Novell products and Badlock Samba vulnerability (CVE-2016-2118)

  • 7017482
  • 08-Apr-2016
  • 22-Jul-2016

Environment

On April 12th 2016, a security bug (called "Badlock") in Windows and Samba was disclosed.
 
More information on the vulnerability is available at http://badlock.org

Situation

Some Novell / Micro Focus products that use Samba may be affected by the Badlock vulnerability, and we are currently investigating the problem and potential fixes.  This TID will be updated as more specific information becomes available.
 
For information on SuSE products and Badlock, please see https://www.suse.com/support/kb/doc.php?id=7017475

Resolution

Updates are planned to resolve this vulnerability for the following Novell / Micro Focus products:
 
Novell Filr:
A fix for this issue is available in the Filr 2.0 Security Update 2 and Filr 1.2 Security Update 3, available via the Novell Patch Finder.

Novell Open Enterprise Server:
A fix for this issue is available in the May 2016 OES 2015 Hot Patch 10896 and May 2016 OES 11 SP2 Hot Patch 10897, available via the Novell Patch Finder.

Status

Security Alert