Uploaded image for project: 'FreeNAS / TrueNAS'
  1. FreeNAS / TrueNAS
  2. NAS-102198

Update Samba to 4.9.9 to address CVE-2019-12435

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Done (View Workflow)
    • Priority: Low
    • Resolution: Complete
    • Affects Version/s: 11.2-U4.1
    • Fix Version/s: 11.2-U5
    • Component/s: Services
    • Labels:
      None

      Description

      CVE-2019-12435:                                                              
         An authenticated user can crash the Samba AD DC's RPC server process via a   
         NULL pointer dereference.
      
      For more details and workarounds, please refer to the security advisory. 

       

      Fixed in Samba 4.9.9

       

      FreeNAS 11.3 is unaffected because it is compiled without DC support.

      https://www.samba.org/samba/security/CVE-2019-12435.html 

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              awalker Andrew Walker
              Reporter:
              awalker Andrew Walker
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Summary Panel