Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 778026 (CVE-2020-27840, CVE-2021-20277) - <net-fs/samba-4.13.7: multiple vulnerabilities (CVE-2020-27840, CVE-2021-20277)
Summary: <net-fs/samba-4.13.7: multiple vulnerabilities (CVE-2020-27840, CVE-2021-20277)
Status: RESOLVED FIXED
Alias: CVE-2020-27840, CVE-2021-20277
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://lists.samba.org/archive/samba...
Whiteboard: B3 [glsa+ cve]
Keywords: PullRequest
Depends on: 778071
Blocks:
  Show dependency tree
 
Reported: 2021-03-24 21:12 UTC by John Helmert III
Modified: 2021-05-26 09:45 UTC (History)
2 users (show)

See Also:
Package list:
net-fs/samba-4.13.7 amd64 arm arm64 ppc ppc64 sparc x86 net-dns/resolv_wrapper-1.1.7 amd64 arm ppc ppc64 sparc x86 sys-libs/ldb-2.2.1 amd64 arm arm64 ppc ppc64 sparc x86 net-libs/socket_wrapper-1.3.2 amd64 arm arm64 ppc ppc64 sparc x86 sys-libs/talloc-2.3.2 amd64 arm arm64 hppa ppc ppc64 sparc x86
Runtime testing required: ---
nattka: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III gentoo-dev Security 2021-03-24 21:12:26 UTC
From URL:

=======
Details
=======

o  CVE-2020-27840:
   An anonymous attacker can crash the Samba AD DC LDAP server by sending easily
   crafted DNs as part of a bind request. More serious heap corruption is likely
   also possible.

o  CVE-2021-20277:
   User-controlled LDAP filter strings against the AD DC LDAP server may crash
   the LDAP server.



Fixed in 4.14.2, 4.13.7, and 4.12.14. Please bump.
Comment 1 Larry the Git Cow gentoo-dev 2021-03-25 08:30:02 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=794ecf10b2db99d01345ed5ec87085da56f8ef89

commit 794ecf10b2db99d01345ed5ec87085da56f8ef89
Author:     Lars Wendler <polynomial-c@gentoo.org>
AuthorDate: 2021-03-25 08:28:15 +0000
Commit:     Lars Wendler <polynomial-c@gentoo.org>
CommitDate: 2021-03-25 08:29:29 +0000

    net-fs/samba: Security bump to versions 4.12.13, 4.13.7 and 4.14.2
    
    Dropped keywords on alpha and sparc due to sys-libs/libunwind dep
    
    Bug: https://bugs.gentoo.org/778026
    Closes: https://bugs.gentoo.org/715490
    Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>

 net-fs/samba/Manifest             |   3 +
 net-fs/samba/samba-4.12.14.ebuild | 329 +++++++++++++++++++++++++++++++++++++
 net-fs/samba/samba-4.13.7.ebuild  | 332 +++++++++++++++++++++++++++++++++++++
 net-fs/samba/samba-4.14.2.ebuild  | 336 ++++++++++++++++++++++++++++++++++++++
 4 files changed, 1000 insertions(+)
Comment 2 Lars Wendler (Polynomial-C) gentoo-dev 2021-03-25 08:31:52 UTC
We haven't met a decision yet which version to stabilize, so please be patient with us :)
Comment 3 Sam James archtester gentoo-dev Security 2021-03-25 11:35:20 UTC
(In reply to Lars Wendler (Polynomial-C) from comment #2)
> We haven't met a decision yet which version to stabilize, so please be
> patient with us :)

np
Comment 4 Sam James archtester gentoo-dev Security 2021-04-18 00:38:59 UTC
Ping
Comment 5 Lars Wendler (Polynomial-C) gentoo-dev 2021-04-19 09:57:47 UTC
Still not sure what to do regarding samba's automagic libunwind dependency and alpha/sparc keywords...

Any suggestions?
Comment 6 Andreas Sturmlechner gentoo-dev 2021-04-19 11:35:48 UTC
!sparc? ( !alpha? ( sys-libs/libunwind:= ) )

It seems pretty safe to assume these arches won't get libunwind keyworded any time soon.
Comment 7 Larry the Git Cow gentoo-dev 2021-04-19 11:52:30 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4624c893d68d922a4abb4cbf75cccdaf1bf04d59

commit 4624c893d68d922a4abb4cbf75cccdaf1bf04d59
Author:     Lars Wendler <polynomial-c@gentoo.org>
AuthorDate: 2021-04-19 11:49:26 +0000
Commit:     Lars Wendler <polynomial-c@gentoo.org>
CommitDate: 2021-04-19 11:52:06 +0000

    net-fs/samba: Restored ~alpha and ~sparc keywords
    
    Thanks-to: Andreas Sturmlechner <asturm@gentoo.org>
    Bug: https://bugs.gentoo.org/778026
    Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>

 net-fs/samba/samba-4.12.14.ebuild | 8 ++++----
 net-fs/samba/samba-4.13.7.ebuild  | 6 +++---
 net-fs/samba/samba-4.14.2.ebuild  | 6 +++---
 3 files changed, 10 insertions(+), 10 deletions(-)
Comment 8 Rolf Eike Beer archtester 2021-04-21 18:56:03 UTC
hppa stable
Comment 9 Sergei Trofimovich (RETIRED) gentoo-dev 2021-05-02 22:15:13 UTC
ppc stable
Comment 10 Sergei Trofimovich (RETIRED) gentoo-dev 2021-05-06 07:50:03 UTC
ppc64 stable
Comment 11 Sam James archtester gentoo-dev Security 2021-05-13 15:03:07 UTC
amd64 was stabled by zlogene a while ago
Comment 12 Sam James archtester gentoo-dev Security 2021-05-13 16:16:04 UTC
x86 done
Comment 13 Sam James archtester gentoo-dev Security 2021-05-15 02:41:38 UTC
arm done
Comment 14 Sam James archtester gentoo-dev Security 2021-05-15 18:00:13 UTC
arm64 done
Comment 15 Sam James archtester gentoo-dev Security 2021-05-15 18:03:15 UTC
sparc done

all arches done
Comment 16 John Helmert III gentoo-dev Security 2021-05-16 03:18:35 UTC
Please cleanup, thanks!
Comment 17 Larry the Git Cow gentoo-dev 2021-05-22 20:12:23 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=50cdf4f21369dc557d98b45c4aac192a38f8f77a

commit 50cdf4f21369dc557d98b45c4aac192a38f8f77a
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2021-05-22 19:01:11 +0000
Commit:     Lars Wendler <polynomial-c@gentoo.org>
CommitDate: 2021-05-22 20:12:08 +0000

    net-fs/samba: pre-4.13.7 security cleanup
    
    Bug: https://bugs.gentoo.org/778026
    Package-Manager: Portage-3.0.18, Repoman-3.0.3
    Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>
    Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>

 net-fs/samba/Manifest                              |   2 -
 .../samba-4.13-vfs_snapper_configure_option.patch  |  56 ----
 net-fs/samba/files/samba-4.13-winexe_option.patch  |  67 -----
 net-fs/samba/files/samba-4.9.2-timespec.patch      |  21 --
 net-fs/samba/samba-4.12.15.ebuild                  | 329 ---------------------
 net-fs/samba/samba-4.12.9-r1.ebuild                | 329 ---------------------
 6 files changed, 804 deletions(-)
Comment 18 Thomas Deutschmann gentoo-dev Security 2021-05-25 13:24:33 UTC
Added to an existing GLSA request.
Comment 19 GLSAMaker/CVETool Bot gentoo-dev 2021-05-26 09:45:51 UTC
This issue was resolved and addressed in
 GLSA 202105-22 at https://security.gentoo.org/glsa/202105-22
by GLSA coordinator Thomas Deutschmann (whissi).