An update for samba is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP2 and openEuler-20.03-LTS-SP3 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2022-1507 Final 1.0 1.0 2022-01-28 Initial 2022-01-28 2022-01-28 openEuler SA Tool V1.0 2022-01-28 samba security update An update for samba is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP2 and openEuler-20.03-LTS-SP3. Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fix(es): All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed.(CVE-2021-43566) An update for samba is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP2 and openEuler-20.03-LTS-SP3. openEuler Security has rated this update as having a security impact of low. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Low samba https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1507 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-43566 https://nvd.nist.gov/vuln/detail/CVE-2021-43566 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP2 openEuler-20.03-LTS-SP3 libsmbclient-devel-4.11.12-9.oe1.aarch64.rpm samba-devel-4.11.12-9.oe1.aarch64.rpm ctdb-tests-4.11.12-9.oe1.aarch64.rpm samba-libs-4.11.12-9.oe1.aarch64.rpm python3-samba-4.11.12-9.oe1.aarch64.rpm ctdb-4.11.12-9.oe1.aarch64.rpm samba-common-tools-4.11.12-9.oe1.aarch64.rpm samba-debuginfo-4.11.12-9.oe1.aarch64.rpm libwbclient-4.11.12-9.oe1.aarch64.rpm samba-debugsource-4.11.12-9.oe1.aarch64.rpm samba-dc-bind-dlz-4.11.12-9.oe1.aarch64.rpm samba-common-4.11.12-9.oe1.aarch64.rpm samba-test-4.11.12-9.oe1.aarch64.rpm samba-winbind-modules-4.11.12-9.oe1.aarch64.rpm python3-samba-test-4.11.12-9.oe1.aarch64.rpm samba-dc-4.11.12-9.oe1.aarch64.rpm samba-help-4.11.12-9.oe1.aarch64.rpm samba-winbind-4.11.12-9.oe1.aarch64.rpm samba-krb5-printing-4.11.12-9.oe1.aarch64.rpm python3-samba-dc-4.11.12-9.oe1.aarch64.rpm samba-4.11.12-9.oe1.aarch64.rpm samba-winbind-krb5-locator-4.11.12-9.oe1.aarch64.rpm libsmbclient-4.11.12-9.oe1.aarch64.rpm samba-client-4.11.12-9.oe1.aarch64.rpm samba-winbind-clients-4.11.12-9.oe1.aarch64.rpm libwbclient-devel-4.11.12-9.oe1.aarch64.rpm samba-dc-provision-4.11.12-9.oe1.aarch64.rpm samba-client-4.11.12-9.oe1.aarch64.rpm libwbclient-4.11.12-9.oe1.aarch64.rpm samba-test-4.11.12-9.oe1.aarch64.rpm samba-debugsource-4.11.12-9.oe1.aarch64.rpm samba-devel-4.11.12-9.oe1.aarch64.rpm samba-winbind-4.11.12-9.oe1.aarch64.rpm python3-samba-test-4.11.12-9.oe1.aarch64.rpm samba-common-4.11.12-9.oe1.aarch64.rpm libsmbclient-4.11.12-9.oe1.aarch64.rpm libwbclient-devel-4.11.12-9.oe1.aarch64.rpm samba-dc-4.11.12-9.oe1.aarch64.rpm ctdb-tests-4.11.12-9.oe1.aarch64.rpm samba-dc-provision-4.11.12-9.oe1.aarch64.rpm libsmbclient-devel-4.11.12-9.oe1.aarch64.rpm python3-samba-dc-4.11.12-9.oe1.aarch64.rpm samba-winbind-krb5-locator-4.11.12-9.oe1.aarch64.rpm samba-dc-bind-dlz-4.11.12-9.oe1.aarch64.rpm samba-winbind-modules-4.11.12-9.oe1.aarch64.rpm samba-krb5-printing-4.11.12-9.oe1.aarch64.rpm samba-common-tools-4.11.12-9.oe1.aarch64.rpm samba-debuginfo-4.11.12-9.oe1.aarch64.rpm python3-samba-4.11.12-9.oe1.aarch64.rpm samba-libs-4.11.12-9.oe1.aarch64.rpm samba-winbind-clients-4.11.12-9.oe1.aarch64.rpm ctdb-4.11.12-9.oe1.aarch64.rpm samba-4.11.12-9.oe1.aarch64.rpm samba-help-4.11.12-9.oe1.aarch64.rpm samba-debugsource-4.11.12-8.oe1.aarch64.rpm ctdb-tests-4.11.12-8.oe1.aarch64.rpm samba-libs-4.11.12-8.oe1.aarch64.rpm ctdb-4.11.12-8.oe1.aarch64.rpm samba-common-4.11.12-8.oe1.aarch64.rpm python3-samba-dc-4.11.12-8.oe1.aarch64.rpm samba-4.11.12-8.oe1.aarch64.rpm samba-winbind-modules-4.11.12-8.oe1.aarch64.rpm samba-client-4.11.12-8.oe1.aarch64.rpm samba-help-4.11.12-8.oe1.aarch64.rpm samba-common-tools-4.11.12-8.oe1.aarch64.rpm samba-dc-provision-4.11.12-8.oe1.aarch64.rpm samba-test-4.11.12-8.oe1.aarch64.rpm libwbclient-4.11.12-8.oe1.aarch64.rpm libsmbclient-devel-4.11.12-8.oe1.aarch64.rpm samba-dc-4.11.12-8.oe1.aarch64.rpm samba-debuginfo-4.11.12-8.oe1.aarch64.rpm python3-samba-4.11.12-8.oe1.aarch64.rpm libwbclient-devel-4.11.12-8.oe1.aarch64.rpm libsmbclient-4.11.12-8.oe1.aarch64.rpm samba-winbind-4.11.12-8.oe1.aarch64.rpm samba-devel-4.11.12-8.oe1.aarch64.rpm samba-dc-bind-dlz-4.11.12-8.oe1.aarch64.rpm python3-samba-test-4.11.12-8.oe1.aarch64.rpm samba-winbind-krb5-locator-4.11.12-8.oe1.aarch64.rpm samba-winbind-clients-4.11.12-8.oe1.aarch64.rpm samba-krb5-printing-4.11.12-8.oe1.aarch64.rpm samba-pidl-4.11.12-9.oe1.noarch.rpm samba-pidl-4.11.12-9.oe1.noarch.rpm samba-pidl-4.11.12-8.oe1.noarch.rpm samba-4.11.12-9.oe1.src.rpm samba-4.11.12-9.oe1.src.rpm samba-4.11.12-8.oe1.src.rpm samba-vfs-glusterfs-4.11.12-9.oe1.x86_64.rpm samba-krb5-printing-4.11.12-9.oe1.x86_64.rpm samba-winbind-modules-4.11.12-9.oe1.x86_64.rpm samba-client-4.11.12-9.oe1.x86_64.rpm samba-debuginfo-4.11.12-9.oe1.x86_64.rpm samba-dc-provision-4.11.12-9.oe1.x86_64.rpm samba-help-4.11.12-9.oe1.x86_64.rpm python3-samba-test-4.11.12-9.oe1.x86_64.rpm samba-winbind-krb5-locator-4.11.12-9.oe1.x86_64.rpm samba-winbind-clients-4.11.12-9.oe1.x86_64.rpm samba-test-4.11.12-9.oe1.x86_64.rpm samba-winbind-4.11.12-9.oe1.x86_64.rpm ctdb-tests-4.11.12-9.oe1.x86_64.rpm samba-common-tools-4.11.12-9.oe1.x86_64.rpm samba-dc-bind-dlz-4.11.12-9.oe1.x86_64.rpm libsmbclient-4.11.12-9.oe1.x86_64.rpm samba-devel-4.11.12-9.oe1.x86_64.rpm samba-common-4.11.12-9.oe1.x86_64.rpm libsmbclient-devel-4.11.12-9.oe1.x86_64.rpm samba-debugsource-4.11.12-9.oe1.x86_64.rpm samba-4.11.12-9.oe1.x86_64.rpm libwbclient-devel-4.11.12-9.oe1.x86_64.rpm python3-samba-dc-4.11.12-9.oe1.x86_64.rpm python3-samba-4.11.12-9.oe1.x86_64.rpm libwbclient-4.11.12-9.oe1.x86_64.rpm samba-dc-4.11.12-9.oe1.x86_64.rpm samba-libs-4.11.12-9.oe1.x86_64.rpm ctdb-4.11.12-9.oe1.x86_64.rpm samba-winbind-clients-4.11.12-9.oe1.x86_64.rpm libsmbclient-4.11.12-9.oe1.x86_64.rpm samba-4.11.12-9.oe1.x86_64.rpm samba-libs-4.11.12-9.oe1.x86_64.rpm ctdb-4.11.12-9.oe1.x86_64.rpm samba-winbind-krb5-locator-4.11.12-9.oe1.x86_64.rpm samba-debuginfo-4.11.12-9.oe1.x86_64.rpm libwbclient-devel-4.11.12-9.oe1.x86_64.rpm samba-client-4.11.12-9.oe1.x86_64.rpm python3-samba-test-4.11.12-9.oe1.x86_64.rpm libsmbclient-devel-4.11.12-9.oe1.x86_64.rpm python3-samba-4.11.12-9.oe1.x86_64.rpm ctdb-tests-4.11.12-9.oe1.x86_64.rpm samba-krb5-printing-4.11.12-9.oe1.x86_64.rpm samba-winbind-4.11.12-9.oe1.x86_64.rpm samba-test-4.11.12-9.oe1.x86_64.rpm samba-winbind-modules-4.11.12-9.oe1.x86_64.rpm samba-debugsource-4.11.12-9.oe1.x86_64.rpm python3-samba-dc-4.11.12-9.oe1.x86_64.rpm samba-common-4.11.12-9.oe1.x86_64.rpm samba-devel-4.11.12-9.oe1.x86_64.rpm libwbclient-4.11.12-9.oe1.x86_64.rpm samba-dc-4.11.12-9.oe1.x86_64.rpm samba-vfs-glusterfs-4.11.12-9.oe1.x86_64.rpm samba-help-4.11.12-9.oe1.x86_64.rpm samba-dc-bind-dlz-4.11.12-9.oe1.x86_64.rpm samba-common-tools-4.11.12-9.oe1.x86_64.rpm samba-dc-provision-4.11.12-9.oe1.x86_64.rpm ctdb-tests-4.11.12-8.oe1.x86_64.rpm libwbclient-devel-4.11.12-8.oe1.x86_64.rpm samba-devel-4.11.12-8.oe1.x86_64.rpm libsmbclient-devel-4.11.12-8.oe1.x86_64.rpm samba-test-4.11.12-8.oe1.x86_64.rpm samba-krb5-printing-4.11.12-8.oe1.x86_64.rpm python3-samba-test-4.11.12-8.oe1.x86_64.rpm samba-debuginfo-4.11.12-8.oe1.x86_64.rpm samba-debugsource-4.11.12-8.oe1.x86_64.rpm samba-libs-4.11.12-8.oe1.x86_64.rpm samba-winbind-4.11.12-8.oe1.x86_64.rpm libwbclient-4.11.12-8.oe1.x86_64.rpm samba-client-4.11.12-8.oe1.x86_64.rpm samba-winbind-clients-4.11.12-8.oe1.x86_64.rpm samba-dc-bind-dlz-4.11.12-8.oe1.x86_64.rpm samba-common-tools-4.11.12-8.oe1.x86_64.rpm libsmbclient-4.11.12-8.oe1.x86_64.rpm samba-winbind-krb5-locator-4.11.12-8.oe1.x86_64.rpm samba-common-4.11.12-8.oe1.x86_64.rpm python3-samba-dc-4.11.12-8.oe1.x86_64.rpm samba-4.11.12-8.oe1.x86_64.rpm ctdb-4.11.12-8.oe1.x86_64.rpm samba-dc-4.11.12-8.oe1.x86_64.rpm samba-help-4.11.12-8.oe1.x86_64.rpm python3-samba-4.11.12-8.oe1.x86_64.rpm samba-winbind-modules-4.11.12-8.oe1.x86_64.rpm samba-dc-provision-4.11.12-8.oe1.x86_64.rpm samba-vfs-glusterfs-4.11.12-8.oe1.x86_64.rpm All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. 2022-01-28 CVE-2021-43566 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP2 openEuler-20.03-LTS-SP3 Low 2.6 AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N samba security update 2022-01-28 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1507