[Samba] [Announce] Samba 4.6.8, 4.5.14 and 4.4.16 Security Releases Available

Arjit Gupta arjitk.gupta at gmail.com
Tue Oct 3 10:54:11 UTC 2017


Hi Team,

Please clarify the queries.

Arjit Kumar


On Wed, Sep 27, 2017 at 1:55 PM, Arjit Gupta <arjitk.gupta at gmail.com> wrote:

> Hi Team,
>
> Workaround for
> CVE-2017-12151 :- client max protocol = NT1 and
> CVE-2017-12163 :-  server min protocol = SMB2_02
>
> are contradicting to each other.
>
> CVE-2017-12151 impacts on SMB3 protocol but workaound suggst to use NT1.
> I have below queries regarding this.
>
> Is SMB2 protocol also impacted by CVE-2017-12151 ?
> Can i use  client max protocol = SMB2 so that it does not contradict with
> workaround of  CVE-2017-12163 ?
>
>
> Arjit Kumar
>
>
> On Wed, Sep 20, 2017 at 1:37 PM, Karolin Seeger via samba-technical <
> samba-technical at lists.samba.org> wrote:
>
>> Release Announcements
>> ---------------------
>>
>> These are security releases in order to address the following defects:
>>
>> o  CVE-2017-12150 (SMB1/2/3 connections may not require signing where they
>>    should)
>> o  CVE-2017-12151 (SMB3 connections don't keep encryption across DFS
>> redirects)
>> o  CVE-2017-12163 (Server memory information leak over SMB1)
>>
>>
>> =======
>> Details
>> =======
>>
>> o  CVE-2017-12150:
>>    A man in the middle attack may hijack client connections.
>>
>> o  CVE-2017-12151:
>>    A man in the middle attack can read and may alter confidential
>>    documents transferred via a client connection, which are reached
>>    via DFS redirect when the original connection used SMB3.
>>
>> o  CVE-2017-12163:
>>    Client with write access to a share can cause server memory contents
>> to be
>>    written into a file or printer.
>>
>> For more details and workarounds, please see the security advisories:
>>
>>    o https://www.samba.org/samba/security/CVE-2017-12150.html
>>    o https://www.samba.org/samba/security/CVE-2017-12151.html
>>    o https://www.samba.org/samba/security/CVE-2017-12163.html
>>
>>
>> Changes:
>> --------
>>
>> o  Jeremy Allison <jra at samba.org>
>>    * BUG 12836: s3: smbd: Fix a read after free if a chained SMB1 call
>> goes
>>      async.
>>    * BUG 13020: CVE-2017-12163: s3:smbd: Prevent client short SMB1 write
>> from
>>      writing server memory to file.
>>
>> o  Ralph Boehme <slow at samba.org>
>>    * BUG 12885: s3/smbd: Let non_widelink_open() chdir() to directories
>>      directly.
>>
>> o  Stefan Metzmacher <metze at samba.org>
>>    * BUG 12996: CVE-2017-12151: Keep required encryption across SMB3 dfs
>>      redirects.
>>    * BUG 12997: CVE-2017-12150: Some code path don't enforce smb signing
>>      when they should.
>>
>>
>> #######################################
>> Reporting bugs & Development Discussion
>> #######################################
>>
>> Please discuss this release on the samba-technical mailing list or by
>> joining the #samba-technical IRC channel on irc.freenode.net.
>>
>> If you do report problems then please try to send high quality
>> feedback. If you don't provide vital information to help us track down
>> the problem then you will probably be ignored.  All bug reports should
>> be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
>> database (https://bugzilla.samba.org/).
>>
>>
>> ======================================================================
>> == Our Code, Our Bugs, Our Responsibility.
>> == The Samba Team
>> ======================================================================
>>
>>
>>
>> ================
>> Download Details
>> ================
>>
>> The uncompressed tarballs and patch files have been signed
>> using GnuPG (ID 6F33915B6568B7EA).  The source code can be downloaded
>> from:
>>
>>         https://download.samba.org/pub/samba/stable/
>>
>> The release notes are available online at:
>>
>>         https://www.samba.org/samba/history/samba-4.6.8.html
>>         https://www.samba.org/samba/history/samba-4.5.14.html
>>         https://www.samba.org/samba/history/samba-4.4.16.html
>>
>> Our Code, Our Bugs, Our Responsibility.
>> (https://bugzilla.samba.org/)
>>
>>                         --Enjoy
>>                         The Samba Team
>>
>
>


More information about the samba mailing list