Headline
RHSA-2022:7730: Red Hat Security Advisory: libldb security, bug fix, and enhancement update
An update for libldb is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-32746: samba: AD users can induce a use-after-free in the server process with an LDAP add or modify request
Synopsis
Moderate: libldb security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for libldb is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases.
The following packages have been upgraded to a later upstream version: libldb (2.5.2). (BZ#2077484)
Security Fix(es):
- samba: AD users can induce a use-after-free in the server process with an LDAP add or modify request (CVE-2022-32746)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux for ARM 64 8 aarch64
- Red Hat CodeReady Linux Builder for x86_64 8 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
- Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
- Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
Fixes
- BZ - 2077484 - Rebase libldb to the version required by Samba
- BZ - 2108215 - CVE-2022-32746 samba: AD users can induce a use-after-free in the server process with an LDAP add or modify request
- BZ - 2108998 - python3-ldb-devel sub-package is missing from CRB
References
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index
Red Hat Enterprise Linux for x86_64 8
SRPM
libldb-2.5.2-2.el8.src.rpm
SHA-256: 38611bffe2629d0b15af7786166ceeea657ef9364a08a6c0692df24c1b967323
x86_64
ldb-tools-2.5.2-2.el8.x86_64.rpm
SHA-256: b9d8f561130d2e34508dff693143d321023a545e4f5d4daa6bffdf8e79e7c4ff
ldb-tools-debuginfo-2.5.2-2.el8.i686.rpm
SHA-256: a4ccdd97625de8085599357d24d3d3c3a442e5623783d7b215820f628b1a51ad
ldb-tools-debuginfo-2.5.2-2.el8.x86_64.rpm
SHA-256: ffa24276ef219dea52037413e8df174668c8df1351823ad065965b31e9ceb99d
libldb-2.5.2-2.el8.i686.rpm
SHA-256: cf1e741858ce2b09deed8c8af7f89f4d397faaa363982173e8be52b0bfcaba4e
libldb-2.5.2-2.el8.x86_64.rpm
SHA-256: 99c0128f0a45428a6901e5d38aa6a5a0dfa5f50f4713cc2e951d6b817b4590d8
libldb-debuginfo-2.5.2-2.el8.i686.rpm
SHA-256: ea088a5c06d128843a7625819537b386e85b36209837d8738f2711f5b3450d29
libldb-debuginfo-2.5.2-2.el8.x86_64.rpm
SHA-256: d858b5d5c7c43d2601b848ceb85ca5ef0f2a570eb57ae2b288fbb520663de7f9
libldb-debugsource-2.5.2-2.el8.i686.rpm
SHA-256: 91c8f492ff5df46d4cb0aea706680f4340dd7c6abd04584a8cd5bc8db2e85105
libldb-debugsource-2.5.2-2.el8.x86_64.rpm
SHA-256: 86e965ea3d4ab2714768ce7818cca091b2cd1402130d844789769ecc71df99ea
libldb-devel-2.5.2-2.el8.i686.rpm
SHA-256: 34d1029a4bc112567bdda90115e01ed8863e352dcb96f88dd81c29e03441a094
libldb-devel-2.5.2-2.el8.x86_64.rpm
SHA-256: 68fb9e6b78f3c49ecbc9af5e2b8238815be403b07caf448bfc9bc76ab6ef3906
python3-ldb-2.5.2-2.el8.i686.rpm
SHA-256: ccdbb54ab6a596fdd9714b736ccfee716b36282be59ae67212333395a123106b
python3-ldb-2.5.2-2.el8.x86_64.rpm
SHA-256: 3ca524d8bfc7714f76a4de1817ee70077977068042418db7abca0f14a6ad7a23
python3-ldb-debuginfo-2.5.2-2.el8.i686.rpm
SHA-256: e185db2b513f88e9142008166f4ea3a5e18c766541ef4a643973c73337a196de
python3-ldb-debuginfo-2.5.2-2.el8.x86_64.rpm
SHA-256: 8f8155b9ffc572eb7d4e02d90a45e78f3445602e21a72c13f6f10ec00020a7e9
Red Hat Enterprise Linux for IBM z Systems 8
SRPM
libldb-2.5.2-2.el8.src.rpm
SHA-256: 38611bffe2629d0b15af7786166ceeea657ef9364a08a6c0692df24c1b967323
s390x
ldb-tools-2.5.2-2.el8.s390x.rpm
SHA-256: 7d5824b32f3722c6e5994528fc3258bef5d52b2cd212d88dddcb92454e55cecc
ldb-tools-debuginfo-2.5.2-2.el8.s390x.rpm
SHA-256: b3522745f30950244619eda967eacbdeee2b9b25fcba28156a753085b4ceab29
libldb-2.5.2-2.el8.s390x.rpm
SHA-256: c33c026521285accaf959700e5d75d8ca44e7d6b7947b4f76900356e8fe99830
libldb-debuginfo-2.5.2-2.el8.s390x.rpm
SHA-256: 26719d5c4bd1408202f53555dec577a8d5c92fa0802bd6e24c4b5c80f0e9524b
libldb-debugsource-2.5.2-2.el8.s390x.rpm
SHA-256: 899cfec268f78644816a66392b9ee1951fbe993480fac053f82e6eb98ed51ab3
libldb-devel-2.5.2-2.el8.s390x.rpm
SHA-256: 256861443b46f1ab8d8d9add4683af18357d509b591a3352765526ab6beac962
python3-ldb-2.5.2-2.el8.s390x.rpm
SHA-256: 89abb5b610812bb18c8b069fb24a09255a8fae9a002299214e50bbe7617bc654
python3-ldb-debuginfo-2.5.2-2.el8.s390x.rpm
SHA-256: 8b58524657a6fb1d2f05a8c16e21cac84dcae26b4d5c2c79c13df941d34063fc
Red Hat Enterprise Linux for Power, little endian 8
SRPM
libldb-2.5.2-2.el8.src.rpm
SHA-256: 38611bffe2629d0b15af7786166ceeea657ef9364a08a6c0692df24c1b967323
ppc64le
ldb-tools-2.5.2-2.el8.ppc64le.rpm
SHA-256: f41e72f413674954216316c47b5f4617cc557d1b88cab6f296e2d11d221f8d70
ldb-tools-debuginfo-2.5.2-2.el8.ppc64le.rpm
SHA-256: 817a4d5887b8517c3dee32b33ac8600d4f35643407c0557370246583fe39a4ce
libldb-2.5.2-2.el8.ppc64le.rpm
SHA-256: 0cb90a62543516cdcba085a7940d018a141db1534da1ee9bf1bc89802e3b43bd
libldb-debuginfo-2.5.2-2.el8.ppc64le.rpm
SHA-256: 60c368a5f67421ee2cb777ba40be5caeb372f562cce0647afa2f643347ebb05d
libldb-debugsource-2.5.2-2.el8.ppc64le.rpm
SHA-256: c952168c00e6f5e635b171cadb6909ec41904c4dba474383809ea6f4f7c6f5b6
libldb-devel-2.5.2-2.el8.ppc64le.rpm
SHA-256: ce1b4df1da3b19bd415ab5a7cf13d67037b07e78d0912d0634853c7a2ea35ea6
python3-ldb-2.5.2-2.el8.ppc64le.rpm
SHA-256: a7b5e1d0e987cda89bbc4acecb79a3e20cb36055c07583519e85e72d3f734698
python3-ldb-debuginfo-2.5.2-2.el8.ppc64le.rpm
SHA-256: 67fb20131c6fd3b84e29c81a29eb6434d7419c0a1d2c32975e93c9da84be75c8
Red Hat Enterprise Linux for ARM 64 8
SRPM
libldb-2.5.2-2.el8.src.rpm
SHA-256: 38611bffe2629d0b15af7786166ceeea657ef9364a08a6c0692df24c1b967323
aarch64
ldb-tools-2.5.2-2.el8.aarch64.rpm
SHA-256: 34989577b93d1943df66c3d00e66d0625a096c8392370c3df449e836b7782cd7
ldb-tools-debuginfo-2.5.2-2.el8.aarch64.rpm
SHA-256: 743277c798671356db590f9f00bc938d6bde440de64b11e0a0485b8b0e8463fd
libldb-2.5.2-2.el8.aarch64.rpm
SHA-256: 1ab6bbb72e7140c2a58f71dfb3ce8e967638f26d5e368e437b0308230e221549
libldb-debuginfo-2.5.2-2.el8.aarch64.rpm
SHA-256: 90f07c7c4262c1dbfe86e03176e957809dda3ca4aa83d50703c59cd209ff66e0
libldb-debugsource-2.5.2-2.el8.aarch64.rpm
SHA-256: 0e63c22d172dbaf3d84a60ad0df33df7f456f59909ceb44a8348fb001e158bf0
libldb-devel-2.5.2-2.el8.aarch64.rpm
SHA-256: 79c613dfc6f40977ae46bcbf75b04c69aed044ae83af1419b3fa849e70b35ccb
python3-ldb-2.5.2-2.el8.aarch64.rpm
SHA-256: 338e4c7b16bfda5bf7c7db745fa7208eebe007ed5b42adf9a8c55a9aecfc694d
python3-ldb-debuginfo-2.5.2-2.el8.aarch64.rpm
SHA-256: 9b348cf599e2351df8d24d1134c2f507105c5e792a0c880bf74371a374154e7b
Red Hat CodeReady Linux Builder for x86_64 8
SRPM
x86_64
ldb-tools-debuginfo-2.5.2-2.el8.i686.rpm
SHA-256: a4ccdd97625de8085599357d24d3d3c3a442e5623783d7b215820f628b1a51ad
ldb-tools-debuginfo-2.5.2-2.el8.x86_64.rpm
SHA-256: ffa24276ef219dea52037413e8df174668c8df1351823ad065965b31e9ceb99d
libldb-debuginfo-2.5.2-2.el8.i686.rpm
SHA-256: ea088a5c06d128843a7625819537b386e85b36209837d8738f2711f5b3450d29
libldb-debuginfo-2.5.2-2.el8.x86_64.rpm
SHA-256: d858b5d5c7c43d2601b848ceb85ca5ef0f2a570eb57ae2b288fbb520663de7f9
libldb-debugsource-2.5.2-2.el8.i686.rpm
SHA-256: 91c8f492ff5df46d4cb0aea706680f4340dd7c6abd04584a8cd5bc8db2e85105
libldb-debugsource-2.5.2-2.el8.x86_64.rpm
SHA-256: 86e965ea3d4ab2714768ce7818cca091b2cd1402130d844789769ecc71df99ea
python-ldb-devel-common-2.5.2-2.el8.i686.rpm
SHA-256: 1c9d6ece3d28b43744ca7edea6ad76800bb8d6d5d2830d1c86c9c31ec9abeab1
python-ldb-devel-common-2.5.2-2.el8.x86_64.rpm
SHA-256: 20ba0bd15c97e00e43a4b9553f4883ba50129a87fa19881a4a38ff0b0fbfbf81
python3-ldb-debuginfo-2.5.2-2.el8.i686.rpm
SHA-256: e185db2b513f88e9142008166f4ea3a5e18c766541ef4a643973c73337a196de
python3-ldb-debuginfo-2.5.2-2.el8.x86_64.rpm
SHA-256: 8f8155b9ffc572eb7d4e02d90a45e78f3445602e21a72c13f6f10ec00020a7e9
python3-ldb-devel-2.5.2-2.el8.i686.rpm
SHA-256: 28b4d5408d03e801fe2221ded4dd125435b81036f2e1016176bdf86331d993f4
python3-ldb-devel-2.5.2-2.el8.x86_64.rpm
SHA-256: 000cd25d8717c5591a3d82446007e517dcdad3ff9bb46f4f5c6e7c7a82dea935
Red Hat CodeReady Linux Builder for Power, little endian 8
SRPM
ppc64le
ldb-tools-debuginfo-2.5.2-2.el8.ppc64le.rpm
SHA-256: 817a4d5887b8517c3dee32b33ac8600d4f35643407c0557370246583fe39a4ce
libldb-debuginfo-2.5.2-2.el8.ppc64le.rpm
SHA-256: 60c368a5f67421ee2cb777ba40be5caeb372f562cce0647afa2f643347ebb05d
libldb-debugsource-2.5.2-2.el8.ppc64le.rpm
SHA-256: c952168c00e6f5e635b171cadb6909ec41904c4dba474383809ea6f4f7c6f5b6
python-ldb-devel-common-2.5.2-2.el8.ppc64le.rpm
SHA-256: 6f353409412647eee10486f63073836960fc7af0e5d5287b7e0305c491c64ed2
python3-ldb-debuginfo-2.5.2-2.el8.ppc64le.rpm
SHA-256: 67fb20131c6fd3b84e29c81a29eb6434d7419c0a1d2c32975e93c9da84be75c8
python3-ldb-devel-2.5.2-2.el8.ppc64le.rpm
SHA-256: 9481ba6e4ca4f67fb0c8b3faaaff0a75e0c698fca09638b4aa467bdfd3c4225a
Red Hat CodeReady Linux Builder for ARM 64 8
SRPM
aarch64
ldb-tools-debuginfo-2.5.2-2.el8.aarch64.rpm
SHA-256: 743277c798671356db590f9f00bc938d6bde440de64b11e0a0485b8b0e8463fd
libldb-debuginfo-2.5.2-2.el8.aarch64.rpm
SHA-256: 90f07c7c4262c1dbfe86e03176e957809dda3ca4aa83d50703c59cd209ff66e0
libldb-debugsource-2.5.2-2.el8.aarch64.rpm
SHA-256: 0e63c22d172dbaf3d84a60ad0df33df7f456f59909ceb44a8348fb001e158bf0
python-ldb-devel-common-2.5.2-2.el8.aarch64.rpm
SHA-256: 76ac4f4525a12104a91d9f86338c5403c86ada03f708feaa979b430f2ad464d2
python3-ldb-debuginfo-2.5.2-2.el8.aarch64.rpm
SHA-256: 9b348cf599e2351df8d24d1134c2f507105c5e792a0c880bf74371a374154e7b
python3-ldb-devel-2.5.2-2.el8.aarch64.rpm
SHA-256: 39f07ac1164e33b652c26fc4b0380087507276b80728ef475622909b40f44a9c
Red Hat CodeReady Linux Builder for IBM z Systems 8
SRPM
s390x
ldb-tools-debuginfo-2.5.2-2.el8.s390x.rpm
SHA-256: b3522745f30950244619eda967eacbdeee2b9b25fcba28156a753085b4ceab29
libldb-debuginfo-2.5.2-2.el8.s390x.rpm
SHA-256: 26719d5c4bd1408202f53555dec577a8d5c92fa0802bd6e24c4b5c80f0e9524b
libldb-debugsource-2.5.2-2.el8.s390x.rpm
SHA-256: 899cfec268f78644816a66392b9ee1951fbe993480fac053f82e6eb98ed51ab3
python-ldb-devel-common-2.5.2-2.el8.s390x.rpm
SHA-256: e156a9c5b69e36e905d32bfbb6901a19bb01c6b15636dde6c4685b64686d8ed2
python3-ldb-debuginfo-2.5.2-2.el8.s390x.rpm
SHA-256: 8b58524657a6fb1d2f05a8c16e21cac84dcae26b4d5c2c79c13df941d34063fc
python3-ldb-devel-2.5.2-2.el8.s390x.rpm
SHA-256: 6c4902db167247650656965b9be9dfd426dadee44685933af64e8889bd8c781d
Related news
Gentoo Linux Security Advisory 202309-6 - Multiple vulnerabilities have been discovered in Samba, the worst of which could result in root remote code execution. Versions greater than or equal to 4.18.4 are affected.
An update for libldb is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32746: samba: AD users can induce a use-after-free in the server process with an LDAP add or modify request
A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl.
Ubuntu Security Notice 5542-1 - It was discovered that Samba did not handle MaxQueryDuration when being used in AD DC configurations, contrary to expectations. This issue only affected Ubuntu 20.04 LTS. Luke Howard discovered that Samba incorrectly handled certain restrictions associated with changing passwords. A remote attacker being requested to change passwords could possibly use this issue to escalate privileges.