Implement fix for CVE-2017-7494

This commit is contained in:
Bert Van Vreckem 2017-05-29 20:51:00 +02:00
parent 7b70e15cec
commit b63ca1385e
3 changed files with 20 additions and 0 deletions

View File

@ -4,6 +4,12 @@ This file contains al notable changes to the bertvv.samba Ansible role.
This file adheres to the guidelines of [http://keepachangelog.com/](http://keepachangelog.com/). Versioning follows [Semantic Versioning](http://semver.org/). "GH-X" refers to the X'th issue or pull request on the Github project.
## 2.3.1 - 2017-05-29
### Changed
- Fix for remote code execution vulnerability CVE-2017-7494: <https://access.redhat.com/security/cve/cve-2017-7494>
## 2.3.0 - 2017-05-10
### Changed

View File

@ -17,6 +17,16 @@ The following are not considered concerns of this role, and you should configure
**If you like/use this role, please consider giving it a star! Thanks!**
## CVE-2017-7494
A recently discovered remote code execution vulnerability may affect your Samba server installation.
If SELinux is enabled on your system, it is **NOT** vulnerable.
Version 2.3.1 of this role has a fix for the vulnerability. Upgrade your system if necessary.
More info: <https://access.redhat.com/security/cve/cve-2017-7494>
## Requirements
No specific requirements

View File

@ -45,6 +45,10 @@
disable spoolss = yes
{% endif %}
# Fix for CVE-2017-7494
# https://access.redhat.com/security/cve/cve-2017-7494
nt pipe support = no
{% if samba_load_homes %}
## Make home directories accessible
[homes]