Fedora Linux 8776 Published by

A Samba security update has been released for Fedora 31



--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-57d43f3b58
2019-11-14 01:11:58.739660
--------------------------------------------------------------------------------

Name : samba
Product : Fedora 31
Version : 4.11.2
Release : 1.fc31
URL : http://www.samba.org/
Summary : Server and Client software to interoperate with Windows machines
Description :
Samba is the standard Windows interoperability suite of programs for Linux and
Unix.

--------------------------------------------------------------------------------
Update Information:

Update code to deal with removal of DES support in MIT Kerberos. ---- Update
to Samba 4.11.2 - Security fixes for CVE-2019-10218, CVE-2019-14833 ---- Since
MIT Kerberos deprecated use of DES encryption type, restore Samba AD domain
controller functionality by not using DES encryption keys. Only AES and RC4 keys
would work.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 6 2019 Alexander Bokovoy - 4.11.2-1
- Update DES removal patch
* Tue Oct 29 2019 Guenther Deschner - 4.11.2-0
- Update to Samba 4.11.2
- resolves: #1763137, #1766558 - Security fixes for CVE-2019-10218
- resolves: #1764126, #1766559 - Security fixes for CVE-2019-14833
* Sun Oct 27 2019 Alexander Bokovoy - 4.11.1-1
- resolves: #1757071 - Deploy new samba DC fails
* Fri Oct 18 2019 Guenther Deschner - 4.11.1-0
- Update to Samba 4.11.1
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #1763137 - CVE-2019-10218 samba: smb client vulnerable to filenames containing path separators
https://bugzilla.redhat.com/show_bug.cgi?id=1763137
[ 2 ] Bug #1764126 - CVE-2019-14833 samba: AD DC check password script does not receive full password when non-ASCII characters are used
https://bugzilla.redhat.com/show_bug.cgi?id=1764126
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-57d43f3b58' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys