[USN-4121-1] Samba vulnerability

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[USN-4121-1] Samba vulnerability

Steve Beattie
==========================================================================
Ubuntu Security Notice USN-4121-1
September 03, 2019

samba vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 19.04

Summary:

Samba would allow unintended access to files over the network.

Software Description:
- samba: SMB/CIFS file, print, and login server for Unix

Details:

Stefan Metzmacher discovered that the Samba SMB server did not properly
prevent clients from escaping outside the share root directory in
some situations. An attacker could use this to gain access to files
outside of the Samba share, where allowed by the permissions of the
underlying filesystem.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.04:
  samba                           2:4.10.0+dfsg-0ubuntu2.4

In general, a standard system update will make all the necessary changes.

References:
  https://usn.ubuntu.com/4121-1
  CVE-2019-10197

Package Information:
  https://launchpad.net/ubuntu/+source/samba/2:4.10.0+dfsg-0ubuntu2.4


--
ubuntu-security-announce mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

signature.asc (849 bytes) Download Attachment