samba-4.2.10-7.el7

エラータID: AXSA:2016-578:06

リリース日: 
2016/07/28 Thursday - 19:05
題名: 
samba-4.2.10-7.el7
影響のあるチャネル: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

[修正内容]
以下項目について対処しました。

[Security Fix]
- Samba の libcli/smb/smbXcli_base.c には、(1) SMB2_SESSION_FLAG_IS_GUEST あるいは (2) SMB2_SESSION_FLAG_IS_NULL フラグを介して、中間者攻撃を行う攻撃者が、クライアント署名の保護メカニズムを回避し、SMB2 と SMB3 サーバになりすます脆弱性があります。 (CVE-2016-2119)

一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/

Fixed bugs:

* Previously, the "net" command in some cases failed to join the client to Active Directory (AD) because the permissions setting prevented modification of the supported Kerberos encryption type LDAP attribute. With this update, Samba has been fixed to allow joining an AD domain as a user. In addition, Samba now uses the machine account credentials to set up the Kerberos encryption types within AD for the joined machine. As a result, using "net" to join a domain now works more reliably.
* Previously, the idmap_hash module worked incorrectly when it was used together with other modules. As a consequence, user and group IDs were not mapped properly. A patch has been applied to skip already configured modules. Now, the hash module can be used as the default idmap configuration back end and IDs are resolved correctly.

解決策: 

Update packages.

CVE: 
CVE-2016-2119
libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the (1) SMB2_SESSION_FLAG_IS_GUEST or (2) SMB2_SESSION_FLAG_IS_NULL flag.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. samba-4.2.10-7.el7.src.rpm
    MD5: 536f3b7a5860abae1b3605e11547e395
    SHA-256: 79ecc3bc92ae171245f3b19339750feee1bb5369a44092b447c2a825c7f5b9ba
    Size: 14.17 MB

Asianux Server 7 for x86_64
  1. ctdb-4.2.10-7.el7.x86_64.rpm
    MD5: 816c78143584560eac71a9e8450968a4
    SHA-256: 1158891ea93c0c9edd8707e75f1960c5ee530d975488dd150c5b7de3e76350db
    Size: 472.26 kB
  2. ctdb-devel-4.2.10-7.el7.x86_64.rpm
    MD5: dbfc39b6445196dd2dda54639bccc3ae
    SHA-256: 5965d9824a8e7445a4734a53d921b5594e9ed13d31cb3032fd0cdb74b26f2f19
    Size: 97.56 kB
  3. ctdb-tests-4.2.10-7.el7.x86_64.rpm
    MD5: 0d20b655f535c42627643e357c55e18d
    SHA-256: 89a950c1086071fc535f3cd9a9a75b5ba8cb8b4b06c808b67f30a5b0d0f7f1f8
    Size: 661.50 kB
  4. libsmbclient-4.2.10-7.el7.x86_64.rpm
    MD5: bfd535557b09b7e152107617b4767fe7
    SHA-256: 870e30f9069a4f3d11de3e2742747da61f9def9434fdce11e4e1982e6f0e6b2b
    Size: 119.20 kB
  5. libwbclient-4.2.10-7.el7.x86_64.rpm
    MD5: 07f9d6493dc1b3feffbfa8fbc0fcf919
    SHA-256: 1f1b8e8664a52194f00ace016fb56e4142a431876cd8c2c631c35e0f645359d1
    Size: 96.02 kB
  6. samba-4.2.10-7.el7.x86_64.rpm
    MD5: fa077676bb6c0b2108100755601b84cd
    SHA-256: d82a5e00dabdffc3ec3a7c3698ed30012bce3a91cd98a47354d8b9aa72fd02c7
    Size: 614.42 kB
  7. samba-client-4.2.10-7.el7.x86_64.rpm
    MD5: 8b24c7fcc4b98904610e3c0ca9ae7730
    SHA-256: fc85e886de88c83251662ef9a962824bc44b5a1c1418ed2470afd85769abe5dd
    Size: 496.15 kB
  8. samba-client-libs-4.2.10-7.el7.x86_64.rpm
    MD5: 6427f41fe79d853d8965b37a15e59664
    SHA-256: 6054b7d4aebf86cebf27c9d511d573daaff1d4bcf8619f9dfb95e5e2a2a57b08
    Size: 4.32 MB
  9. samba-common-4.2.10-7.el7.noarch.rpm
    MD5: b94784001091776e4e71f6c36ecb7ff0
    SHA-256: 2c594527802b23464baeac17c595ebee62120e3dc5fc5a63433de48b2c1f744a
    Size: 271.97 kB
  10. samba-common-libs-4.2.10-7.el7.x86_64.rpm
    MD5: c04aa7983d5eb7b4cb911c699b8dd478
    SHA-256: c071df85c2780365e1f01260ce32d44a625c8430a2c6d62775c1afb47b4791fb
    Size: 156.45 kB
  11. samba-common-tools-4.2.10-7.el7.x86_64.rpm
    MD5: 108195a88ec025d65f3deac0e4694c73
    SHA-256: c19849b7796201e5644fd27709ccfea9418735e6920e8f9d2a29486a46eafaed
    Size: 444.11 kB
  12. samba-libs-4.2.10-7.el7.x86_64.rpm
    MD5: 729d92ca45f2de030720044207a6cad8
    SHA-256: 76111c3f614d386c79bca7b0305090123e14a64ccc32669952ffab4b04e42302
    Size: 259.86 kB
  13. samba-python-4.2.10-7.el7.x86_64.rpm
    MD5: 2f017f3a0726122f066e9bf95e58d8d8
    SHA-256: 81891ecb1cec159da5c301cc47a343955b76bee69815c991690a35637848f338
    Size: 2.02 MB
  14. samba-winbind-4.2.10-7.el7.x86_64.rpm
    MD5: ccfed019c18b1a406886c722603c92a6
    SHA-256: d9356ad42c3362ddbb8d99e8d29441e894311a8b93915456b787ce08692a473c
    Size: 465.75 kB
  15. samba-winbind-clients-4.2.10-7.el7.x86_64.rpm
    MD5: 458b3b494bb392581fc20dcd7f5bf28b
    SHA-256: 68c924b7269eaa02c264533e2aaf30f13d076a96dae8052f1bc29b970886db79
    Size: 119.19 kB
  16. samba-winbind-modules-4.2.10-7.el7.x86_64.rpm
    MD5: b4914194733990a0ae446ccdaa72a4a2
    SHA-256: 015b631bd870a3d1ec7912ef519e70449d2371ac89641dba4b63278315062eb1
    Size: 105.30 kB
  17. ctdb-devel-4.2.10-7.el7.i686.rpm
    MD5: 33fb5a05878f589962f6e52b76fbeabd
    SHA-256: b05db160c5a5cb3a64f8f12e93c1cbb91472b3da91f3cf387e14628c0a398aca
    Size: 97.61 kB
  18. libsmbclient-4.2.10-7.el7.i686.rpm
    MD5: 063713d10b4cfb2973caf98335935f9d
    SHA-256: f75eb019deabf091ea433ba309a9dca864237eab775732f98700150a0e78700b
    Size: 119.45 kB
  19. libwbclient-4.2.10-7.el7.i686.rpm
    MD5: 3c03defcfd87e199ce01314c556518b0
    SHA-256: f953ef32d4e97c0969de3dedced4ab357de5600d4fe67ff9521b3f2a86c8571b
    Size: 96.98 kB
  20. samba-client-libs-4.2.10-7.el7.i686.rpm
    MD5: b17059d4642444638fbb533f672a5e2d
    SHA-256: 1f173013a01e9d784b2e39487bc055a768b804823733f4a832c169a1b9c95655
    Size: 4.34 MB
  21. samba-libs-4.2.10-7.el7.i686.rpm
    MD5: ab3fe8f4e486902a62f813a3b9c32e5e
    SHA-256: 08d9ea46a0e3021cbdfb2855d3cec2fd608287d609faac2417861674df54cb77
    Size: 263.42 kB
  22. samba-winbind-modules-4.2.10-7.el7.i686.rpm
    MD5: 12d53c4ca07ab0a9ebbb1aef21aea656
    SHA-256: 2cf422ab975558d6a12ac2b5f251e7d5a8285f8e467cbf8bfaa5d2c61b947d39
    Size: 105.55 kB