samba-3.6.23-41.AXS4

エラータID: AXSA:2017-1375:01

リリース日: 
2017/03/22 Wednesday - 23:35
題名: 
samba-3.6.23-41.AXS4
影響のあるチャネル: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
Moderate
Description: 

以下項目について対処しました。

[Security Fix]
- 現時点では CVE-2016-2125, CVE-2016-2126 の情報が公開されておりません。
CVE の情報が公開され次第情報をアップデートいたします。

一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2016-2125
It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.
CVE-2016-2126
Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. samba-3.6.23-41.AXS4.src.rpm
    MD5: cec0b634cd1af71668a1a6b8faae52c2
    SHA-256: f4f4812f33ce4436cbda23f8e6fa09610dcbc7af9833f927ecc99dd2aaf6f3b9
    Size: 28.29 MB

Asianux Server 4 for x86
  1. libsmbclient-3.6.23-41.AXS4.i686.rpm
    MD5: 3b11859440a1612d75a78bf7c6a1e690
    SHA-256: bd6779ff6f6fcc398f361ece32dbaf7e7c107958634cafb21366d37852c3905f
    Size: 1.60 MB
  2. samba-3.6.23-41.AXS4.i686.rpm
    MD5: f13d34bda56e8b28bb63822074d8cc79
    SHA-256: ee64392ce5648b8d1fa71ad8d091147c5508f02f0c696f7788dae9b8c4ae3b78
    Size: 5.09 MB
  3. samba-client-3.6.23-41.AXS4.i686.rpm
    MD5: 0c0577f055b8c4c221e25b6807676a0c
    SHA-256: 20398d7f5ba2c6a7132a386a47d43a4d3b8ae6bcbd1ede31edfce802a48e2252
    Size: 10.91 MB
  4. samba-common-3.6.23-41.AXS4.i686.rpm
    MD5: 94659da681b1c58eaac96e59e882be26
    SHA-256: fbed97664d630872322176613294e752cf822e4407813a66e8c95491159cc834
    Size: 10.12 MB
  5. samba-winbind-3.6.23-41.AXS4.i686.rpm
    MD5: e89f05b0255100e346d6cd6825d85f2d
    SHA-256: a071ed57a43e7f69cfee280f910d3c437f9029099774877ed120ede57dbefabc
    Size: 2.17 MB
  6. samba-winbind-clients-3.6.23-41.AXS4.i686.rpm
    MD5: a8cf548f4d2290b9259b6c884147b004
    SHA-256: 43e5332c365edc314bdd7568776f19219a02d6583e8e0c73c7ebbbe164ca135b
    Size: 2.02 MB

Asianux Server 4 for x86_64
  1. libsmbclient-3.6.23-41.AXS4.x86_64.rpm
    MD5: 0218ca0ee0ee78923466cdc04b445e10
    SHA-256: a08beadd568d84c69f754745163cd0e01d1f831114e1b075a130821413c23187
    Size: 1.62 MB
  2. samba-3.6.23-41.AXS4.x86_64.rpm
    MD5: 73113e84b1183e05411ba3f936effc47
    SHA-256: 2182ce47361c10a2c2076e3a593b89c6560c56dbb8bb461b047a134dd1dc6753
    Size: 5.08 MB
  3. samba-client-3.6.23-41.AXS4.x86_64.rpm
    MD5: 525b880e702c194341d71b0792650548
    SHA-256: bd5e4d1ddd74a9bc706aeee0d367914a3c5e1f0c4fdb40394060242764516166
    Size: 10.98 MB
  4. samba-common-3.6.23-41.AXS4.x86_64.rpm
    MD5: bb4b645670f19bfa228578ddf6dd576a
    SHA-256: 740e7fc457dac2f9b66753d951b38c82b89d82dc1a5d10957e9f0339a790f852
    Size: 10.14 MB
  5. samba-winbind-3.6.23-41.AXS4.x86_64.rpm
    MD5: 11af31f57867e12d4b4b7e03bd2bc226
    SHA-256: 6742e7dcac941b0d0f791ae490556ca0494f54d398009f62de9ed02109c0a00e
    Size: 2.17 MB
  6. samba-winbind-clients-3.6.23-41.AXS4.x86_64.rpm
    MD5: d7697919985878c4e38b147f22b11911
    SHA-256: 7d543584113d5d71a0d01b552f25d9f6d5b7d2bc3b682c589b0a89054793da3b
    Size: 2.03 MB
  7. libsmbclient-3.6.23-41.AXS4.i686.rpm
    MD5: 3b11859440a1612d75a78bf7c6a1e690
    SHA-256: bd6779ff6f6fcc398f361ece32dbaf7e7c107958634cafb21366d37852c3905f
    Size: 1.60 MB
  8. samba-common-3.6.23-41.AXS4.i686.rpm
    MD5: 94659da681b1c58eaac96e59e882be26
    SHA-256: fbed97664d630872322176613294e752cf822e4407813a66e8c95491159cc834
    Size: 10.12 MB
  9. samba-winbind-clients-3.6.23-41.AXS4.i686.rpm
    MD5: a8cf548f4d2290b9259b6c884147b004
    SHA-256: 43e5332c365edc314bdd7568776f19219a02d6583e8e0c73c7ebbbe164ca135b
    Size: 2.02 MB