Synopsis

Moderate: samba security and bug fix update

Type/Severity

Security Advisory: Moderate

Topic

Updated samba packages that fix one security issue and one bug are now
available for Red Hat Gluster Storage 3.1 for Red Hat Enterprise Linux 6
and 7.

Red Hat Product Security has rated this update as having Moderate security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.

Description

Samba is an open-source implementation of the Server Message Block (SMB) or
Common Internet File System (CIFS) protocol, which allows PC-compatible
machines to share files, printers, and other information.

A flaw was found in the way Samba handled ACLs on symbolic links.
An authenticated user could use this flaw to gain access to an arbitrary
file or directory by overwriting its ACL. (CVE-2015-7560)

Red Hat would like to thank the Samba project for reporting this issue.
Upstream acknowledges Jeremy Allison (Google) and the Samba team as the
original reporters.

This update also fixes the following bug:

• Under a high load, the vfs_glusterfs AIO code would hit a use-after-free
  error and cause a crash. This update fixes the affected code, and crashes
  no longer occur. (BZ #1315736)
  

All samba users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. After installing this
update, the smb service will be restarted automatically.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

• Red Hat Gluster Storage Server for On-premise 3 for RHEL 7 x86_64
• Red Hat Gluster Storage Server for On-premise 3 for RHEL 6 x86_64

Fixes

• BZ - 1309992 - CVE-2015-7560 samba: Incorrect ACL get/set allowed on symlink path
• BZ - 1315736 - Use after free in vfs_glusterfs AIO code.

CVEs

• CVE-2015-7560

References

• http://www.redhat.com/security/updates/classification/#normal

Red Hat Gluster Storage Server for On-premise 3 for RHEL 7

SRPM
samba-4.2.4-15.el7rhgs.src.rpm	SHA-256: 9a5d2f4a9d93623b597b1eb024b54431e045583bf282f1a6d72c0c4bc72c3c82
x86_64
ctdb-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: 28febdaa0268020a2953795235d452522fc2755bb20d3fc795a873bf39964dde
ctdb-devel-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: e297a4835b39fed00a2486e7031be773b799472b83d60d4c069e080f86170aab
ctdb-tests-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: 929c1e398623fe72e139a414fb26bfd0f5797b0a78a4f2f8ec7b83803bee161d
libsmbclient-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: 10880e543d8192f4aa66a17083df002f25f407098823fa6fb772fa15ccc1fe83
libsmbclient-devel-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: 3d6701a24fee8ff901bdfdee16915a49c60afaf040f0ae47429fb6a22c95ead6
libwbclient-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: 5589b2397f807691fa87099248dc4d1d6cdeba9b07e5e24cec9913976409d153
libwbclient-devel-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: 5f43cbb8361e4601b2c93bebfe6f46a61d37649342d7c8ec54db4fec62f29827
samba-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: 106e563e589b51b22f90a437825e68f9bc3d9dc91cd92ccb7ada9195c8f53d68
samba-client-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: f086d84a6f69946f96df17b4f3cb22333dd09f787a9d85a67d5c81e340a93f5d
samba-client-libs-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: af4e0c06098b313507164eadd64f32a0081d2311e71485fe63b44aff6419c10c
samba-common-4.2.4-15.el7rhgs.noarch.rpm	SHA-256: 7bf78b2d299f03534f5e6244435026871a596d15a660ca9752fcd7b285348e13
samba-common-libs-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: 5b9e27d3975702553a2636b37c32aefa81d32c8825248355d0f437cb4d1cd5cc
samba-common-tools-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: a5c81abf0f092521ebb9a99c9427e1a88b2d0a587de3c1b7f0effe8acd8b53c4
samba-dc-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: 347f2dfbcd083be722d3ad444baaef4948a179c1568025267ce23bda55505ccc
samba-dc-libs-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: e6e94b86c36436ba877e94e8067ea9a2eaa2425119f8f1c075f03160dbe61e0f
samba-debuginfo-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: 9162ce14ba9eada76edc64af541cfe14015331c902edbc7b4f73ef791afcbfc3
samba-devel-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: 4ae6e554b19dc736bc18b76e6796a02dff572c6f33b8af62ad0647cebe7a0b67
samba-libs-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: 63e18f4829559896e3ac7a3c78110bb04629b412d1430e6f74dfb91997b44141
samba-pidl-4.2.4-15.el7rhgs.noarch.rpm	SHA-256: fe35b8ed90f704bca11c58cf48a307e213fdbcc3b91d4fe5f7ecd9c39b5b54d7
samba-python-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: ca29906e6330d2761aacd434119c47e654ee3d69eb75f70374b79378067138f7
samba-test-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: acc33e63bcb24ea2ac72a479bc4525e39a4bfe6338df3f31d2ec9f4af56f9e7d
samba-test-devel-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: 879ab93a97e50761934226a9e7f30847a05e273cb849e641ff3e8998e3a60da2
samba-test-libs-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: 5ed79ce365ddf7069b6392179c1a281ba27024445ee42b7fbdba934689d5ce64
samba-vfs-glusterfs-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: db3305755c5a40b1f7c456dfbf54bc77c07065eb49756a5069c04afb550056fb
samba-winbind-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: 24fb9d38c3e5a1cc0c115918438a81f29d9acf1ba3bd82ffd6f05d5036785bd4
samba-winbind-clients-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: 9a50d00c52eab6fd806d57f7768ee02e054fbd84e39dd243496985b762afd8ef
samba-winbind-krb5-locator-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: 51d901220fecfb3c0225c20d2853bbeb41cdda401ace4d4bcec48702613543db
samba-winbind-modules-4.2.4-15.el7rhgs.x86_64.rpm	SHA-256: 4d2d058762ae739fa46d6d3c5abd8aace599b4eca07f264f9516c0dbe3efc709

Red Hat Gluster Storage Server for On-premise 3 for RHEL 6

SRPM
samba-4.2.4-15.el6rhs.src.rpm	SHA-256: e9c5418ad3a5fcd9e09dd6ef5a5daacb7a621a23acbb2eb0e9cdd7b52bb4c60b
x86_64
ctdb-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: 71fa037d3d10488451a85ba9c379f06eedbd08780464573864c12a9ed8ffad14
ctdb-devel-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: 32a0c8afaa9b04deca83cfcc716ee6cce9f2aadd7fa4b819c7181bc1722bb90c
ctdb-tests-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: 5e57f6f3b3029e19004f8f69bfe283298fab013d2d04ffcfd4ea9f64cb579003
libsmbclient-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: 3e0364696525d6a087335d51c1d3d372860478e524c22a429a5403b29b49878d
libsmbclient-devel-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: d5c96729900a11598839fa12c8a0a7a03ad8a213a92235d9474d138d0ac36f02
libwbclient-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: 4d9569719efc14d599c437c0059d043fe0cc14d4e0e3d4b733a8100c1de15482
libwbclient-devel-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: 62847efb2e036cbf51cc4c0d7ba25dfc85aacb6ebf8078e8201dc89770884b29
samba-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: a035234a1252e409f9ba644f148596bdc025392ddb24a55d6293ab85b0876945
samba-client-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: e178106149a21267efadcc5f7acc0a99d2e22a89d3e1cd90a28f98f045dc7e2f
samba-client-libs-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: 7e3b9ed8a59a83fd5481e0b8f0458036438d4d94eb6a377634c72e9368af122f
samba-common-4.2.4-15.el6rhs.noarch.rpm	SHA-256: 9b2ea707c1e2003593ad08a35ca2edc273b3c7c1af2f42474300ff589ec01335
samba-common-libs-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: 443e8571146893eddc4f28df1bfcafb96b0a95130cd834bdbb2006ac532e30e5
samba-common-tools-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: 60950e0ad55d15373a670f691e9cc650e71a6254e09ebafcd6c386b16bd57c89
samba-dc-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: 8e719b7453eac3f43eb0437f471ed0549ef9d309f208a9c82ba4a9b5962546db
samba-dc-libs-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: c4fb51bc5a486cdc60d061637db1028579f8300619ec6fcd092f843a724bfd3b
samba-debuginfo-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: 3285892a8f43ff5caf2b04267b564c84725085f581f4d6b4295705eb2917b41c
samba-devel-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: d7add21752a30396222a036ae1568eaf45593632f2921adf535fe7f3dbef4deb
samba-libs-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: fb1ba41b30b37290c434a0856d91b0d9849f1d1fcd042f4f560ff688da729b51
samba-pidl-4.2.4-15.el6rhs.noarch.rpm	SHA-256: 70a31a5e5c2796f583c16223544ae28504f03e5cfbbc03beff81672858edc408
samba-python-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: 668d27dee24b5a8e455432ea6203077a0b4f1223eb67b88d3a5cdff30b109fcf
samba-test-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: 9496a08e2e264dcd75a736a83d1b378dcd96c6e027af3d3428772bdb4306abdf
samba-test-devel-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: 39f2d1eca67867e7ea40718762e1598177da5a8cca7a27671108d09ae3c3bd3a
samba-test-libs-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: 92e2b78179024cede7c3f9030977be0f00e7f2ef7456ef0b63caab0588a35a3a
samba-vfs-glusterfs-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: 2b6432af16a0b7e508017dc87c754481a6b180b8b2ffca27ee109360c5540de6
samba-winbind-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: f7fcaf7307ef10fca8993ac45ddeb4d9bcac8c97f962f80eec9465584fbd9232
samba-winbind-clients-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: 38f62f62a6366ebac60ab541106ed186ec479fd0a25f8d691dff9a1dafb900a3
samba-winbind-krb5-locator-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: 754d18a7304631aa7946532fa1414c8f2959797bc643471f4481aecbf5e562a5
samba-winbind-modules-4.2.4-15.el6rhs.x86_64.rpm	SHA-256: 0ed1c74b0720bebb57d032d6c3c024eceafccbcc10ad5e5aef427e596e49b1be