Security update for Samba

SUSE Security Update: Security update for Samba
Announcement ID: SUSE-SU-2012:0591-1
Rating: important
References: #757080 #757576
Affected Products:
  • SUSE Linux Enterprise Server 10 GPLv3 Extras

  • An update that solves one vulnerability and has one errata is now available.

    Description:


    This update of Samba fixes the following security issue:

    * CVE-2012-2111: Ensure that users cannot hand out
    their own privileges to everyone, only administrators are
    allowed to do that.

    Security Issue reference:

    * CVE-2012-2111
    >

    Package List:

    • SUSE Linux Enterprise Server 10 GPLv3 Extras (i586 ia64 ppc s390x x86_64):
    • libnetapi-devel-3.4.3-0.43.1
    • libnetapi0-3.4.3-0.43.1
    • libtalloc-devel-3.4.3-0.43.1
    • libtalloc1-3.4.3-0.43.1
    • libtdb-devel-3.4.3-0.43.1
    • libtdb1-3.4.3-0.43.1
    • libwbclient-devel-3.4.3-0.43.1
    • libwbclient0-3.4.3-0.43.1
    • samba-gplv3-3.4.3-0.43.1
    • samba-gplv3-client-3.4.3-0.43.1
    • samba-gplv3-krb-printing-3.4.3-0.43.1
    • samba-gplv3-winbind-3.4.3-0.43.1
    • SUSE Linux Enterprise Server 10 GPLv3 Extras (noarch):
    • samba-gplv3-doc-3.4.3-0.43.1

    References:

    • http://support.novell.com/security/cve/CVE-2012-2111.html
    • https://bugzilla.novell.com/757080
    • https://bugzilla.novell.com/757576
    • http://download.suse.com/patch/finder/?keywords=ef33002197942af3c4259067710592e2