{"affected":[{"ecosystem_specific":{"binaries":[{"libsamba-policy-devel":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","libsamba-policy-python3-devel":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","libsamba-policy0-python3":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-ad-dc-libs":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-ad-dc-libs-32bit":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-ceph":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-client":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-client-32bit":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-client-libs":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-client-libs-32bit":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-devel":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-devel-32bit":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-dsdb-modules":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-gpupdate":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-ldb-ldap":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-libs":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-libs-32bit":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-libs-python3":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-python3":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-tool":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-winbind":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-winbind-libs":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-winbind-libs-32bit":"4.15.12+git.535.7750e5c95ef-150300.3.43.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP3","name":"samba","purl":"pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.15.12+git.535.7750e5c95ef-150300.3.43.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"samba-ad-dc":"4.15.12+git.535.7750e5c95ef-150300.3.43.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Python 2 15 SP3","name":"samba","purl":"pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.15.12+git.535.7750e5c95ef-150300.3.43.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ctdb":"4.15.12+git.535.7750e5c95ef-150300.3.43.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Availability Extension 15 SP3","name":"samba","purl":"pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.15.12+git.535.7750e5c95ef-150300.3.43.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"samba-client-libs":"4.15.12+git.535.7750e5c95ef-150300.3.43.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.2","name":"samba","purl":"pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Micro%205.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.15.12+git.535.7750e5c95ef-150300.3.43.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ctdb":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-ceph":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-client":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-libs":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-libs-python3":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-winbind":"4.15.12+git.535.7750e5c95ef-150300.3.43.1"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 7.1","name":"samba","purl":"pkg:rpm/suse/samba&distro=SUSE%20Enterprise%20Storage%207.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.15.12+git.535.7750e5c95ef-150300.3.43.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"samba-client-libs":"4.15.12+git.535.7750e5c95ef-150300.3.43.1"}]},"package":{"ecosystem":"openSUSE:Leap Micro 5.2","name":"samba","purl":"pkg:rpm/opensuse/samba&distro=openSUSE%20Leap%20Micro%205.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.15.12+git.535.7750e5c95ef-150300.3.43.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ctdb":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","ctdb-pcp-pmda":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","libsamba-policy-devel":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","libsamba-policy-python3-devel":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","libsamba-policy0-python3":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","libsamba-policy0-python3-32bit":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","libsamba-policy0-python3-64bit":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-ad-dc":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-ad-dc-libs":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-ad-dc-libs-32bit":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-ceph":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-client":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-client-32bit":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-client-64bit":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-client-libs":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-client-libs-32bit":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-devel":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-devel-32bit":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-doc":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-dsdb-modules":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-gpupdate":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-ldb-ldap":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-libs":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-libs-32bit":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-libs-64bit":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-libs-python3":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-libs-python3-32bit":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-libs-python3-64bit":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-python3":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-test":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-tool":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-winbind":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-winbind-libs":"4.15.12+git.535.7750e5c95ef-150300.3.43.1","samba-winbind-libs-32bit":"4.15.12+git.535.7750e5c95ef-150300.3.43.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.3","name":"samba","purl":"pkg:rpm/opensuse/samba&distro=openSUSE%20Leap%2015.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.15.12+git.535.7750e5c95ef-150300.3.43.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for samba fixes the following issues:\n\nVersion update to 4.15.12.\n\nSecurity issues fixed:\n\n- CVE-2022-2031: Fixed AD users that could have bypassed certain restrictions associated with changing passwords (bsc#1201495).\n- CVE-2022-32742: Fixed SMB1 code that does not correctly verify SMB1write, SMB1write_and_close, SMB1write_and_unlock lengths (bsc#1201496).\n- CVE-2022-32744: Fixed AD users that could have forged password change requests for any user (bsc#1201493).\n- CVE-2022-32745: Fixed AD users that could have crashed the server process with an LDAP add or modify request (bsc#1201492).\n- CVE-2022-32746: Fixed a use-after-free occurring in database audit logging (bsc#1201490).\n- CVE-2022-3437: Fixed buffer overflow in Heimdal unwrap_des3() (bsc#1204254).\n- CVE-2022-42898: Fixed Samba buffer overflow vulnerabilities on 32-bit systems (bsc#1205126).\n\nBug fixes:\n\n- Install a systemd drop-in file for named service to allow read/write access to the DLZ directory (bsc#1201689).\n- Possible use after free of connection_struct when iterating smbd_server_connection->connections (bsc#1200102).\n","id":"SUSE-SU-2022:4395-1","modified":"2022-12-09T10:03:00Z","published":"2022-12-09T10:03:00Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2022/suse-su-20224395-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1200102"},{"type":"REPORT","url":"https://bugzilla.suse.com/1201490"},{"type":"REPORT","url":"https://bugzilla.suse.com/1201492"},{"type":"REPORT","url":"https://bugzilla.suse.com/1201493"},{"type":"REPORT","url":"https://bugzilla.suse.com/1201495"},{"type":"REPORT","url":"https://bugzilla.suse.com/1201496"},{"type":"REPORT","url":"https://bugzilla.suse.com/1201689"},{"type":"REPORT","url":"https://bugzilla.suse.com/1204254"},{"type":"REPORT","url":"https://bugzilla.suse.com/1205126"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-2031"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-32742"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-32744"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-32745"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-32746"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-3437"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-42898"}],"related":["CVE-2022-2031","CVE-2022-32742","CVE-2022-32744","CVE-2022-32745","CVE-2022-32746","CVE-2022-3437","CVE-2022-42898"],"summary":"Security update for samba","upstream":["CVE-2022-2031","CVE-2022-32742","CVE-2022-32744","CVE-2022-32745","CVE-2022-32746","CVE-2022-3437","CVE-2022-42898"]}