Synopsis: Important: samba4 security update Advisory ID: SLSA-2017:3278-1 Issue Date: 2017-11-29 CVE Numbers: CVE-2017-14746 CVE-2017-15275 -- Security Fix(es): * A use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send specially-crafted SMB1 requests to cause the server to crash or execute arbitrary code. (CVE-2017-14746) * A memory disclosure flaw was found in samba. An attacker could retrieve parts of server memory, which could contain potentially sensitive data, by sending specially-crafted requests to the samba server. (CVE-2017-15275) -- SL6 x86_64 samba4-4.2.10-12.el6_9.x86_64.rpm samba4-client-4.2.10-12.el6_9.x86_64.rpm samba4-common-4.2.10-12.el6_9.x86_64.rpm samba4-dc-4.2.10-12.el6_9.x86_64.rpm samba4-dc-libs-4.2.10-12.el6_9.x86_64.rpm samba4-debuginfo-4.2.10-12.el6_9.x86_64.rpm samba4-devel-4.2.10-12.el6_9.x86_64.rpm samba4-libs-4.2.10-12.el6_9.x86_64.rpm samba4-pidl-4.2.10-12.el6_9.x86_64.rpm samba4-python-4.2.10-12.el6_9.x86_64.rpm samba4-test-4.2.10-12.el6_9.x86_64.rpm samba4-winbind-4.2.10-12.el6_9.x86_64.rpm samba4-winbind-clients-4.2.10-12.el6_9.x86_64.rpm samba4-winbind-krb5-locator-4.2.10-12.el6_9.x86_64.rpm i386 samba4-4.2.10-12.el6_9.i686.rpm samba4-client-4.2.10-12.el6_9.i686.rpm samba4-common-4.2.10-12.el6_9.i686.rpm samba4-dc-4.2.10-12.el6_9.i686.rpm samba4-dc-libs-4.2.10-12.el6_9.i686.rpm samba4-debuginfo-4.2.10-12.el6_9.i686.rpm samba4-devel-4.2.10-12.el6_9.i686.rpm samba4-libs-4.2.10-12.el6_9.i686.rpm samba4-pidl-4.2.10-12.el6_9.i686.rpm samba4-python-4.2.10-12.el6_9.i686.rpm samba4-test-4.2.10-12.el6_9.i686.rpm samba4-winbind-4.2.10-12.el6_9.i686.rpm samba4-winbind-clients-4.2.10-12.el6_9.i686.rpm samba4-winbind-krb5-locator-4.2.10-12.el6_9.i686.rpm - Scientific Linux Development Team