Fedora Linux 8770 Published by

A samba security update has been released for Fedora 38.



[SECURITY] Fedora 38 Update: samba-4.18.8-1.fc38


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-7eb8cbf1a5
2023-10-13 01:51:39.405980
--------------------------------------------------------------------------------

Name : samba
Product : Fedora 38
Version : 4.18.8
Release : 1.fc38
URL : https://www.samba.org
Summary : Server and Client software to interoperate with Windows machines
Description :
Samba is the standard Windows interoperability suite of programs for Linux and
Unix.

--------------------------------------------------------------------------------
Update Information:

Update to version 4.18.8 - Security fixes for CVE-2023-3961, CVE-2023-4091,
CVE-2023-4154, CVE-2023-42669 and CVE-2023-42670
--------------------------------------------------------------------------------
ChangeLog:

* Tue Oct 10 2023 Guenther Deschner [gdeschner@redhat.com] - 4.18.8-1
- Update to 4.18.8
- resolves: #2241881, #2243228: Security fix for CVE-2023-3961
- resolves: #2241882, #2243231: Security fix for CVE-2023-4091
- resolves: #2241883, #2243230: Security fix for CVE-2023-4154
- resolves: #2241884, #2243229: Security fix for CVE-2023-42669
- resolves: #2241885, #2243232: Security fix for CVE-2023-42670
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2241881 - CVE-2023-3961 samba: smbd allows client access to unix domain sockets on the file system as root
https://bugzilla.redhat.com/show_bug.cgi?id=2241881
[ 2 ] Bug #2241882 - CVE-2023-4091 samba: SMB clients can truncate files with read-only permissions
https://bugzilla.redhat.com/show_bug.cgi?id=2241882
[ 3 ] Bug #2241883 - CVE-2023-4154 samba: AD DC password exposure to privileged users and RODCs
https://bugzilla.redhat.com/show_bug.cgi?id=2241883
[ 4 ] Bug #2241884 - CVE-2023-42669 samba: "rpcecho" development server allows denial of service via sleep() call on AD DC
https://bugzilla.redhat.com/show_bug.cgi?id=2241884
[ 5 ] Bug #2241885 - CVE-2023-42670 samba: AD DC Busy RPC multiple listener DoS
https://bugzilla.redhat.com/show_bug.cgi?id=2241885
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-7eb8cbf1a5' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------