-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: samba security, bug fix and enhancement update Advisory ID: RHSA-2021:3724-01 Product: Red Hat Gluster Storage Advisory URL: https://access.redhat.com/errata/RHSA-2021:3724 Issue date: 2021-10-05 CVE Names: CVE-2021-20254 ===================================================================== 1. Summary: Updated samba packages that fix several bugs with added enhancement are now available for Red Hat Gluster Storage 3.5 on Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Gluster 3.5 Samba on RHEL-8 - noarch, x86_64 3. Description: Red Hat Gluster Storage is a software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies data storage and infrastructure, increases performance, and improves availability and manageability to meet enterprise-level storage challenges. Security Fix(es): * samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token (CVE-2021-20254) Users of samba with Red Hat Gluster Storage are advised to upgrade to these updated packages. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1944778 - /sbin/ldconfig: /lib64/libsmbldap.so.2 is not a symbolic link 1949442 - CVE-2021-20254 samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token 1975274 - [Samba] Higher version of rhgs samba is required to avoid conflict with rhel-8.5 based samba version 6. Package List: Red Hat Gluster 3.5 Samba on RHEL-8: Source: libtalloc-2.3.2-5.el8rhgs.src.rpm samba-4.14.5-201.el8rhgs.src.rpm noarch: samba-common-4.14.5-201.el8rhgs.noarch.rpm samba-pidl-4.14.5-201.el8rhgs.noarch.rpm x86_64: ctdb-4.14.5-201.el8rhgs.x86_64.rpm ctdb-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm libsmbclient-4.14.5-201.el8rhgs.x86_64.rpm libsmbclient-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm libsmbclient-devel-4.14.5-201.el8rhgs.x86_64.rpm libtalloc-2.3.2-5.el8rhgs.x86_64.rpm libtalloc-debuginfo-2.3.2-5.el8rhgs.x86_64.rpm libtalloc-debugsource-2.3.2-5.el8rhgs.x86_64.rpm libtalloc-devel-2.3.2-5.el8rhgs.x86_64.rpm libwbclient-4.14.5-201.el8rhgs.x86_64.rpm libwbclient-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm libwbclient-devel-4.14.5-201.el8rhgs.x86_64.rpm python3-samba-4.14.5-201.el8rhgs.x86_64.rpm python3-samba-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm python3-talloc-2.3.2-5.el8rhgs.x86_64.rpm python3-talloc-debuginfo-2.3.2-5.el8rhgs.x86_64.rpm python3-talloc-devel-2.3.2-5.el8rhgs.x86_64.rpm samba-4.14.5-201.el8rhgs.x86_64.rpm samba-client-4.14.5-201.el8rhgs.x86_64.rpm samba-client-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm samba-client-libs-4.14.5-201.el8rhgs.x86_64.rpm samba-client-libs-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm samba-common-libs-4.14.5-201.el8rhgs.x86_64.rpm samba-common-libs-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm samba-common-tools-4.14.5-201.el8rhgs.x86_64.rpm samba-common-tools-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm samba-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm samba-debugsource-4.14.5-201.el8rhgs.x86_64.rpm samba-devel-4.14.5-201.el8rhgs.x86_64.rpm samba-krb5-printing-4.14.5-201.el8rhgs.x86_64.rpm samba-krb5-printing-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm samba-libs-4.14.5-201.el8rhgs.x86_64.rpm samba-libs-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm samba-test-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm samba-test-libs-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm samba-vfs-glusterfs-4.14.5-201.el8rhgs.x86_64.rpm samba-vfs-glusterfs-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm samba-vfs-iouring-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm samba-winbind-4.14.5-201.el8rhgs.x86_64.rpm samba-winbind-clients-4.14.5-201.el8rhgs.x86_64.rpm samba-winbind-clients-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm samba-winbind-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm samba-winbind-krb5-locator-4.14.5-201.el8rhgs.x86_64.rpm samba-winbind-krb5-locator-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm samba-winbind-modules-4.14.5-201.el8rhgs.x86_64.rpm samba-winbind-modules-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm samba-winexe-debuginfo-4.14.5-201.el8rhgs.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-20254 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYVvgZdzjgjWX9erEAQh6cw/9E8p3+Vu7AJBlCpSBgG2SQuYhSyAzdkwX WOXjFgfOYIdssUZ99bzNqFhCyD4JwDSm1l4gbrJ2MWNLuajNFDLG7iFTx+hfBMpn xWjQfnuEiKe2ax45HwbQsHZsBvijprUtzZrKzqNsLmkbijUEvRk3GOcJJRFelkGD 655zeXLhl3UO9GzKc8z2c7OyBXb6xSSZBmid8ETsRBOu8aJDrS9hO+CBngzt0q/1 EOLQf4jBD4d8QdJ7VVcSR0B8X7kSncTOyqDLiw1kcR94AkfvQZ7p/6HN5lnRCpYC 2a1sDPUXQeukC0DmGT+9mXKzCXVklDjZXDrF2dsELFYx8Gzv1f+DPnhiFqpLNszb dWW8MNrNPbuW1dHyIR9kWGV6OgyL7gwlsyBKKZh5WQbKPYt8IrYXvkba0bqwLLZT De/x/nBr1nwxljnhJ47+JLRP6sbhVPDQIwiNxk+qYo+pXV4fDTs9RGtyAeUQr5ef UsY02Jrt0/1WV2JXA2TaBEZYQk/sFlVisTh/vDZCvvSmPB3E5UA5KVehI07mURJc NivaMBijQ1JwRkGBMiKRZbbc1rs3sXWUWTDteQ2bI5c45w/wJYeqyde5Qg/WhXGQ xif4XA/XAoQe/DF6NtWcbkYbO+pAiH3jvkTZQuH9Cv79VEalzzZRS7QqBOBYKPKW GGpFu53LMIY= =SblO -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce