Red Hat Security Advisory 2021-3724-01 – Torchsec
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: samba security, bug fix and enhancement update
Advisory ID: RHSA-2021:3724-01
Product: Red Hat Gluster Storage
Advisory URL: https://access.redhat.com/errata/RHSA-2021:3724
Issue date: 2021-10-05
CVE Names: CVE-2021-20254
=====================================================================
1. Summary:
Updated samba packages that fix several bugs with added enhancement are now
available for Red Hat Gluster Storage 3.5 on Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Gluster 3.5 Samba on RHEL-8 - noarch, x86_64
3. Description:
Red Hat Gluster Storage is a software only scale-out storage solution that
provides flexible and affordable unstructured data storage. It unifies data
storage and infrastructure, increases performance, and improves
availability and manageability to meet enterprise-level storage challenges.
Security Fix(es):
* samba: Negative idmap cache entries can cause incorrect group entries in
the Samba file server process token (CVE-2021-20254)
Users of samba with Red Hat Gluster Storage are advised to upgrade to these
updated packages.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1944778 - /sbin/ldconfig: /lib64/libsmbldap.so.2 is not a symbolic link
1949442 - CVE-2021-20254 samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token
1975274 - [Samba] Higher version of rhgs samba is required to avoid conflict with rhel-8.5 based samba version
6. Package List:
Red Hat Gluster 3.5 Samba on RHEL-8:
Source:
libtalloc-2.3.2-5.el8rhgs.src.rpm
samba-4.14.5-201.el8rhgs.src.rpm
noarch:
samba-common-4.14.5-201.el8rhgs.noarch.rpm
samba-pidl-4.14.5-201.el8rhgs.noarch.rpm
x86_64:
ctdb-4.14.5-201.el8rhgs.x86_64.rpm
ctdb-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm
libsmbclient-4.14.5-201.el8rhgs.x86_64.rpm
libsmbclient-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm
libsmbclient-devel-4.14.5-201.el8rhgs.x86_64.rpm
libtalloc-2.3.2-5.el8rhgs.x86_64.rpm
libtalloc-debuginfo-2.3.2-5.el8rhgs.x86_64.rpm
libtalloc-debugsource-2.3.2-5.el8rhgs.x86_64.rpm
libtalloc-devel-2.3.2-5.el8rhgs.x86_64.rpm
libwbclient-4.14.5-201.el8rhgs.x86_64.rpm
libwbclient-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm
libwbclient-devel-4.14.5-201.el8rhgs.x86_64.rpm
python3-samba-4.14.5-201.el8rhgs.x86_64.rpm
python3-samba-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm
python3-talloc-2.3.2-5.el8rhgs.x86_64.rpm
python3-talloc-debuginfo-2.3.2-5.el8rhgs.x86_64.rpm
python3-talloc-devel-2.3.2-5.el8rhgs.x86_64.rpm
samba-4.14.5-201.el8rhgs.x86_64.rpm
samba-client-4.14.5-201.el8rhgs.x86_64.rpm
samba-client-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm
samba-client-libs-4.14.5-201.el8rhgs.x86_64.rpm
samba-client-libs-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm
samba-common-libs-4.14.5-201.el8rhgs.x86_64.rpm
samba-common-libs-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm
samba-common-tools-4.14.5-201.el8rhgs.x86_64.rpm
samba-common-tools-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm
samba-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm
samba-debugsource-4.14.5-201.el8rhgs.x86_64.rpm
samba-devel-4.14.5-201.el8rhgs.x86_64.rpm
samba-krb5-printing-4.14.5-201.el8rhgs.x86_64.rpm
samba-krb5-printing-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm
samba-libs-4.14.5-201.el8rhgs.x86_64.rpm
samba-libs-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm
samba-test-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm
samba-test-libs-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm
samba-vfs-glusterfs-4.14.5-201.el8rhgs.x86_64.rpm
samba-vfs-glusterfs-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm
samba-vfs-iouring-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm
samba-winbind-4.14.5-201.el8rhgs.x86_64.rpm
samba-winbind-clients-4.14.5-201.el8rhgs.x86_64.rpm
samba-winbind-clients-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm
samba-winbind-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm
samba-winbind-krb5-locator-4.14.5-201.el8rhgs.x86_64.rpm
samba-winbind-krb5-locator-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm
samba-winbind-modules-4.14.5-201.el8rhgs.x86_64.rpm
samba-winbind-modules-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm
samba-winexe-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-20254
https://access.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYVvgZdzjgjWX9erEAQh6cw/9E8p3+Vu7AJBlCpSBgG2SQuYhSyAzdkwX
WOXjFgfOYIdssUZ99bzNqFhCyD4JwDSm1l4gbrJ2MWNLuajNFDLG7iFTx+hfBMpn
xWjQfnuEiKe2ax45HwbQsHZsBvijprUtzZrKzqNsLmkbijUEvRk3GOcJJRFelkGD
655zeXLhl3UO9GzKc8z2c7OyBXb6xSSZBmid8ETsRBOu8aJDrS9hO+CBngzt0q/1
EOLQf4jBD4d8QdJ7VVcSR0B8X7kSncTOyqDLiw1kcR94AkfvQZ7p/6HN5lnRCpYC
2a1sDPUXQeukC0DmGT+9mXKzCXVklDjZXDrF2dsELFYx8Gzv1f+DPnhiFqpLNszb
dWW8MNrNPbuW1dHyIR9kWGV6OgyL7gwlsyBKKZh5WQbKPYt8IrYXvkba0bqwLLZT
De/x/nBr1nwxljnhJ47+JLRP6sbhVPDQIwiNxk+qYo+pXV4fDTs9RGtyAeUQr5ef
UsY02Jrt0/1WV2JXA2TaBEZYQk/sFlVisTh/vDZCvvSmPB3E5UA5KVehI07mURJc
NivaMBijQ1JwRkGBMiKRZbbc1rs3sXWUWTDteQ2bI5c45w/wJYeqyde5Qg/WhXGQ
xif4XA/XAoQe/DF6NtWcbkYbO+pAiH3jvkTZQuH9Cv79VEalzzZRS7QqBOBYKPKW
GGpFu53LMIY=
=SblO
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
Gloss