Bug 55276 – samba: Security issue (4.4)

Bug 55276 - samba: Security issue (4.4)


Summary:	samba: Security issue (4.4)

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	Security updates
Version:	UCS 4.4
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS 4.4-9-errata
Assigned To:	Arvid Requate
QA Contact:	Erik Damrose

URL:	https://bugzilla.samba.org/show_bug.c...
Keywords:

Depends on:	55275
Blocks:
	Show dependency tree / graph

Reported:	2022-10-17 12:03 CEST by Arvid Requate
Modified:	2022-10-25 14:36 CEST (History)
CC List:	1 user (show)

See Also:
What kind of report is it?:	Security Issue
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):	Security
Max CVSS v3 score:	5.9 (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L)

Flags:	requate: Patch_Available+

Attachments
advisory (366 bytes, application/x-yaml) 2022-10-24 17:41 CEST, Erik Damrose	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Comment 1 Arvid Requate

2022-10-17 13:12:02 CEST

r19710 | New upstream patch

I took the upstream patch for 4.15 and had to adjust a few of patch contexts. Compared it also to the upstream patch for 4.12 which has been made available later.

Package: samba                                                                                                       
Version: 2:4.10.18-1A~4.4.0.202208101445                                                                     
Branch: ucs_4.4-0                                                                                      
Scope: errata4.4-9

Comment 2 Arvid Requate

2022-10-17 16:26:29 CEST

19711 | adjust for 4.10 (pre 6107c79c90fd)

Package: samba
Version: 2:4.10.18-1A~4.4.0.202210171600
Branch: ucs_4.4-0
Scope: errata4.4-9

Comment 3 Erik Damrose

2022-10-19 15:15:31 CEST

The fix at this bug is for the security issue:
CVE-2022-3437 Heimdal des/des3 overflow

At the same time another issue will be disclosed and released. But that issue only affects samba 4.17, which means that UCS is not affected:
CVE-2022-3592 A malicious client can use a symlink to escape the exported directory

Comment 4 Erik Damrose

2022-10-24 09:22:45 CEST

OK: 98_CVE-2022-3437-des3-overflow-v4a-4.10.quilt
OK: patch applied during build, samba 2:4.10.18-1A~4.4.0.202210171600
OK: Tests

We need an advisory for the release

Comment 5 Erik Damrose

2022-10-24 17:41:22 CEST

Created attachment 10999 [details]
advisory

Comment 6 Erik Damrose

2022-10-24 17:41:46 CEST

OK: Advisory
Verified

Comment 7 Erik Damrose

2022-10-25 12:08:10 CEST

<https://errata.software-univention.de/#/?erratum=4.4x1325>