Red Hat Customer Portal

Skip to main content

Main Navigation

  • Products & Services
    • Back
    • View All Products
    • Infrastructure and Management
      • Back
      • Red Hat Enterprise Linux
      • Red Hat Virtualization
      • Red Hat Identity Management
      • Red Hat Directory Server
      • Red Hat Certificate System
      • Red Hat Satellite
      • Red Hat Subscription Management
      • Red Hat Update Infrastructure
      • Red Hat Insights
      • Red Hat Ansible Automation Platform
    • Cloud Computing
      • Back
      • Red Hat CloudForms
      • Red Hat OpenStack Platform
      • Red Hat OpenShift Container Platform
      • Red Hat OpenShift Online
      • Red Hat OpenShift Dedicated
      • Red Hat Advanced Cluster Management for Kubernetes
      • Red Hat Quay
      • Red Hat CodeReady Workspaces
    • Storage
      • Back
      • Red Hat Gluster Storage
      • Red Hat Hyperconverged Infrastructure
      • Red Hat Ceph Storage
      • Red Hat Openshift Container Storage
    • Runtimes
      • Back
      • Red Hat Runtimes
      • Red Hat JBoss Enterprise Application Platform
      • Red Hat Data Grid
      • Red Hat JBoss Web Server
      • Red Hat Single Sign On
      • Red Hat support for Spring Boot
      • Red Hat build of Node.js
      • Red Hat build of Thorntail
      • Red Hat build of Eclipse Vert.x
      • Red Hat build of OpenJDK
      • Red Hat build of Quarkus
      • Red Hat CodeReady Studio
    • Integration and Automation
      • Back
      • Red Hat Integration
      • Red Hat Fuse
      • Red Hat AMQ
      • Red Hat 3scale API Management
      • Red Hat JBoss Data Virtualization
      • Red Hat Process Automation
      • Red Hat Process Automation Manager
      • Red Hat Decision Manager
    • Support
    • Production Support
    • Development Support
    • Product Life Cycles
    • Documentation
    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    • Services
    • Consulting
    • Technical Account Management
    • Training & Certifications
    • Ecosystem Catalog
    • Partner Resources
    • Red Hat in the Public Cloud
  • Tools
    • Back
    • Red Hat Insights
    • Tools
    • Solution Engine
    • Packages
    • Errata
    • Customer Portal Labs
    • Explore Labs
    • Configuration
    • Deployment
    • Security
    • Troubleshooting
  • Security
    • Back
    • Product Security Center
    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Security Labs
    • Resources
    • Overview
    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community
    • Back
    • Customer Portal Community
    • Discussions
    • Blogs
    • Private Groups
    • Community Activity
    • Customer Events
    • Red Hat Convergence
    • Red Hat Summit
    • Stories
    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Account
    • Back
    • Log In
    • Register
    • Red Hat Account Number:
    • Account Details
    • User Management
    • Account Maintenance
    • My Profile
    • Notifications
    • Help
    • Log Out
  • Language
    • Back
    • English
    • 한국어
    • 日本語
    • 中文 (中国)
Red Hat Customer Portal
  • Products & Services
    • Back
    • View All Products
    • Infrastructure and Management
      • Back
      • Red Hat Enterprise Linux
      • Red Hat Virtualization
      • Red Hat Identity Management
      • Red Hat Directory Server
      • Red Hat Certificate System
      • Red Hat Satellite
      • Red Hat Subscription Management
      • Red Hat Update Infrastructure
      • Red Hat Insights
      • Red Hat Ansible Automation Platform
    • Cloud Computing
      • Back
      • Red Hat CloudForms
      • Red Hat OpenStack Platform
      • Red Hat OpenShift Container Platform
      • Red Hat OpenShift Online
      • Red Hat OpenShift Dedicated
      • Red Hat Advanced Cluster Management for Kubernetes
      • Red Hat Quay
      • Red Hat CodeReady Workspaces
    • Storage
      • Back
      • Red Hat Gluster Storage
      • Red Hat Hyperconverged Infrastructure
      • Red Hat Ceph Storage
      • Red Hat Openshift Container Storage
    • Runtimes
      • Back
      • Red Hat Runtimes
      • Red Hat JBoss Enterprise Application Platform
      • Red Hat Data Grid
      • Red Hat JBoss Web Server
      • Red Hat Single Sign On
      • Red Hat support for Spring Boot
      • Red Hat build of Node.js
      • Red Hat build of Thorntail
      • Red Hat build of Eclipse Vert.x
      • Red Hat build of OpenJDK
      • Red Hat build of Quarkus
      • Red Hat CodeReady Studio
    • Integration and Automation
      • Back
      • Red Hat Integration
      • Red Hat Fuse
      • Red Hat AMQ
      • Red Hat 3scale API Management
      • Red Hat JBoss Data Virtualization
      • Red Hat Process Automation
      • Red Hat Process Automation Manager
      • Red Hat Decision Manager
    • Support
    • Production Support
    • Development Support
    • Product Life Cycles
    • Documentation
    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    • Services
    • Consulting
    • Technical Account Management
    • Training & Certifications
    • Ecosystem Catalog
    • Partner Resources
    • Red Hat in the Public Cloud
  • Tools
    • Back
    • Red Hat Insights
    • Tools
    • Solution Engine
    • Packages
    • Errata
    • Customer Portal Labs
    • Explore Labs
    • Configuration
    • Deployment
    • Security
    • Troubleshooting
  • Security
    • Back
    • Product Security Center
    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Security Labs
    • Resources
    • Overview
    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community
    • Back
    • Customer Portal Community
    • Discussions
    • Blogs
    • Private Groups
    • Community Activity
    • Customer Events
    • Red Hat Convergence
    • Red Hat Summit
    • Stories
    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Account
    • Back
    • Log In
    • Register
    • Red Hat Account Number:
    • Account Details
    • User Management
    • Account Maintenance
    • My Profile
    • Notifications
    • Help
    • Log Out
  • Language
    • Back
    • English
    • 한국어
    • 日本語
    • 中文 (中国)
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Search
  • Log In
  • Language
Or troubleshoot an issue.

Log in to Your Red Hat Account

Log In

Your Red Hat account gives you access to your profile, preferences, and services, depending on your status.

Register

If you are a new customer, register now for access to product evaluations and purchasing capabilities.

Need access to an account?

If your company has an existing Red Hat account, your organization administrator can grant you access.

If you have any questions, please contact customer service.

Red Hat Account Number:

Red Hat Account

  • Account Details
  • User Management
  • Account Maintenance
  • Account Team

Customer Portal

  • My Profile
  • Notifications
  • Help

For your security, if you’re on a public computer and have finished using your Red Hat services, please be sure to log out.

Log Out

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)
Red Hat Customer Portal Red Hat Customer Portal
  • Products & Services
  • Tools
  • Security
  • Community
  • Infrastructure and Management

  • Cloud Computing

  • Storage

  • Runtimes

  • Integration and Automation

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS
  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat Openshift Container Storage
  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus
  • Red Hat CodeReady Studio
  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
View All Products
  • Support
  • Production Support
  • Development Support
  • Product Life Cycles

Services

  • Consulting
  • Technical Account Management
  • Training & Certifications
  • Documentation
  • Red Hat Enterprise Linux
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Ecosystem Catalog
  • Red Hat in the Public Cloud
  • Partner Resources

Tools

  • Solution Engine
  • Packages
  • Errata
  • Customer Portal Labs
  • Configuration
  • Deployment
  • Security
  • Troubleshooting

Red Hat Insights

Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

  • Learn more
  • Go to Insights

Red Hat Product Security Center

Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

Product Security Center

Security Updates

  • Security Advisories
  • Red Hat CVE Database
  • Security Labs

Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

  • View Responses

Resources

  • Overview
  • Security Blog
  • Security Measurement
  • Severity Ratings
  • Backporting Policies
  • Product Signing (GPG) Keys

Customer Portal Community

  • Discussions
  • Blogs
  • Private Groups
  • Community Activity

Customer Events

  • Red Hat Convergence
  • Red Hat Summit

Stories

  • Red Hat Subscription Value
  • You Asked. We Acted.
  • Open Source Communities
Red Hat Product Errata RHSA-2018:2613 - Security Advisory
Issued:
2018-09-04
Updated:
2018-09-04

RHSA-2018:2613 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: samba security, bug fix and enhancement update

Type/Severity

Security Advisory: Moderate

Topic

Updated samba packages that fix several security issues and provide several bug fixes and an enhancement are now available for Red Hat Gluster Storage 3.4 for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.

Security Fix(es):

  • samba: Weak authentication protocol regression (CVE-2018-1139)
  • samba: Insufficient input validation in libsmbclient (CVE-2018-10858)
  • samba: Null pointer indirection in printer server process (CVE-2018-1050)

Red Hat would like to thank the Samba project for reporting CVE-2018-1139 and CVE-2018-1050. Upstream acknowledges Vivek Das (Red Hat) as the original reporter of CVE-2018-1139.

