-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: samba security, bug fix and enhancement update Advisory ID: RHSA-2022:7056-01 Product: Red Hat Gluster Storage Advisory URL: https://access.redhat.com/errata/RHSA-2022:7056 Issue date: 2022-10-19 CVE Names: CVE-2022-32742 ==================================================================== 1. Summary: Updated samba packages that fix several bugs with added enhancements are now available for Red Hat Gluster Storage 3.5 on Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Gluster 3.5 Samba on RHEL-8 - noarch, x86_64 3. Description: Red Hat Gluster Storage is a software-only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies data storage and infrastructure, increases performance, and improves availability and manageability to meet enterprise-level storage challenges. Security Fix(es): * samba: server memory information leak via SMB1 (CVE-2022-32742) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Users of samba with Red Hat Gluster Storage are advised to upgrade to these updated packages. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2108196 - CVE-2022-32742 samba: server memory information leak via SMB1 2111605 - Yum update for Samba will fail due to higher versions of Samba in RHEL 8.7 6. Package List: Red Hat Gluster 3.5 Samba on RHEL-8: Source: samba-4.16.5-100.el8rhgs.src.rpm noarch: samba-common-4.16.5-100.el8rhgs.noarch.rpm samba-pidl-4.16.5-100.el8rhgs.noarch.rpm x86_64: ctdb-4.16.5-100.el8rhgs.x86_64.rpm ctdb-debuginfo-4.16.5-100.el8rhgs.x86_64.rpm libsmbclient-4.16.5-100.el8rhgs.x86_64.rpm libsmbclient-debuginfo-4.16.5-100.el8rhgs.x86_64.rpm libsmbclient-devel-4.16.5-100.el8rhgs.x86_64.rpm libwbclient-4.16.5-100.el8rhgs.x86_64.rpm libwbclient-debuginfo-4.16.5-100.el8rhgs.x86_64.rpm libwbclient-devel-4.16.5-100.el8rhgs.x86_64.rpm python3-samba-4.16.5-100.el8rhgs.x86_64.rpm python3-samba-debuginfo-4.16.5-100.el8rhgs.x86_64.rpm samba-4.16.5-100.el8rhgs.x86_64.rpm samba-client-4.16.5-100.el8rhgs.x86_64.rpm samba-client-debuginfo-4.16.5-100.el8rhgs.x86_64.rpm samba-client-libs-4.16.5-100.el8rhgs.x86_64.rpm samba-client-libs-debuginfo-4.16.5-100.el8rhgs.x86_64.rpm samba-common-libs-4.16.5-100.el8rhgs.x86_64.rpm samba-common-libs-debuginfo-4.16.5-100.el8rhgs.x86_64.rpm samba-common-tools-4.16.5-100.el8rhgs.x86_64.rpm samba-common-tools-debuginfo-4.16.5-100.el8rhgs.x86_64.rpm samba-debuginfo-4.16.5-100.el8rhgs.x86_64.rpm samba-debugsource-4.16.5-100.el8rhgs.x86_64.rpm samba-devel-4.16.5-100.el8rhgs.x86_64.rpm samba-krb5-printing-4.16.5-100.el8rhgs.x86_64.rpm samba-krb5-printing-debuginfo-4.16.5-100.el8rhgs.x86_64.rpm samba-libs-4.16.5-100.el8rhgs.x86_64.rpm samba-libs-debuginfo-4.16.5-100.el8rhgs.x86_64.rpm samba-test-debuginfo-4.16.5-100.el8rhgs.x86_64.rpm samba-test-libs-debuginfo-4.16.5-100.el8rhgs.x86_64.rpm samba-vfs-glusterfs-4.16.5-100.el8rhgs.x86_64.rpm samba-vfs-glusterfs-debuginfo-4.16.5-100.el8rhgs.x86_64.rpm samba-vfs-iouring-debuginfo-4.16.5-100.el8rhgs.x86_64.rpm samba-winbind-4.16.5-100.el8rhgs.x86_64.rpm samba-winbind-clients-4.16.5-100.el8rhgs.x86_64.rpm samba-winbind-clients-debuginfo-4.16.5-100.el8rhgs.x86_64.rpm samba-winbind-debuginfo-4.16.5-100.el8rhgs.x86_64.rpm samba-winbind-krb5-locator-4.16.5-100.el8rhgs.x86_64.rpm samba-winbind-krb5-locator-debuginfo-4.16.5-100.el8rhgs.x86_64.rpm samba-winbind-modules-4.16.5-100.el8rhgs.x86_64.rpm samba-winbind-modules-debuginfo-4.16.5-100.el8rhgs.x86_64.rpm samba-winexe-debuginfo-4.16.5-100.el8rhgs.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-32742 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY1C5c9zjgjWX9erEAQhJ7g/+NZJ4OyshATxJdDZz6R8bh+hnWkff0eCe 4Q8lzatiRlMd87dVYffZoVYD9vdKW6t5sT6zIjvX/s9AyOROcpxgIcbfcDQU78hk 1+3u0V2xlBjGe0ejEOR16KrbLLkfJ4P6oFJ/uTOPUdRYsmAunDMU2GzxRA8sX5tj qmahym+Laai7pD3pCF0Q+K+r3wb99pwzwlUIaeqsEwa0gGE5UXBrpbWn7OBmjoLO cV55LatcAVaLkXclu00GBi279IVcqQupVGuMRkej4yVz2K9SCiyX/M5v1lXgq6fI dl8kbF62YXSrs+Ch+YvZhbZT1EtY6hkU+PsDtCR242G8wGaiJ+IdNwIE8V3F07JV otr4MivgMQHByJoExvMl1FbXQNA7FaXVAV3Sall+DjtapWVNCr0reusEiLSKvklJ LoxfAHecg5z3qAoD53cZ2ubDywwYnNKtgS0Vn69mFkN5QhVfEzDMp6eyhNeFFBXc /1ZtqDRERs2Nuhc2Nf1jRwDHE1TdQDkoUTnjnDWrV7cYXqs7oG1eR+/wq+vVhf5G zpM1GtqKZz4WIIJROAmA/g3RXFo5uthMOMrkQCKo20lPzpX2j4HpIB++JNOcHViH WHiYShSC2hD43NtZTRnyfANnxpnhy0VPqT8EOGNxGlsjAS6QMsOz9iw6LKfYu8m1 bW7uetaK3No=G/BL -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce