Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2019:3253 - Security Advisory
Issued:
2019-10-30
Updated:
2019-10-30

RHSA-2019:3253 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: samba security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for samba is now available for Red Hat Gluster Storage 3.5 on Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and various information.

The following packages have been upgraded to a later upstream version: samba (4.9.8). (BZ#1724261)

Security Fix(es):

  • samba: Combination of parameters and permissions can allow the user to escape from the share path definition (CVE-2019-10197)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Increased performance for Samba vfs_glusterfs when using pthreadpool (BZ#1743595)
  • The samba packages have been upgraded to upstream version 4.9.8 which provides a number of bug fixes and enhancements over the previous version. (BZ#1724261)

Users of Samba with Red Hat Gluster Storage are advised to upgrade to
these updated packages.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the smb service will be restarted automatically.

Affected Products

  • Red Hat Gluster Storage Server for On-premise 3 for RHEL 7 x86_64

Fixes

  • BZ - 1667895 - [Samba-MacOS] vfs_gluster_fgetxattr error messages while performing file operations in MacOS
  • BZ - 1715503 - [samba-selinux] CTDB status unhealthy after upgrade to samba-4.9.8-102
  • BZ - 1724243 - [Samba] Accommodate recent get_real_filename implementation changes in GlusterFS
  • BZ - 1724261 - [RHEL7] [Rebase] Samba rebuild required with new glusterfs
  • BZ - 1743595 - Increased performance for Samba vfs_glusterfs when using pthreadpool
  • BZ - 1746225 - CVE-2019-10197 samba: Combination of parameters and permissions can allow user to escape from the share path definition

CVEs

  • CVE-2019-10197

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/security/cve/CVE-2019-10197
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Gluster Storage Server for On-premise 3 for RHEL 7

SRPM
samba-4.9.8-109.el7rhgs.src.rpm SHA-256: 39010f8d5ab4adcca4a04deb276934d75a8e4c15d97e054f57b24a0d81810627
x86_64
ctdb-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: 9c1a2e036f0e2a77f6e6a9c26d28e67e249d19ba3e5337b66a413930782285eb
libsmbclient-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: be92c1867a94bff66e91af79bc1281352843fb26f0a8f6af91a4b90c4562e7fe
libsmbclient-devel-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: ab7e1a8f4c390688050dc17d2d5327e41beebc7b26e8537863af01d8434d3dd1
libwbclient-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: c99f5c66a507e86155fe327321e2afbf6bf68a2e265939bca9252dbd8027f905
libwbclient-devel-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: b83c5031aa0754fb2aece6931d806e594d72e5abb4b00f764d8cec6b68992143
samba-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: dbc620752ba4bf6929fd687b7c8f20f7047a0c937c448f82f8fbd3e722073b62
samba-client-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: 64d5a46d255e9597af37b16078d7e5c477deaaa45f45af351f60af37a3f6090b
samba-client-libs-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: 515f51d174451c9878a34afe0e399d65ba6cc2b340d5ab879d9de669adc6b8d6
samba-common-4.9.8-109.el7rhgs.noarch.rpm SHA-256: d5b1166d694ca53f4de363c65820a8fc0a1b7fcaf71d2e9b5f69a0f5a376f6aa
samba-common-libs-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: 14029ae39203badc8197caf49e616c79fa90668462464211032dfca1ce2cde8e
samba-common-tools-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: 081f9ec9be180c29fe8faf74932bce0f1e13d56762a7285945dad60e9fd2f18b
samba-dc-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: 4b3b0604bac2701abed4f4f9a0a5a90d3ce5ac9472721ad667b197227dd1e70f
samba-dc-libs-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: 20060de0a83ae4c9429d1986fd0310a9bdc0537ea6889e1a6696dd6536e8de79
samba-debuginfo-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: efedc152189bcdc4c1708f55a2a449f6dc767c22bb58f81596dc5c696e053af8
samba-devel-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: 7d5d913e9232c8ac56cd0fce6c8ba7ffb0c974745bb35cb9bf09ab2762f54781
samba-krb5-printing-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: ff7be7ee7b820249fee89454b5669acbeb3d9f71e91e071ee61782809446102e
samba-libs-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: f5845cfe8e731afcf6e04b8ec6d3e889774e94fffaead256a460835a837d6f29
samba-pidl-4.9.8-109.el7rhgs.noarch.rpm SHA-256: b4709e780fc2678a7d37095601aef1c10d1407c9380846a4c6589d53653ae30e
samba-python-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: 9d150b73c4d82580c4f42de0ebc85eda3585055e93d71f547b607fcae392e086
samba-vfs-glusterfs-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: b06d324736a07d80a33fa79cf812d1abe668d2b2ee576db4009a303ffc4f5ce4
samba-winbind-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: 5156d3f5b6e109305940050a50e7c135021449e928ee3923501b2824d33f5f3c
samba-winbind-clients-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: 61ba27e59a21c8529d9a0780bd2899dd7545467efb616f1df476abdd8332d1bf
samba-winbind-krb5-locator-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: c4a85ceb5e547a9d5e29d5075fd9a80163a8cded5345c48cd149eb9149eb9b1c
samba-winbind-modules-4.9.8-109.el7rhgs.x86_64.rpm SHA-256: 8f316feb56dda41594095022a6c43ed94582448a91e91bfdb3c4c91afc389939

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility