Fedora Core 5 Update: samba-3.0.24-5.fc5

    Date14 May 2007
    Posted ByLinuxSecurity Advisories
    This release of Samba fixes some Serious security bugs, CVE-2007-2444, CVE-2007-2446 and CVE-2007-2447. Fixes the security bugs which causes a Samba smbd denial of service.
    Fedora Update Notification
    Product     : Fedora Core 5
    Name        : samba
    Version     : 3.0.24
    Release     : 5.fc5
    Summary     : The Samba SMB server.
    Description :
    Samba is the suite of programs by which a lot of PC-related machines
    share files, printers, and other information (such as lists of
    available files and printers). The Windows NT, OS/2, and Linux
    operating systems support this natively, and add-on packages can
    enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS,
    and more. This package provides an SMB server that can be used to
    provide network services to SMB (sometimes called "Lan Manager")
    clients. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT
    need the NetBEUI (Microsoft Raw NetBIOS frame) protocol.
    Update Information:
    This release of Samba fixes some Serious security bugs:
    - CVE-2007-2444
    - CVE-2007-2446
    - CVE-2007-2447
    Official upstream announcements here:
    * Mon May 14 2007 Simo Sorce  3.0.24-5.fc5
    - Security fixes for
    * Thu Apr  5 2007 Simo Sorce  3.0.24-4.fc5
    - sync up patches from the rawhide packages
    * Wed Mar 28 2007 Simo Sorce  3.0.24-3.fc5
    - add patch for bug 176649
    * Mon Mar 26 2007 Simo Sorce 
    - remove patch for bug 106483 as it introduces a new bug that prevents
      the use of a credentials file with the smbclient tar command
    * Fri Mar 23 2007 Simo Sorce  3.0.24-2.fc5
    - fix log rotate script to no kill -HUP samba daemons
    * Fri Mar 23 2007 Simo Sorce  3.0.24-2.fc5
    - A newer cups lib introduced new symbols now we depend on,
      adjust dependencies to require the latest cups-libs package.
    * Wed Feb  7 2007 Jay Fenlason  3.0.24-1.fc5
    - New upstream release
    - Update the -man patch to work with 3.0.24
    - This release
      fixes CVE-2007-0452 Samba smbd denial of service
    * Tue Sep 26 2006 Jay Fenlason  3.0.23c-1.fc5
    - Include the newer smb.init that includes the configtest option
    - Upgrade to 3.0.23c, obsoleting the -samr_alias patch.
    * Wed Aug  9 2006 Jay Fenlason  3.0.23b-1.fc5
    - New upstream release, fixing some annoying bugs.
    * Mon Jul 24 2006 Jay Fenlason  3.0.23a-1.fc5.1
    - Fix the -logfiles patch to close
      bz#199607 Samba compiled with wrong log path.
      bz#199206 smb.conf has incorrect log file path
    * Mon Jul 24 2006 Jay Fenlason  3.0.23a-1.fc5
    - Upgrade to new upstream 3.0.23a
    - include upstream samr_alias patch
    * Wed Jul 12 2006 Jay Fenlason  3.0.23-1.fc5
    - Upgrade to 3.0.23 to close
      bz#197836 CVE-2006-3403 Samba denial of service
    - include related spec file, filter-requires-samba.sh and patch changes
      from rawhide.
    - include the fixed smb.init file from rawhide, closing
      bz#182560 Wrong retval for initscript when smbd is dead
    This update can be downloaded from:
    7863d7676375e34a4ec654ca2f8c75a7f20b2a69  SRPMS/samba-3.0.24-5.fc5.src.rpm
    7863d7676375e34a4ec654ca2f8c75a7f20b2a69  noarch/samba-3.0.24-5.fc5.src.rpm
    1db6b849abd55b7fe2673ad44bc1c2c622ac5653  ppc/samba-common-3.0.24-5.fc5.ppc.rpm
    279cf8da0b9d8addbbb0c7bb85e486a585b4aa40  ppc/samba-swat-3.0.24-5.fc5.ppc.rpm
    8f37d7ab9e8e342ef55f092d3d2bc5156f53c79d  ppc/samba-client-3.0.24-5.fc5.ppc.rpm
    5e9d4f7a56e9e848a66d152010eaec3ab5effe96  ppc/samba-3.0.24-5.fc5.ppc.rpm
    1b72c4bd70e0544bd8ef12d11e38c531c5a264c0  ppc/debug/samba-debuginfo-3.0.24-5.fc5.ppc.rpm
    3a689565ba1d6b4085265fcef5437572ceff609e  x86_64/debug/samba-debuginfo-3.0.24-5.fc5.x86_64.rpm
    9df353905246559fb108377c1d3ddd42ce720b8f  x86_64/samba-common-3.0.24-5.fc5.x86_64.rpm
    106746400b2dcb73aef2144e6cdfb8d392f3c3f4  x86_64/samba-swat-3.0.24-5.fc5.x86_64.rpm
    8c2a533b52e006f42e2607cbbd315bb1743a77f6  x86_64/samba-client-3.0.24-5.fc5.x86_64.rpm
    c80d2b934a23a3e0697e29a323b100337d7df851  x86_64/samba-3.0.24-5.fc5.x86_64.rpm
    ea9579c77fd3ec61fa3a9ae3c1a6d993a23ae79f  i386/samba-client-3.0.24-5.fc5.i386.rpm
    dd15ab53deb35f7e939cbb5de9b4776cb6ca5d3d  i386/samba-common-3.0.24-5.fc5.i386.rpm
    f6f8a043b8b915b01c54d4c3c7e1053b939877af  i386/debug/samba-debuginfo-3.0.24-5.fc5.i386.rpm
    e0be2decc1c44265f5bc42fe41bc5d369d569041  i386/samba-3.0.24-5.fc5.i386.rpm
    e64f8fc609d7ef302a599366f585f5b1535bfaa8  i386/samba-swat-3.0.24-5.fc5.i386.rpm
    This update can be installed with the 'yum' update program.  Use 'yum update
    package-name' at the command line.  For more information, refer to 'Managing
    Software with yum,' available at http://fedora.redhat.com/docs/yum/.
    Fedora-package-announce mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    You are not authorised to post comments.

    LinuxSecurity Poll

    Do you reuse passwords across multiple accounts?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.