Risks
Advisories
Browse
or
or
SUSE Security Update - Samba (SUSE-SU-2013:0326-1)
SUSE Security Update: Security update for Samba
______________________________________________________________________________

Announcement ID:    SUSE-SU-2013:0326-1
Rating:             important
References:         #783384 #786677 #791183 #792340 #799641 #800982

Cross-References:   CVE-2013-0213 CVE-2013-0214
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 11 SP2
                    SUSE Linux Enterprise Server 11 SP2 for VMware
                    SUSE Linux Enterprise Server 11 SP2
                    SUSE Linux Enterprise Desktop 11 SP2
______________________________________________________________________________

   An update that solves two vulnerabilities and has four
   fixes is now available.

Description:


   The Samba Web Administration Tool (SWAT) in Samba versions
   3.0.x to 4.0.1  was affected by a cross-site request
   forgery (CVE-2013-0214) and a  click-jacking attack
   (CVE-2013-0213). This has been fixed.

   Security Issue references:

   * CVE-2013-0213
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0213
   >
   * CVE-2013-0214
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0214
   >


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 11 SP2:

      zypper in -t patch sdksp2-cifs-mount-7292

   - SUSE Linux Enterprise Server 11 SP2 for VMware:

      zypper in -t patch slessp2-cifs-mount-7292

   - SUSE Linux Enterprise Server 11 SP2:

      zypper in -t patch slessp2-cifs-mount-7292

   - SUSE Linux Enterprise Desktop 11 SP2:

      zypper in -t patch sledsp2-cifs-mount-7292

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x
x86_64):

      libldb-devel-3.6.3-0.30.1
      libnetapi-devel-3.6.3-0.30.1
      libnetapi0-3.6.3-0.30.1
      libsmbclient-devel-3.6.3-0.30.1
      libsmbsharemodes-devel-3.6.3-0.30.1
      libsmbsharemodes0-3.6.3-0.30.1
      libtalloc-devel-3.6.3-0.30.1
      libtdb-devel-3.6.3-0.30.1
      libtevent-devel-3.6.3-0.30.1
      libwbclient-devel-3.6.3-0.30.1
      samba-devel-3.6.3-0.30.1

   - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64):

      ldapsmb-1.34b-12.30.1
      libldb1-3.6.3-0.30.1
      libsmbclient0-3.6.3-0.30.1
      libtalloc1-3.4.3-1.42.11
      libtalloc2-3.6.3-0.30.1
      libtdb1-3.6.3-0.30.1
      libtevent0-3.6.3-0.30.1
      libwbclient0-3.6.3-0.30.1
      samba-3.6.3-0.30.1
      samba-client-3.6.3-0.30.1
      samba-krb-printing-3.6.3-0.30.1
      samba-winbind-3.6.3-0.30.1

   - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64):

      libsmbclient0-32bit-3.6.3-0.30.1
      libtalloc1-32bit-3.4.3-1.42.11
      libtalloc2-32bit-3.6.3-0.30.1
      libtdb1-32bit-3.6.3-0.30.1
      libwbclient0-32bit-3.6.3-0.30.1
      samba-32bit-3.6.3-0.30.1
      samba-client-32bit-3.6.3-0.30.1
      samba-winbind-32bit-3.6.3-0.30.1

   - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64):

      ldapsmb-1.34b-12.30.1
      libldb1-3.6.3-0.30.1
      libsmbclient0-3.6.3-0.30.1
      libtalloc1-3.4.3-1.42.11
      libtalloc2-3.6.3-0.30.1
      libtdb1-3.6.3-0.30.1
      libtevent0-3.6.3-0.30.1
      libwbclient0-3.6.3-0.30.1
      samba-3.6.3-0.30.1
      samba-client-3.6.3-0.30.1
      samba-krb-printing-3.6.3-0.30.1
      samba-winbind-3.6.3-0.30.1

   - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64):

      libsmbclient0-32bit-3.6.3-0.30.1
      libtalloc1-32bit-3.4.3-1.42.11
      libtalloc2-32bit-3.6.3-0.30.1
      libtdb1-32bit-3.6.3-0.30.1
      libwbclient0-32bit-3.6.3-0.30.1
      samba-32bit-3.6.3-0.30.1
      samba-client-32bit-3.6.3-0.30.1
      samba-winbind-32bit-3.6.3-0.30.1

   - SUSE Linux Enterprise Server 11 SP2 (ia64):

      libsmbclient0-x86-3.6.3-0.30.1
      libtalloc1-x86-3.4.3-1.42.11
      libtalloc2-x86-3.6.3-0.30.1
      libtdb1-x86-3.6.3-0.30.1
      libwbclient0-x86-3.6.3-0.30.1
      samba-client-x86-3.6.3-0.30.1
      samba-winbind-x86-3.6.3-0.30.1
      samba-x86-3.6.3-0.30.1

   - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64):

      libldb1-3.6.3-0.30.1
      libsmbclient0-3.6.3-0.30.1
      libtalloc1-3.4.3-1.42.11
      libtalloc2-3.6.3-0.30.1
      libtdb1-3.6.3-0.30.1
      libtevent0-3.6.3-0.30.1
      libwbclient0-3.6.3-0.30.1
      samba-3.6.3-0.30.1
      samba-client-3.6.3-0.30.1
      samba-krb-printing-3.6.3-0.30.1
      samba-winbind-3.6.3-0.30.1

   - SUSE Linux Enterprise Desktop 11 SP2 (x86_64):

      libldb1-32bit-3.6.3-0.30.1
      libsmbclient0-32bit-3.6.3-0.30.1
      libtalloc1-32bit-3.4.3-1.42.11
      libtalloc2-32bit-3.6.3-0.30.1
      libtdb1-32bit-3.6.3-0.30.1
      libtevent0-32bit-3.6.3-0.30.1
      libwbclient0-32bit-3.6.3-0.30.1
      samba-32bit-3.6.3-0.30.1
      samba-client-32bit-3.6.3-0.30.1
      samba-winbind-32bit-3.6.3-0.30.1


References:

   http://support.novell.com/security/cve/CVE-2013-0213.html
   http://support.novell.com/security/cve/CVE-2013-0214.html
   https://bugzilla.novell.com/783384
   https://bugzilla.novell.com/786677
   https://bugzilla.novell.com/791183
   https://bugzilla.novell.com/792340
   https://bugzilla.novell.com/799641
   https://bugzilla.novell.com/800982
   http://download.novell.com/patch/finder/?keywords=cdf3a69eb9b0ec60da7dfbb423fc0e17




Spotlight

Bash Shellshock bug: More attacks, more patches

Posted on 29 September 2014.  |  As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it opens.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //