Bugzilla – Full Text Bug Listing |
Summary: | VUL-0: CVE-2019-14833: samba: Accent with "check script password" | ||
---|---|---|---|
Product: | [Novell Products] SUSE Security Incidents | Reporter: | Marcus Meissner <meissner> |
Component: | Incidents | Assignee: | Security Team bot <security-team> |
Status: | RESOLVED FIXED | QA Contact: | Security Team bot <security-team> |
Severity: | Normal | ||
Priority: | P3 - Medium | CC: | rfrohl, scabrero |
Version: | unspecified | ||
Target Milestone: | --- | ||
Hardware: | Other | ||
OS: | Other | ||
URL: | https://smash.suse.de/issue/245235/ | ||
Whiteboard: | CVSSv2:NVD:CVE-2019-14833:4.9:(AV:N/AC:M/Au:S/C:P/I:P/A:N) CVSSv3:NVD:CVE-2019-14833:5.4:(AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N) CVSSv3:SUSE:CVE-2019-14833:4.2:(AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N) | ||
Found By: | --- | Services Priority: | |
Business Priority: | Blocker: | --- | |
Marketing QA Status: | --- | IT Deployment: | --- |
Comment 2
Marcus Meissner
2019-10-29 10:38:40 UTC
SUSE-SU-2019:2866-1: An update that solves three vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 1144902,1148539,1152143,1154289,1154598 CVE References: CVE-2019-10218,CVE-2019-14833,CVE-2019-14847 Sources used: SUSE Linux Enterprise Module for Python2 15-SP1 (src): samba-4.9.5+git.210.ab0549acb05-3.14.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src): samba-4.9.5+git.210.ab0549acb05-3.14.1 SUSE Linux Enterprise Module for Basesystem 15-SP1 (src): samba-4.9.5+git.210.ab0549acb05-3.14.1 SUSE Linux Enterprise High Availability 15-SP1 (src): samba-4.9.5+git.210.ab0549acb05-3.14.1 SUSE Enterprise Storage 6 (src): samba-4.9.5+git.210.ab0549acb05-3.14.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. SUSE-SU-2019:2868-1: An update that solves three vulnerabilities and has four fixes is now available. Category: security (important) Bug References: 1125601,1127153,1130245,1134452,1144902,1154289,1154598 CVE References: CVE-2019-10218,CVE-2019-14833,CVE-2019-14847 Sources used: SUSE Linux Enterprise Module for Packagehub Subpackages 15 (src): samba-4.7.11+git.186.d75219614c3-4.30.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src): samba-4.7.11+git.186.d75219614c3-4.30.1 SUSE Linux Enterprise Module for Basesystem 15 (src): samba-4.7.11+git.186.d75219614c3-4.30.1 SUSE Linux Enterprise High Availability 15 (src): samba-4.7.11+git.186.d75219614c3-4.30.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. Reassign to security team for check and close. openSUSE-SU-2019:2442-1: An update that solves three vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 1144902,1148539,1152143,1154289,1154598 CVE References: CVE-2019-10218,CVE-2019-14833,CVE-2019-14847 Sources used: openSUSE Leap 15.1 (src): samba-4.9.5+git.210.ab0549acb05-lp151.2.9.1 openSUSE-SU-2019:2458-1: An update that solves three vulnerabilities and has four fixes is now available. Category: security (important) Bug References: 1125601,1127153,1130245,1134452,1144902,1154289,1154598 CVE References: CVE-2019-10218,CVE-2019-14833,CVE-2019-14847 Sources used: openSUSE Leap 15.0 (src): samba-4.7.11+git.186.d75219614c3-lp150.3.18.2 After having a look to the patch it is not required for SLE-12-SP3. The vulnerability only affects to samba "AD DC", a functionality we do not ship in 12 SP3. -> done SUSE-SU-2020:2673-1: An update that fixes 15 vulnerabilities is now available. Category: security (important) Bug References: 1141267,1144902,1154289,1154598,1158108,1158109,1160850,1160852,1160888,1169850,1169851,1173159,1173160,1173359,1174120 CVE References: CVE-2019-10197,CVE-2019-10218,CVE-2019-14833,CVE-2019-14847,CVE-2019-14861,CVE-2019-14870,CVE-2019-14902,CVE-2019-14907,CVE-2019-19344,CVE-2020-10700,CVE-2020-10704,CVE-2020-10730,CVE-2020-10745,CVE-2020-10760,CVE-2020-14303 JIRA References: Sources used: SUSE Linux Enterprise Software Development Kit 12-SP5 (src): ldb-1.5.8-3.5.1, samba-4.10.17+git.203.862547088ca-3.14.1 SUSE Linux Enterprise Server 12-SP5 (src): ldb-1.5.8-3.5.1, samba-4.10.17+git.203.862547088ca-3.14.1 SUSE Linux Enterprise High Availability 12-SP5 (src): samba-4.10.17+git.203.862547088ca-3.14.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. |