[Samba] Bug 12497 - Access Denied

Jonathan Hunter jmhunter1 at gmail.com
Sun Feb 16 18:52:18 UTC 2020 

Hi,

I understand that bug 12497 was originally made private before the
fixes were released, since a CVE was involved.

>From the summary details below, I think that some of my DCs might be
suffering from this bug and I would like to find out more info on it -
however, even after logging into bugzilla I still can't view the
details.

I'm not sure what samba policy is in cases such as this - will the bug
remain private?

https://bugzilla.samba.org/show_bug.cgi?id=12497

Thanks

Jonathan

On Tue, 21 Jan 2020 at 11:10, Jonathan Hunter <jmhunter1 at gmail.com> wrote:
>
> Thanks, all.
>
> This is good news for me in that I think I may have been suffering
> from bug 12497 for some time; at least, on the surface it would
> explain the problems I have had in accessing parts of my tree that
> have custom ACLs.
>
> Is this bug able to be made public on bugzilla now? Even after logging
> in I can't view the bug yet; I guess because it had been made private
> until this announcement was published.
>
> I'd like to look into the details so that I can plan what remedial
> action I need to take - i.e. if I have one DC with ACLs that work, and
> others where I can't query parts of the tree, do I need to be careful
> about replication; is there a 'forward-fix' script as part of one-time
> upgrade to these versions; etc.
>
> Many thanks :)
>
> Jonathan
>
> On Tue, 21 Jan 2020 at 09:57, Karolin Seeger via samba
> <samba at lists.samba.org> wrote:
> >
> > Release Announcements
> > ---------------------
> >
> > These are security releases in order to address the following defects:
> >
> > o CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD
> >                   Directory not automatic.
> > o CVE-2019-14907: Crash after failed character conversion at log level 3 or
> >                   above.
> > o CVE-2019-19344: Use after free during DNS zone scavenging in Samba AD DC.
> >
> >
> > =======
> > Details
> > =======
> >
> > o  CVE-2019-14902:
> >    The implementation of ACL inheritance in the Samba AD DC was not complete,
> >    and so absent a 'full-sync' replication, ACLs could get out of sync between
> >    domain controllers.
> >
> > o  CVE-2019-14907:
> >    When processing untrusted string input Samba can read past the end of the
> >    allocated buffer when printing a "Conversion error" message to the logs.
> >
> > o  CVE-2019-19344:
> >    During DNS zone scavenging (of expired dynamic entries) there is a read of
> >    memory after it has been freed.
> >
> > For more details and workarounds, please refer to the security advisories.
> >
> >
> > Changes:
> > --------
> >
> > o  Andrew Bartlett <abartlet at samba.org>
> >    * BUG 12497: CVE-2019-14902: Replication of ACLs down subtree on AD Directory
> >      not automatic.
> >    * BUG 14208: CVE-2019-14907: lib/util: Do not print the failed to convert
> >      string into the logs.
> >
> > o  Gary Lockyer <gary at catalyst.net.nz>
> >    * BUG 14050: CVE-2019-19344: kcc dns scavenging: Fix use after free in
> >      dns_tombstone_records_zone.
> >
> >
> > #######################################
> > Reporting bugs & Development Discussion
> > #######################################
> >
> > Please discuss this release on the samba-technical mailing list or by
> > joining the #samba-technical IRC channel on irc.freenode.net.
> >
> > If you do report problems then please try to send high quality
> > feedback. If you don't provide vital information to help us track down
> > the problem then you will probably be ignored.  All bug reports should
> > be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
> > database (https://bugzilla.samba.org/).
> >
> >
> > ======================================================================
> > == Our Code, Our Bugs, Our Responsibility.
> > == The Samba Team
> > ======================================================================
> >
> >
> >
> > ================
> > Download Details
> > ================
> >
> > The uncompressed tarballs and patch files have been signed
> > using GnuPG (ID 6F33915B6568B7EA).  The source code can be downloaded
> > from:
> >
> >         https://download.samba.org/pub/samba/stable/
> >
> > The release notes are available online at:
> >
> >         https://www.samba.org/samba/history/samba-4.11.5.html
> >         https://www.samba.org/samba/history/samba-4.10.12.html
> >         https://www.samba.org/samba/history/samba-4.9.18.html
> >
> > Our Code, Our Bugs, Our Responsibility.
> > (https://bugzilla.samba.org/)
> >
> >                         --Enjoy
> >                         The Samba Team
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
>
>
>
> --
> "If we knew what it was we were doing, it would not be called
> research, would it?"
>       - Albert Einstein



-- 
"If we knew what it was we were doing, it would not be called
research, would it?"
      - Albert Einstein

More information about the samba mailing list