Synopsis: Moderate: samba4 security and bug fix update
Advisory ID: SLSA-2017:0744-1
Issue Date: 2017-03-21
CVE Numbers: CVE-2016-2125
CVE-2016-2126
--
Security Fix(es):
* It was found that Samba always requested forwardable tickets when using
Kerberos authentication. A service to which Samba authenticated using
Kerberos could subsequently use the ticket to impersonate Samba to other
services or domain users. (CVE-2016-2125)
* A flaw was found in the way Samba handled PAC (Privilege Attribute
Certificate) checksums. A remote, authenticated attacker could use this
flaw to crash the winbindd process. (CVE-2016-2126)
--
SL6
x86_64
samba4-4.2.10-9.el6.x86_64.rpm
samba4-client-4.2.10-9.el6.x86_64.rpm
samba4-common-4.2.10-9.el6.x86_64.rpm
samba4-dc-4.2.10-9.el6.x86_64.rpm
samba4-dc-libs-4.2.10-9.el6.x86_64.rpm
samba4-debuginfo-4.2.10-9.el6.x86_64.rpm
samba4-devel-4.2.10-9.el6.x86_64.rpm
samba4-libs-4.2.10-9.el6.x86_64.rpm
samba4-pidl-4.2.10-9.el6.x86_64.rpm
samba4-python-4.2.10-9.el6.x86_64.rpm
samba4-test-4.2.10-9.el6.x86_64.rpm
samba4-winbind-4.2.10-9.el6.x86_64.rpm
samba4-winbind-clients-4.2.10-9.el6.x86_64.rpm
samba4-winbind-krb5-locator-4.2.10-9.el6.x86_64.rpm
i386
samba4-4.2.10-9.el6.i686.rpm
samba4-client-4.2.10-9.el6.i686.rpm
samba4-common-4.2.10-9.el6.i686.rpm
samba4-dc-4.2.10-9.el6.i686.rpm
samba4-dc-libs-4.2.10-9.el6.i686.rpm
samba4-debuginfo-4.2.10-9.el6.i686.rpm
samba4-devel-4.2.10-9.el6.i686.rpm
samba4-libs-4.2.10-9.el6.i686.rpm
samba4-pidl-4.2.10-9.el6.i686.rpm
samba4-python-4.2.10-9.el6.i686.rpm
samba4-test-4.2.10-9.el6.i686.rpm
samba4-winbind-4.2.10-9.el6.i686.rpm
samba4-winbind-clients-4.2.10-9.el6.i686.rpm
samba4-winbind-krb5-locator-4.2.10-9.el6.i686.rpm
- Scientific Linux Development Team