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Previously, sharing a subdirectory of a Gluster volume failed with an I/O error when the shadow_copy2 vfs object was specified. This occurred because Gluster volumes are remote file systems, and shadow_copy2 only detected share paths in the local file system. This update forces the value of shadow:mountpath to '/', skipping the code related to mount point detection, and preventing this problem. However, this fix requires that the glusterfs vfs object is listed after the shadow_copy2 vfs object in the smb.conf file. (BZ#1379444)
  • As of Red Hat Gluster Storage 3.4, the libldb package is no longer shipped as an independent package in the Red Hat Gluster Storage Samba channel. The capabilities of the libldb package are now provided by a combination of the samba-client and samba-client-libs packages. In addition, the sub-packages previously provided by libldb are now provided by the samba-client and samba-client-libs packages. The samba-client sub-package provides ldb-tools, and the samba-client-libs sub-package provides pyldb. (BZ#1592794)

Enhancement(s):

  • Red Hat Gluster Storage volumes exported using SMB can now be mounted on macOS clients using Finder. Configuration instructions are provided as part of the Red Hat Gluster Storage 3.4 documentation. (BZ#1446125)

Red Hat strongly recommends upgrading to these updated packages.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the smb service will be restarted automatically.

Affected Products

  • Red Hat Gluster Storage Server for On-premise 3 for RHEL 7 x86_64

Fixes

  • BZ - 1500295 - [Samba-Mac OS]Multiple core files are generated upon delete operation in a share mount on Mac OS
  • BZ - 1505934 - [RHEL7] [Rebase] Samba: Yum update for Samba will fail due to higher versions in RHEL 7.5
  • BZ - 1511939 - [RHEL7] [Rebase] Samba rebase requires update to some dependent libraries
  • BZ - 1538771 - CVE-2018-1050 samba: Null pointer indirection in printer server process
  • BZ - 1547976 - [Samba-Iozone] Iozone stopped working throws fsync error over a gluster-smb share on windows
  • BZ - 1566113 - ctdb: Configuration file /usr/lib/systemd/system/ctdb.service is marked executable.
  • BZ - 1589651 - CVE-2018-1139 samba: Weak authentication protocol regression
  • BZ - 1612805 - CVE-2018-10858 samba: insufficient input validation in libsmbclient
  • BZ - 1619108 - [Samba] Unable to create files and directories in the root path of a smb mount in windows client

CVEs

  • CVE-2018-1050
  • CVE-2018-1139
  • CVE-2018-10858

References

  • https://access.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Gluster Storage Server for On-premise 3 for RHEL 7

