Risks
Advisories
Browse
or
or
SUSE Security Update - Samba (SUSE-SU-2013:0326-1)
SUSE Security Update: Security update for Samba
______________________________________________________________________________

Announcement ID:    SUSE-SU-2013:0326-1
Rating:             important
References:         #783384 #786677 #791183 #792340 #799641 #800982

Cross-References:   CVE-2013-0213 CVE-2013-0214
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 11 SP2
                    SUSE Linux Enterprise Server 11 SP2 for VMware
                    SUSE Linux Enterprise Server 11 SP2
                    SUSE Linux Enterprise Desktop 11 SP2
______________________________________________________________________________

   An update that solves two vulnerabilities and has four
   fixes is now available.

Description:


   The Samba Web Administration Tool (SWAT) in Samba versions
   3.0.x to 4.0.1  was affected by a cross-site request
   forgery (CVE-2013-0214) and a  click-jacking attack
   (CVE-2013-0213). This has been fixed.

   Security Issue references:

   * CVE-2013-0213
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0213
   >
   * CVE-2013-0214
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0214
   >


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 11 SP2:

      zypper in -t patch sdksp2-cifs-mount-7292

   - SUSE Linux Enterprise Server 11 SP2 for VMware:

      zypper in -t patch slessp2-cifs-mount-7292

   - SUSE Linux Enterprise Server 11 SP2:

      zypper in -t patch slessp2-cifs-mount-7292

   - SUSE Linux Enterprise Desktop 11 SP2:

      zypper in -t patch sledsp2-cifs-mount-7292

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x
x86_64):

      libldb-devel-3.6.3-0.30.1
      libnetapi-devel-3.6.3-0.30.1
      libnetapi0-3.6.3-0.30.1
      libsmbclient-devel-3.6.3-0.30.1
      libsmbsharemodes-devel-3.6.3-0.30.1
      libsmbsharemodes0-3.6.3-0.30.1
      libtalloc-devel-3.6.3-0.30.1
      libtdb-devel-3.6.3-0.30.1
      libtevent-devel-3.6.3-0.30.1
      libwbclient-devel-3.6.3-0.30.1
      samba-devel-3.6.3-0.30.1

   - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64):

      ldapsmb-1.34b-12.30.1
      libldb1-3.6.3-0.30.1
      libsmbclient0-3.6.3-0.30.1
      libtalloc1-3.4.3-1.42.11
      libtalloc2-3.6.3-0.30.1
      libtdb1-3.6.3-0.30.1
      libtevent0-3.6.3-0.30.1
      libwbclient0-3.6.3-0.30.1
      samba-3.6.3-0.30.1
      samba-client-3.6.3-0.30.1
      samba-krb-printing-3.6.3-0.30.1
      samba-winbind-3.6.3-0.30.1

   - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64):

      libsmbclient0-32bit-3.6.3-0.30.1
      libtalloc1-32bit-3.4.3-1.42.11
      libtalloc2-32bit-3.6.3-0.30.1
      libtdb1-32bit-3.6.3-0.30.1
      libwbclient0-32bit-3.6.3-0.30.1
      samba-32bit-3.6.3-0.30.1
      samba-client-32bit-3.6.3-0.30.1
      samba-winbind-32bit-3.6.3-0.30.1

   - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64):

      ldapsmb-1.34b-12.30.1
      libldb1-3.6.3-0.30.1
      libsmbclient0-3.6.3-0.30.1
      libtalloc1-3.4.3-1.42.11
      libtalloc2-3.6.3-0.30.1
      libtdb1-3.6.3-0.30.1
      libtevent0-3.6.3-0.30.1
      libwbclient0-3.6.3-0.30.1
      samba-3.6.3-0.30.1
      samba-client-3.6.3-0.30.1
      samba-krb-printing-3.6.3-0.30.1
      samba-winbind-3.6.3-0.30.1

   - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64):

      libsmbclient0-32bit-3.6.3-0.30.1
      libtalloc1-32bit-3.4.3-1.42.11
      libtalloc2-32bit-3.6.3-0.30.1
      libtdb1-32bit-3.6.3-0.30.1
      libwbclient0-32bit-3.6.3-0.30.1
      samba-32bit-3.6.3-0.30.1
      samba-client-32bit-3.6.3-0.30.1
      samba-winbind-32bit-3.6.3-0.30.1

   - SUSE Linux Enterprise Server 11 SP2 (ia64):

      libsmbclient0-x86-3.6.3-0.30.1
      libtalloc1-x86-3.4.3-1.42.11
      libtalloc2-x86-3.6.3-0.30.1
      libtdb1-x86-3.6.3-0.30.1
      libwbclient0-x86-3.6.3-0.30.1
      samba-client-x86-3.6.3-0.30.1
      samba-winbind-x86-3.6.3-0.30.1
      samba-x86-3.6.3-0.30.1

   - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64):

      libldb1-3.6.3-0.30.1
      libsmbclient0-3.6.3-0.30.1
      libtalloc1-3.4.3-1.42.11
      libtalloc2-3.6.3-0.30.1
      libtdb1-3.6.3-0.30.1
      libtevent0-3.6.3-0.30.1
      libwbclient0-3.6.3-0.30.1
      samba-3.6.3-0.30.1
      samba-client-3.6.3-0.30.1
      samba-krb-printing-3.6.3-0.30.1
      samba-winbind-3.6.3-0.30.1

   - SUSE Linux Enterprise Desktop 11 SP2 (x86_64):

      libldb1-32bit-3.6.3-0.30.1
      libsmbclient0-32bit-3.6.3-0.30.1
      libtalloc1-32bit-3.4.3-1.42.11
      libtalloc2-32bit-3.6.3-0.30.1
      libtdb1-32bit-3.6.3-0.30.1
      libtevent0-32bit-3.6.3-0.30.1
      libwbclient0-32bit-3.6.3-0.30.1
      samba-32bit-3.6.3-0.30.1
      samba-client-32bit-3.6.3-0.30.1
      samba-winbind-32bit-3.6.3-0.30.1


References:

   http://support.novell.com/security/cve/CVE-2013-0213.html
   http://support.novell.com/security/cve/CVE-2013-0214.html
   https://bugzilla.novell.com/783384
   https://bugzilla.novell.com/786677
   https://bugzilla.novell.com/791183
   https://bugzilla.novell.com/792340
   https://bugzilla.novell.com/799641
   https://bugzilla.novell.com/800982
   http://download.novell.com/patch/finder/?keywords=cdf3a69eb9b0ec60da7dfbb423fc0e17




Spotlight

Leveraging network intelligence and deep packet inspection

Posted on 26 November 2014.  |  Tomer Saban, CEO of WireX Systems, talks about how deep packet inspection helps with identifying emerging threats, the role of network intelligence, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Nov 27th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //