FEDORA-2016-48b3761baa

security update in Fedora 22 for samba

Status: stable 3 years ago

Security fix for CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118

How to install

sudo dnf upgrade --advisory=FEDORA-2016-48b3761baa

Comments 8

This update has been submitted for testing by gd.

Thanks for all the work!

karma: +1 critpath: +1 #1309987: +1 #1311893: +1 #1311902: +1 #1311903: +1 #1311910: +1 #1312082: +1 #1312084: +1 #1317990: +1 #1326453: +1

thanks

karma: +1 critpath: +1 #1309987: +1 #1311893: +1 #1311902: +1 #1311903: +1 #1311910: +1 #1312082: +1 #1312084: +1 #1317990: +1 #1326453: +1 desktop network smb: +1

gd edited this update.

This update has been pushed to testing.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

Does the system's basic functionality continue to work after this update?
#1309987 CVE-2015-5370 samba: crash in dcesrv_auth_bind_ack due to missing error check
#1311893 CVE-2016-2110 samba: Man-in-the-middle attacks possible with NTLMSSP authentication
#1311902 CVE-2016-2111 samba: Spoofing vulnerability when domain controller is configured
#1311903 CVE-2016-2112 samba: Missing downgrade detection
#1311910 CVE-2016-2113 samba: Server certificates not validated at client side
#1312082 CVE-2016-2114 samba: Samba based active directory domain controller does not enforce smb signing
#1312084 CVE-2016-2115 samba: Smb signing not required by default when smb client connection is used for ipc usage
#1317990 CVE-2016-2118 samba: SAMR and LSA man in the middle attacks
#1326453 CVE-2015-5370 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2114 CVE-2016-2115 CVE-2016-2118 samba: various flaws [fedora-all]
Test Case desktop network smb
Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
urgent
Karma
+3
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 3 years ago
in testing 3 years ago
in stable 3 years ago
modified 3 years ago

Related Bugs 9

0+3 #1309987 CVE-2015-5370 samba: crash in dcesrv_auth_bind_ack due to missing error check
0+3 #1311893 CVE-2016-2110 samba: Man-in-the-middle attacks possible with NTLMSSP authentication
0+3 #1311902 CVE-2016-2111 samba: Spoofing vulnerability when domain controller is configured
0+3 #1311903 CVE-2016-2112 samba: Missing downgrade detection
0+3 #1311910 CVE-2016-2113 samba: Server certificates not validated at client side
0+3 #1312082 CVE-2016-2114 samba: Samba based active directory domain controller does not enforce smb signing
0+3 #1312084 CVE-2016-2115 samba: Smb signing not required by default when smb client connection is used for ipc usage
0+3 #1317990 CVE-2016-2118 samba: SAMR and LSA man in the middle attacks
0+3 #1326453 CVE-2015-5370 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2114 CVE-2016-2115 CVE-2016-2118 samba: various flaws [fedora-all]

Automated Test Results

Test Cases

0+2 Test Case desktop network smb