Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 11 Samba Update: Critical Remote Access Issues Resolved

fedora
Calendar Grey October 3, 2009
Dist Fedora Esm H88
Samba security patches have been rolled out for Fedora 11 to tackle various vulnerabilities and enhance system reliability.
Security Release, fixes CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906

Summary

Samba is the suite of programs by which a lot of PC-related machines

share files, printers, and other information (such as lists of

available files and printers). The Windows NT, OS/2, and Linux

operating systems support this natively, and add-on packages can

enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS,

and more. This package provides an SMB/CIFS server that can be used to

provide network services to SMB/CIFS clients.

Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT

need the NetBEUI (Microsoft Raw NetBIOS frame) protocol.

Update Information:

Security Release, fixes CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906

Topics%20covered

Topics Covered

security advisory security issue critical Fedora remote access samba information disclosure

Change Log

* Thu Oct 1 2009 Guenther Deschner - 3.4.2-0.42 - Update to 3.4.2 - Security Release, fixes CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906 * Wed Sep 9 2009 Guenther Deschner - 3.4.1.0-41 - Update to 3.4.1 * Fri Jul 17 2009 Guenther Deschner - 3.4.0-0.40 - Fix Bug #6551 (vuid and tid not set in sessionsetupX and tconX) - Specify required talloc and tdb version for BuildRequires * Wed Jul 15 2009 Guenther Deschner - 3.4.0-0.39 - Update to 3.4.0 - resolves: #510558 * Fri Jun 19 2009 Guenther Deschner - 3.3.5-0.38 - Fix password expiry calculation in pam_winbind * Tue Jun 16 2009 Guenther Deschner - 3.3.5-0.37 - Update to 3.3.5 * Wed Apr 29 2009 Guenther Deschner - 3.3.4-0.36 - Update to 3.3.4 * Mon Apr 20 2009 Guenther Deschner - 3.3.3-0.35 - Enable build of idmap_tdb2 for clustered setups * Wed Apr 1 2009 Guenther Deschner - 3.3.3-0.34 - Update to 3.3.3

References


[ 1 ] Bug #523752 - CVE-2009-2813 Samba: Share restriction bypass via home-less directory user account(s) https://bugzilla.redhat.com/show_bug.cgi?id=523752 [ 2 ] Bug #526074 - CVE-2009-2948 samba: information disclosure in suid mount.cifs https://bugzilla.redhat.com/show_bug.cgi?id=526074 [ 3 ] Bug #526645 - CVE-2009-2906 samba: infinite loop flaw in smbd on unexpected oplock break notification reply https://bugzilla.redhat.com/show_bug.cgi?id=526645

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update samba' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: samba
Product: Fedora 11
Version: 3.4.2
Release: 0.42.fc11
URL: /
Summary: Server and Client software to interoperate with Windows machines

Topics%20covered

Topics Covered

security advisory security issue critical Fedora remote access samba information disclosure

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here