SRPM
libtalloc-2.1.11-1.el7rhgs.src.rpm SHA-256: e8d3c0a893726e6b7ecd1cdf97caffd0f05e3e020d4467e03548549b40910564
libtdb-1.3.15-4.el7rhgs.src.rpm SHA-256: 75ca5265c24f30010e016e6182674b5ecbdf37274492db4e1b2eb9720d4f6333
libtevent-0.9.35-1.el7rhgs.src.rpm SHA-256: 0be07060ee1789bbdfb0a6e411e46b46145a875d65ff14a443680604fc521759
samba-4.7.5-110.el7rhgs.src.rpm SHA-256: a9e6c47c04c5ec41486990cb1c14ae4b7a864cb2e043c726231ebbd01e544b7b
x86_64
ctdb-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: c34b198b1586b71357f53190605e0fdda9219d1fb727c23f1dd0e7d5f0115a68
libsmbclient-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: bcb99dbcc71230399494797d6f23a1e4febf21cb8b454aee687c42251d43e40d
libsmbclient-devel-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: 599215409b397153d2a80ea2daf85dda4ce7cc46c3b9686e23dc82920447ab92
libtalloc-2.1.11-1.el7rhgs.x86_64.rpm SHA-256: 281c74095bec00ee380fb3529fcf55d83a3ea4d745d7e2adb93a4ac17f5f8143
libtalloc-debuginfo-2.1.11-1.el7rhgs.x86_64.rpm SHA-256: b98c8a884f32741c7d9c61198445ad1006e0c97c69fd42f501413fc3dbe8a504
libtalloc-devel-2.1.11-1.el7rhgs.x86_64.rpm SHA-256: 8f49758e1f74e4a6d165545b8095b69a6be0360831166af252bbf7cd5c70218d
libtdb-1.3.15-4.el7rhgs.x86_64.rpm SHA-256: b099477be5744ae1cb0cbecf1b5aa95699e49d207ef1c6bf52827873919cc978
libtdb-debuginfo-1.3.15-4.el7rhgs.x86_64.rpm SHA-256: c50b8eb4cdd2ed475623e704ff16fd98d4bc7019cabb74bee9fa08d3f5c90991
libtdb-devel-1.3.15-4.el7rhgs.x86_64.rpm SHA-256: fad71c027f2c5dd0893bf57152aaaf6b181435d133bf0be618fc09e8ba162c11
libtevent-0.9.35-1.el7rhgs.x86_64.rpm SHA-256: c30a14ede44511cdef22e9e39824f7177d7ae187dcc0b540ef103bf51d88f1d5
libtevent-debuginfo-0.9.35-1.el7rhgs.x86_64.rpm SHA-256: b99ed940323f6e10a4a6739c058ba3398975a70755194a82c59e53027f8843f3
libtevent-devel-0.9.35-1.el7rhgs.x86_64.rpm SHA-256: 377cab8dc9dd941b79f69e1c2e4344b0923fccba11ea1eed9bd7e19968fc7013
libwbclient-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: 38346b190173178b11fa6fb8d99f15411a52ebaa32eb8839c397befb0747514f
libwbclient-devel-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: 050ad084514eeda9354d7a8ee44cda434398b23990eb0e1cf044d2e1a8fd8c4a
pytalloc-2.1.11-1.el7rhgs.x86_64.rpm SHA-256: a6d6b579d5323a6c634d8a155e70c4bbf728a89baf0713bd484f13ffca0a0e7e
pytalloc-devel-2.1.11-1.el7rhgs.x86_64.rpm SHA-256: 2b61e12cd9a31993fa871772865cb82a54a5223fd2afdd2757b03686cdb27491
python-tdb-1.3.15-4.el7rhgs.x86_64.rpm SHA-256: fce1f974758f71c40d67b94ee2ca01ddda270af02cba1761575fbf80afe3d246
python-tevent-0.9.35-1.el7rhgs.x86_64.rpm SHA-256: 32afaa5d401524798de618cd7681e3bd8da76570baa7169f4979311ba086e11e
samba-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: 5166608510f023a8f90cb5f5e02b643387d6a42830aa6c5a9351ad89481232c1
samba-client-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: 60c267a4b38f4072c140603bab9021977935cacd4e91cbb9a7021ad503028dcd
samba-client-libs-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: 5a94c2ad519659e0b5f0a6ca1b5335adb7388b03f3e0e9f52f9fd28e6c0f724f
samba-common-4.7.5-110.el7rhgs.noarch.rpm SHA-256: 9da6eb605f56f599cd722e6d0de86226088fd32b2b51200d7282a30413f3ebe7
samba-common-libs-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: 5e4d37b7156d3f32c4a5a8ba6411943b9840fc1a0ec43e1a6d474dbe7637459b
samba-common-tools-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: 7f65dc8f34a4285e96abdc8d4179e89056985e99e3b8f6a273a04daee5d3b76f
samba-dc-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: 83bd170511621c65840be34c17ba2e3faa4441793db164302d8d320a73e92467
samba-dc-libs-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: 4cb84ef47f7cea874cbfa4d36dd9d2650d8e414ddaf75c8dc8477f1677dce1a6
samba-debuginfo-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: 6826f2dbd11ed46280ad30ccd43551dd4db9095e407991362d70d1ae526383d9
samba-devel-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: 4d4d0b28dacda1a77748c47437a9ea7b5fdb81dbe427d1e890ada925b2185323
samba-krb5-printing-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: cd276dd4abf500bb779331e98b85676c9b965478b7b85c57c2aad847667fde12
samba-libs-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: af992d7a9444b270362ce42f325decbb50a32de53c90d5c0b0e9c1679f40c893
samba-pidl-4.7.5-110.el7rhgs.noarch.rpm SHA-256: ce8c5de5405a5ee70bd090c678cf28b974425fc52c4bb2da64e5c3ec92bf35f1
samba-python-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: 914e3597d567a57329523e688f34861d321ac5d15e9f06576511866aaecbe128
samba-vfs-glusterfs-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: 35c12697a9b0db7a91500910c162746b7d95dc60064fa5577eb24291c2f47a1e
samba-winbind-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: 31b2f3d3fd288318856a3e464defcc4e7385c804eecb4afc349b9e6abd4d1f42
samba-winbind-clients-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: 8f2881d501e8351b9c064a664277396e2f310355a118a02f8dc0a9623466e5a0
samba-winbind-krb5-locator-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: 11d9ad14bf76caedf01a2a76f2dbad014df34fdc0fcc2c6a288f9228a6146027
samba-winbind-modules-4.7.5-110.el7rhgs.x86_64.rpm SHA-256: 84a96e62fb6a0403ee034dd18a96f156fb7ec92ba287b9522936ab2ee738f2d7
tdb-tools-1.3.15-4.el7rhgs.x86_64.rpm SHA-256: 3485b6aab67896bc8c84f079f3b93c4055bc2d083203267924cd2f3776307c18

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • openshift.com
  • developers.redhat.com
  • connect.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2021 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter Facebook