-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: samba security, bug fix and enhancement update Advisory ID: RHSA-2022:1756-01 Product: Red Hat Gluster Storage Advisory URL: https://access.redhat.com/errata/RHSA-2022:1756 Issue date: 2022-05-10 CVE Names: CVE-2021-20316 CVE-2021-44141 ==================================================================== 1. Summary: Updated samba packages that fix several bugs with added enhancement are now available for Red Hat Gluster Storage 3.5 on Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Gluster 3.5 Samba on RHEL-8 - noarch, x86_64 3. Description: Red Hat Gluster Storage is a software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies data storage and infrastructure, increases performance, and improves availability and manageability to meet enterprise-level storage challenges. Security Fix(es): * samba: Symlink race error can allow metadata read and modify outside of the exported share (CVE-2021-20316) * samba: Information leak via symlinks of existance of files or directories outside of the exported share (CVE-2021-44141) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Users of samba with Red Hat Gluster Storage are advised to upgrade to these updated packages. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2009673 - CVE-2021-20316 samba: Symlink race error can allow metadata read and modify outside of the exported share 2044187 - [Samba] Higher version of rhgs samba is required to avoid conflict with rhel-8.6 based samba version 2046120 - CVE-2021-44141 samba: Information leak via symlinks of existance of files or directories outside of the exported share 6. Package List: Red Hat Gluster 3.5 Samba on RHEL-8: Source: libtalloc-2.3.3-2.el8rhgs.src.rpm libtdb-1.4.4-2.el8rhgs.src.rpm libtevent-0.11.0-1.el8rhgs.src.rpm samba-4.15.5-100.el8rhgs.src.rpm noarch: samba-common-4.15.5-100.el8rhgs.noarch.rpm samba-pidl-4.15.5-100.el8rhgs.noarch.rpm x86_64: ctdb-4.15.5-100.el8rhgs.x86_64.rpm ctdb-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm libsmbclient-4.15.5-100.el8rhgs.x86_64.rpm libsmbclient-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm libsmbclient-devel-4.15.5-100.el8rhgs.x86_64.rpm libtalloc-2.3.3-2.el8rhgs.x86_64.rpm libtalloc-debuginfo-2.3.3-2.el8rhgs.x86_64.rpm libtalloc-debugsource-2.3.3-2.el8rhgs.x86_64.rpm libtalloc-devel-2.3.3-2.el8rhgs.x86_64.rpm libtdb-1.4.4-2.el8rhgs.x86_64.rpm libtdb-debuginfo-1.4.4-2.el8rhgs.x86_64.rpm libtdb-debugsource-1.4.4-2.el8rhgs.x86_64.rpm libtdb-devel-1.4.4-2.el8rhgs.x86_64.rpm libtevent-0.11.0-1.el8rhgs.x86_64.rpm libtevent-debuginfo-0.11.0-1.el8rhgs.x86_64.rpm libtevent-debugsource-0.11.0-1.el8rhgs.x86_64.rpm libtevent-devel-0.11.0-1.el8rhgs.x86_64.rpm libwbclient-4.15.5-100.el8rhgs.x86_64.rpm libwbclient-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm libwbclient-devel-4.15.5-100.el8rhgs.x86_64.rpm python3-samba-4.15.5-100.el8rhgs.x86_64.rpm python3-samba-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm python3-talloc-2.3.3-2.el8rhgs.x86_64.rpm python3-talloc-debuginfo-2.3.3-2.el8rhgs.x86_64.rpm python3-talloc-devel-2.3.3-2.el8rhgs.x86_64.rpm python3-tdb-1.4.4-2.el8rhgs.x86_64.rpm python3-tdb-debuginfo-1.4.4-2.el8rhgs.x86_64.rpm python3-tevent-0.11.0-1.el8rhgs.x86_64.rpm python3-tevent-debuginfo-0.11.0-1.el8rhgs.x86_64.rpm samba-4.15.5-100.el8rhgs.x86_64.rpm samba-client-4.15.5-100.el8rhgs.x86_64.rpm samba-client-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm samba-client-libs-4.15.5-100.el8rhgs.x86_64.rpm samba-client-libs-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm samba-common-libs-4.15.5-100.el8rhgs.x86_64.rpm samba-common-libs-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm samba-common-tools-4.15.5-100.el8rhgs.x86_64.rpm samba-common-tools-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm samba-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm samba-debugsource-4.15.5-100.el8rhgs.x86_64.rpm samba-devel-4.15.5-100.el8rhgs.x86_64.rpm samba-krb5-printing-4.15.5-100.el8rhgs.x86_64.rpm samba-krb5-printing-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm samba-libs-4.15.5-100.el8rhgs.x86_64.rpm samba-libs-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm samba-test-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm samba-test-libs-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm samba-vfs-glusterfs-4.15.5-100.el8rhgs.x86_64.rpm samba-vfs-glusterfs-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm samba-vfs-iouring-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm samba-winbind-4.15.5-100.el8rhgs.x86_64.rpm samba-winbind-clients-4.15.5-100.el8rhgs.x86_64.rpm samba-winbind-clients-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm samba-winbind-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm samba-winbind-krb5-locator-4.15.5-100.el8rhgs.x86_64.rpm samba-winbind-krb5-locator-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm samba-winbind-modules-4.15.5-100.el8rhgs.x86_64.rpm samba-winbind-modules-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm samba-winexe-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm tdb-tools-1.4.4-2.el8rhgs.x86_64.rpm tdb-tools-debuginfo-1.4.4-2.el8rhgs.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-20316 https://access.redhat.com/security/cve/CVE-2021-44141 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYno7o9zjgjWX9erEAQgsbBAAohnHBeVvxjgwTMcigmdYraU/Y+gKlCnd C5pmRrZLsYuB2gkU5jgRjTpDkKKO60SoIXx5+wuYVYhlED+HP4lAd6X4zZYUAZ2u JAme2D5Uz9D7MEExEqY5C465MS23hwhzMMJbL5mx9OeEiIuoqJufsv1NTR6Oq/aD PtcpTAPQG+a2wbE213RLNUkUOmR94auQyBpMuznpMaZ7+Sp/PQq9QaNbdxt8d0jm 6KaPIVVH8DT9sOVLC5Hjv9YEaN7UMmn6CV1YN6O3cxQyvbuyUtwvHDQ7A0nzU1pU ahbbjMPtDUtjOSXQoGqQmk7kD4fZGPQrmNmrs8gSdgAGWamTEIV8etadTNsotvWT 97uFPMJZOaABr1f8GL80f6N88YPBHUEivqiOsq3w96QFIvP2hAB+mJp8AYG7ObtA iZsmhTIJWJauI8IJ9UgCYH037/6FtIWxxeSn3dmizVYxoVTPP63Rx+8r4AOzsLUp CXmSvrnmus1EYCBADcs3G7UzgcLgysL6gWM5LAvfI8LF3/anRTtvjaYENd+hZZbp ysE9hXKPgCYBxOYKVe65uJO40eXkvVs6ATsR9adu9LmE1pBCvHOAbyj4TXQDJA8X dQ14erbjqJWvplJEBZo2l5XBNK1vRzCRoGjOj/djs0PoRB69HeEOMqj3xDeFLhLS 39d4PjzyZZ8=lllC -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce