Security update for cifs-utils
This update for cifs-utils fixes the following security issues:
- CVE-2021-20208: Fixed a potential kerberos auth leak escaping from container. (bsc#1183239)
- CVE-2020-14342: Fixed a shell command injection vulnerability in mount.cifs. (bsc#1174477)
This update for cifs-utils fixes the following issues:
- Solve invalid directory mounting. When attempting to change the current
working directory into non-existing directories, mount.cifs crashes.
(bsc#1152930)
- Fixed a bug where it was no longer possible to mount CIFS filesystem after
the last maintenance update. (bsc#1184815)
This update was imported from the SUSE:SLE-15:Update update project.
-
Submitted by
Paulo Alcantara (pauloac)
Fixed bugs
bnc#1183239
VUL-0: CVE-2021-20208: cifs-utils: cifs.upcall kerberos auth leak in container
bnc#1184815
L3: Unable to mount CIFS filesystem (error -126) after updating cifs-utils (from 6.9-5.6.1 to 6.9-5.9.1)
bnc#1152930
mount.cifs crashes when attempting to mount invalid directories
bnc#1174477
VUL-1: CVE-2020-14342: cifs-utils: Shell command injection vulnerability in mount.cifs
