Debian: New samba packages fix multiple vulnerabilities
Summary
- ------------------------------------------------------------------------Debian Security Advisory DSA-1291-2 security@debian.org http://www.debian.org/security/ Noah Meyerhans May 15, 2007 - ------------------------------------------------------------------------Package : samba Vulnerability : several Problem type : remote Debian-specific: no CVE Id(s) : CVE-2007-2446 CVE-2007-2447 This update to DSA-1291 covers the old stable version of Debian, 3.1 (sarge). The current stable distribution, 4.0 (etch) was updated previously. Several issues have been identified in Samba, the SMB/CIFS file- and print-server implementation for GNU/Linux. CVE-2007-2446 Various bugs in Samba's NDR parsing can allow a user to send specially crafted MS-RPC requests that will overwrite the heap space with user defined data. CVE-2007-2447 Unescaped user input parameters are passed as arguments to /bin/sh allowing for remote command execution For the old stable distribution (sarge), these problems have been fixed in version 3.0.14a-3sarge6 We recommend that you upgrade your samba package. Upgrade instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian 3.1 (oldstable) - ----------------------Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 122946 4f8326351368c07b9ff7e4925f65bc64 Size/MD5 checksum: 15605851 ebee37e66a8b5f6fd328967dc09088e8 Size/MD5 checksum: 1081 c3bcc5438c9dc922f5ac9bc75bf825cb Architecture independent packages: Size/MD5 checksum: 12117076 75895a83ad2be113b383bdf4d5f16c24 alpha architecture (DEC Alpha) Size/MD5 checksum: 3128680 fdc226d93c10ffb386b3c9bcff83314e Size/MD5 checksum: 3251018 e3eb57b061d45bc4fd20083292cf2075 Size/MD5 checksum: 20269380 bf7af04d9d769277c42e004fafd908a1 Size/MD5 checksum: 5237292 ca9d898183187b3db37131b8be456c65 Size/MD5 checksum: 659878 4b35df8ced7e2aea0080c1aed7c0f9eb Size/MD5 checksum: 4223662 5401c52bda1aee10d4c919b794c69f9a Size/MD5 checksum: 1015318 dadfd640543ef97d00b438d2e6c6cab9 Size/MD5 checksum: 402080 6025f427e4f2079a9a3c0d38ccff2590 Size/MD5 checksum: 2408536 f3dc91c30a136ccc0258fb46717d1100 Size/MD5 checksum: 459420 47640a2054996e789d30e4b87bd89dfe Size/MD5 checksum: 1824256 c8318790e5753f909c1357077a1aa9e7 amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 410744 71f863e69b711158d0554b9ab0bdea91 Size/MD5 checksum: 2194602 d7fdf1b2bbc022c2c28f2fc144150423 Size/MD5 checksum: 2809708 1c458a57b0d71ce87c351604b1b09a56 Size/MD5 checksum: 2867578 6fe353c5220415d216c226752380ad92 Size/MD5 checksum: 5201452 73c761829c2028d8d6cd1d0a8bb9b928 Size/MD5 checksum: 4122944 03995b1619ebffc05601b55bb3e869f5 Size/MD5 checksum: 795870 b0d51fd313d908298961395772ef99fa Size/MD5 checksum: 599934 847f20d894b61f575528e2e6f6898548 Size/MD5 checksum: 1651498 e250dc0f25b07079f1b9c833bfd8a1d4 Size/MD5 checksum: 381356 431107c30553acd4f5637e72c8f2c26a Size/MD5 checksum: 6490828 34d990ccb6b1b48e3d61d10df992ad84 arm architecture (ARM) Size/MD5 checksum: 2558752 841332d7eff8b8f1416d5749075d80b8 Size/MD5 checksum: 2010338 e3c136a12ddefbe00917a28f4ab2654c Size/MD5 checksum: 341592 2305704f6250b2edd2a45df0cd5c1815 Size/MD5 checksum: 376050 b0d1d9de768403b6fa3831f2ceefe5a1 Size/MD5 checksum: 4064504 66256fbb01e48dddefbcafda6bf7f728 Size/MD5 checksum: 4649064 231acbdc63203063cfda4c1aace344b7 Size/MD5 checksum: 1484410 6c45402cb53b5e2133bd1aa3fef39fc1 Size/MD5 checksum: 823012 d4ba7d8848eb04177cd35800bc1fcd41 Size/MD5 checksum: 2598164 46427726913eb28866fd746189c73c22 Size/MD5 checksum: 544988 c8b5d252a6e9da10e4fb9978a74e2eee Size/MD5 checksum: 6666782 dfa95b7f0526948b88e9dfd131d1f05c hppa architecture (HP PA RISC) Size/MD5 checksum: 417204 6aad398b42d7e937ee7f85922f25b36e Size/MD5 checksum: 644022 817df944f0b763bd1fbc7ec53de09ae8 Size/MD5 checksum: 1691330 969db308415104350a39677cba2c3457 Size/MD5 checksum: 895006 6315efe06f7f1a2c500b74cbdee2b7af Size/MD5 checksum: 404068 cc8cbd0825b730f531b1fa3d46408ebb Size/MD5 checksum: 2917062 d5ed7631a01252410e69a41588283247 Size/MD5 checksum: 2216138 c5e805c7267967b62058868e901a0acb Size/MD5 checksum: 5552058 fd743858d77e5fd5a044db4686b5d0c4 Size/MD5 checksum: 4134882 6008872c967aaa32c1047689cf6a5b78 Size/MD5 checksum: 2866374 c94110770a67b05eeeed4adc86d0f416 Size/MD5 checksum: 6469082 b94de6b7e6b499288a78206f3722e6a8 i386 architecture (Intel ia32) Size/MD5 checksum: 4059030 e90fd2bf75afc2571ab0b6b86f34abc7 Size/MD5 checksum: 370796 1648054136295986f00048e07c861e8a Size/MD5 checksum: 347478 489604b1c715e836a1e64f3d48db16e5 Size/MD5 checksum: 6678150 48ec7bb648ec804625f3eb7e14b65900 Size/MD5 checksum: 4744328 bedc594807490934c9d415e73c683f7f Size/MD5 checksum: 2007068 7d76ea95b261c395799bd3ccc0a7cc3a Size/MD5 checksum: 737268 98bfe76a1291310ab473c1b302af14c0 Size/MD5 checksum: 1484096 a8aa1003a42b5a168be74c6efc98dd88 Size/MD5 checksum: 2554240 82e96c6c31f35a698c0701889f2d76f3 Size/MD5 checksum: 2566558 d30b83341b53754e875f580c56357056 Size/MD5 checksum: 549188 a4d2711596e34cfcf4babd6e1a5308b8 ia64 architecture (Intel ia64) Size/MD5 checksum: 754684 293e11b397ac9eb32f15d5aab691aff3 Size/MD5 checksum: 473240 fe4150c635fa517b0f2aebd783799c10 Size/MD5 checksum: 3817758 5f8f53ba7b8ec836eb6cc8b6e0fb731c Size/MD5 checksum: 2212786 ded6e5762e0f377a0f8c9cbff28a719d Size/MD5 checksum: 4362502 3e2e4e03d606ac7a181c7759e4938384 Size/MD5 checksum: 1035496 260aae25622eabda48c16921d72b25a0 Size/MD5 checksum: 3924906 8b89883eeaf0a56abb03eb463c292412 Size/MD5 checksum: 2854988 597968f7acc92b82c6f17c81af6bce7d Size/MD5 checksum: 675066 ba723c5c04022ca32460e730b81dd813 Size/MD5 checksum: 548102 1ab76c9bf18dd58d173318756dd5d676 Size/MD5 checksum: 6626906 4f31c6792d8a7ffd5c9537ac4b9f7ca1 m68k architecture (Motorola Mc680x0) Size/MD5 checksum: 520938 2cd5cda7d355e7455f1020ccffb2d839 Size/MD5 checksum: 329972 1b6ce06ff69be51d97fd00dbf5af1b1b Size/MD5 checksum: 2223178 2fe0834d6be01470516b5915fe77748c Size/MD5 checksum: 335120 6a5c9e36624f2b7081034bcce3d35447 Size/MD5 checksum: 3973490 86de9bbb717c00db2d6b6176b409af43 Size/MD5 checksum: 2234712 a24a622f3982744f197d0b0245676a9d Size/MD5 checksum: 4548744 e69d79c409971910a45f1ed1458dcfbb Size/MD5 checksum: 1782636 20ea74088904fcb303bb53bb1da4b8fb Size/MD5 checksum: 1314838 2c0ddc296f0899e7373135d80a60fca1 Size/MD5 checksum: 656726 0b0f69d7594b4f633796af6b28eff430 Size/MD5 checksum: 6333346 e22172ffc5b708e755cda6ae15737ca0 mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 2157738 2bb2b32db963fe7314cf6c0c87bb5260 Size/MD5 checksum: 2824042 884d18263dc77be4752dbbf81198a516 Size/MD5 checksum: 4104974 891cea3efbfcb1b5d4bd49210713fead Size/MD5 checksum: 2778894 f7e8433c410e5d4ee8282689e3232bb8 Size/MD5 checksum: 356680 83abc34808541504ba2eb88d95004c97 Size/MD5 checksum: 4668928 886bad4338e06f4f4405699521dae558 Size/MD5 checksum: 1605954 c16ee4fbd1aa294feab0ddd819299a03 Size/MD5 checksum: 821674 533cdf1eb4eefd48a8c54e5c3b7bee84 Size/MD5 checksum: 556238 a7d597fc46c1720ac3151ff51b169016 Size/MD5 checksum: 412396 1e1b09ff4c593641d4682ad23a8fb7dc Size/MD5 checksum: 6763000 0cec083abea75f5ada12b59d03f7bb21 mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 2819746 261649678421d597d04ff90cae66bb96 Size/MD5 checksum: 813366 559ad8da40e56eaca2ddfdabbf1aff47 Size/MD5 checksum: 411316 7cfff3bb62a7b63802ca84f64b23662c Size/MD5 checksum: 2780008 da8d77ac13a92c3c477fc9965464806b Size/MD5 checksum: 4654562 c61675536800dd18b9ca4dbbe1342b32 Size/MD5 checksum: 2153928 f53bfb5aec6ca9d9bddb20e6e94dc1f9 Size/MD5 checksum: 4103248 f014649805165e64ead7c72208ec7352 Size/MD5 checksum: 1602988 496d2b9b942ae186d06eed2a5cb4eb36 Size/MD5 checksum: 355644 c9b7f2de8b80e21cc29e235d75ba559a Size/MD5 checksum: 6577454 12a0b66d1227d0a1340685ad7da447f2 Size/MD5 checksum: 553974 a1f050713cbf6fe665c3fbe1bad757dd powerpc architecture (PowerPC) Size/MD5 checksum: 5012896 89858637ec9126006671f9c183c980c5 Size/MD5 checksum: 2774662 ffca27b98f00de48269ba573a7c7d415 Size/MD5 checksum: 591660 9e8dd1da27f9fff7f6f6c8d128b491bb Size/MD5 checksum: 737272 10ff77cf09402e3a6bf21c7776957c6f Size/MD5 checksum: 1614186 ffebe1adf0ff594f38920c0f0069352c Size/MD5 checksum: 2826574 df361572386b5f4b0f32b998ca2e8617 Size/MD5 checksum: 406886 190eb0e71374868ab714137ce4d73c79 Size/MD5 checksum: 6864912 430e437f38e198da16934ab1b608909e Size/MD5 checksum: 368528 745ffef64ef68791d02b9dc9e501aded Size/MD5 checksum: 2156232 036eeab7523998b3e0c122a422aadaf7 Size/MD5 checksum: 4112916 fb301d52d77b3ac2b48560e1bd8638f9 s390 architecture (IBM S/390) Size/MD5 checksum: 5288018 f70a5ef7cad883589dd767f9c5fd4c08 Size/MD5 checksum: 2776458 8decbd733fb27f29f35bd907da2683f9 Size/MD5 checksum: 6840734 a41e848412a94ea7e75123b454246c0b Size/MD5 checksum: 797088 587e267beb026ee294e87f9e0a415b27 Size/MD5 checksum: 604388 6d174151e884f52b60dcbd0aebdf8f04 Size/MD5 checksum: 2725924 e58591f81d84022ebcaec72339dddf8b Size/MD5 checksum: 4093040 1d9de96b0e8f88114629d6ebae316489 Size/MD5 checksum: 386128 b96a29176d452eacaaa5ea9ee90bad5e Size/MD5 checksum: 2124184 c54efd2cdbe3af57b1dacc9d343259e1 Size/MD5 checksum: 404818 8427840b736995ad0e86eb3101eb6ce0 Size/MD5 checksum: 1614504 419e09d7823d70ee7e7554b6f2109409 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 2524918 877106ee743173e8e852ff74bbf2f8a5 Size/MD5 checksum: 356144 7f54481c83240921ca014cc3b866956b Size/MD5 checksum: 1979316 2b2e23b8a6e306af8bd59d54c9d87a4f Size/MD5 checksum: 2544530 fdbcdee922e63cfc506352af03bd5fbc Size/MD5 checksum: 4864656 2ab6df5285fa19130f75517f17e4918b Size/MD5 checksum: 371568 a4e67707ab9e4e36abbf84236f4bc2a8 Size/MD5 checksum: 6351842 29979a3a3810d44b2a68fb730052971f Size/MD5 checksum: 1478036 92a656e2f0a25597bf1bb0d1f2c39fd4 Size/MD5 checksum: 796818 62fb2b156cf8a11799ca3aeb0a72a668 Size/MD5 checksum: 4057466 91b5469c1de264239a0178cbcf1ad5f1 Size/MD5 checksum: 561490 6d5edccbf41e446ebd5028d6ce9dd4e5 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org