Fedora Core 5 Update: samba-3.0.24-6.fc5 - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Security Week: February 6th, 2012

Linux Advisory Watch: February 3rd, 2012

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Fedora Core 5 Update: samba-3.0.24-6.fc5

User Rating:

How can I rate this item?

Posted by Benjamin D. Thomas

Security bugs where found in samba-3.0.24-6.fc5. This update fixes nmbd segfault in some rare conditions. Also fixes a bug introduced with CVE-2007-2444 in some configurations. fixes CVE-2007-0452 Samba smbd denial of service

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-518
2007-05-21
---------------------------------------------------------------------

Product     : Fedora Core 5
Name        : samba
Version     : 3.0.24
Release     : 6.fc5
Summary     : The Samba SMB server.
Description :

Samba is the suite of programs by which a lot of PC-related machines
share files, printers, and other information (such as lists of
available files and printers). The Windows NT, OS/2, and Linux
operating systems support this natively, and add-on packages can
enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS,
and more. This package provides an SMB server that can be used to
provide network services to SMB (sometimes called "Lan Manager")
clients. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT
need the NetBEUI (Microsoft Raw NetBIOS frame) protocol.

---------------------------------------------------------------------
Update Information:

fix nmbd segfault in some rare conditions
fix a bug introduced with CVE-2007-2444 in some configurations
---------------------------------------------------------------------
* Mon May 14 2007 Simo Sorce  3.0.24-5.fc5
- Security fixes for
  CVE-2007-2444
  CVE-2007-2446
  CVE-2007-2447
* Thu Apr  5 2007 Simo Sorce  3.0.24-4.fc5
- sync up patches from the rawhide packages
* Wed Mar 28 2007 Simo Sorce  3.0.24-3.fc5
- add patch for bug 176649
* Mon Mar 26 2007 Simo Sorce 
- remove patch for bug 106483 as it introduces a new bug that prevents
  the use of a credentials file with the smbclient tar command
* Fri Mar 23 2007 Simo Sorce  3.0.24-2.fc5
- fix log rotate script to no kill -HUP samba daemons
* Fri Mar 23 2007 Simo Sorce  3.0.24-2.fc5
- A newer cups lib introduced new symbols now we depend on,
  adjust dependencies to require the latest cups-libs package.
* Wed Feb  7 2007 Jay Fenlason  3.0.24-1.fc5
- New upstream release
- Update the -man patch to work with 3.0.24
- This release
  fixes CVE-2007-0452 Samba smbd denial of service
* Tue Sep 26 2006 Jay Fenlason  3.0.23c-1.fc5
- Include the newer smb.init that includes the configtest option
- Upgrade to 3.0.23c, obsoleting the -samr_alias patch.
* Wed Aug  9 2006 Jay Fenlason  3.0.23b-1.fc5
- New upstream release, fixing some annoying bugs.
* Mon Jul 24 2006 Jay Fenlason  3.0.23a-1.fc5.1
- Fix the -logfiles patch to close
  bz#199607 Samba compiled with wrong log path.
  bz#199206 smb.conf has incorrect log file path
* Mon Jul 24 2006 Jay Fenlason  3.0.23a-1.fc5
- Upgrade to new upstream 3.0.23a
- include upstream samr_alias patch
* Wed Jul 12 2006 Jay Fenlason  3.0.23-1.fc5
- Upgrade to 3.0.23 to close
  bz#197836 CVE-2006-3403 Samba denial of service
- include related spec file, filter-requires-samba.sh and patch changes
  from rawhide.
- include the fixed smb.init file from rawhide, closing
  bz#182560 Wrong retval for initscript when smbd is dead

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

6704bcbc47eb55597b640203bab5b256f3062b8f  SRPMS/samba-3.0.24-6.fc5.src.rpm
6704bcbc47eb55597b640203bab5b256f3062b8f  noarch/samba-3.0.24-6.fc5.src.rpm
00b81bec80eed9f4a92227932e314eb3df959c8c  ppc/samba-swat-3.0.24-6.fc5.ppc.rpm
368996dd3e5a7abca8d98d01ce5fdc32cbc9582d  ppc/samba-client-3.0.24-6.fc5.ppc.rpm
f003d53c2e32d0ecf0a6a41840539c826a425f2c  ppc/samba-3.0.24-6.fc5.ppc.rpm
d6cdd1d7433bab6d20f7f3dc5eb47e0da3623e59  ppc/debug/samba-debuginfo-3.0.24-6.fc5.ppc.rpm
d70e87806698bce75d0c6da56f0b04fd15b1ee8f  ppc/samba-common-3.0.24-6.fc5.ppc.rpm
697ec1cc2eb40be411bb915a7db91794daccfb6d  x86_64/samba-client-3.0.24-6.fc5.x86_64.rpm
f537cdc189279d7d1378166eb64862eb108ddb05  x86_64/samba-swat-3.0.24-6.fc5.x86_64.rpm
39cf4decf09fba6f10743c481789f42ed380e252  x86_64/debug/samba-debuginfo-3.0.24-6.fc5.x86_64.rpm
b78078da73fd02e56985dd70f45c5313d878e274  x86_64/samba-3.0.24-6.fc5.x86_64.rpm
ce8adb47b5fafe122cfe7172d4ca172b7e8d68a0  x86_64/samba-common-3.0.24-6.fc5.x86_64.rpm
a6bc99ea6b01dbf92342abb3aaf1216d5b8ea4fb  i386/debug/samba-debuginfo-3.0.24-6.fc5.i386.rpm
05b20dbdfcd000cf4ce517a2edceb20d70ceb2b1  i386/samba-common-3.0.24-6.fc5.i386.rpm
6fd4dad1d19c2e4525c6596b6acb38765c75d85c  i386/samba-3.0.24-6.fc5.i386.rpm
eb146c18f1558a6698d5086872b531242c3f8a06  i386/samba-client-3.0.24-6.fc5.i386.rpm
c41afa33c3b2f5aa85ee0168203457932d0355b6  i386/samba-swat-3.0.24-6.fc5.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce