD5: d3038d2c84fedd8db5c294f53092d421
    SHA-256: 605f4616742a3b4577d6c5023845a9d95cdb68a7b3304cdb70dac50adb6d4250
    Size: 1.92 MB
  10. samba4-test-4.2.10-11.AXS4.x86_64.rpm
    MD5: 1bd1f6e68a3091ac3e25ce2cb0add271
    SHA-256: 835b7112730093ac616480dba61ffd4e7bb6b807805984a8021df77763f1fbc8
    Size: 1.45 MB
  11. samba4-winbind-4.2.10-11.AXS4.x86_64.rpm
    MD5: a75b8d2e441a6efb73e4a3f1cf873f1b
    SHA-256: fc656547d5007eda45a49cb5e625d135dbb230be6cb3c2916afd51d90b9e2209
    Size: 395.46 kB
  12. samba4-winbind-clients-4.2.10-11.AXS4.x86_64.rpm
    MD5: ee83f82482614e051152480da2d5c186
    SHA-256: a44e5eb25e98080ece05d52da888cc95b64f2ec1363664f678e62e224b7a8065
    Size: 92.17 kB
  13. samba4-winbind-krb5-locator-4.2.10-11.AXS4.x86_64.rpm
    MD5: c5b92a20140dbf2d3494f33ed95f9bd7
    SHA-256: b6f7e5cec21962d17429aa7f63e4bb772ebcf974c73eba7758db0a9029edbb12
    Size: 18.82 kB