Scientific Linux: Important Samba Update For CVE-2011-0719 - DoS Risk

Date: Wed, 2 Mar 2011 14:46:26 -0600
Reply-To: Troy Dawson 
Sender: Security Errata for Scientific Linux
 
From: Troy Dawson 
Subject: Security ERRATA Important: samba on SL4.x, SL5.x i386/x86_64
Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it."
 

Synopsis:	Important: samba security update
Issue date:	2011-03-01
CVE Names:	CVE-2011-0719

A flaw was found in the way Samba handled file descriptors. If an
attacker were able to open a large number of file descriptors on the
Samba server, they could flip certain stack bits to "1" values,
resulting in the Samba server (smbd) crashing. (CVE-2011-0719)

After installing this update, the smb service will be restarted
automatically.

SL 4.x

 SRPMS:
samba-3.0.33-0.30.el4.src.rpm
 i386:
samba-3.0.33-0.30.el4.i386.rpm
samba-client-3.0.33-0.30.el4.i386.rpm
samba-common-3.0.33-0.30.el4.i386.rpm
samba-swat-3.0.33-0.30.el4.i386.rpm
 x86_64:
samba-3.0.33-0.30.el4.x86_64.rpm
samba-client-3.0.33-0.30.el4.x86_64.rpm
samba-common-3.0.33-0.30.el4.i386.rpm
samba-common-3.0.33-0.30.el4.x86_64.rpm
samba-swat-3.0.33-0.30.el4.x86_64.rpm

SL 5.x

 SRPMS:
samba-3.0.33-3.29.el5_6.2.src.rpm
 i386:
libsmbclient-3.0.33-3.29.el5_6.2.i386.rpm
libsmbclient-devel-3.0.33-3.29.el5_6.2.i386.rpm
samba-3.0.33-3.29.el5_6.2.i386.rpm
samba-client-3.0.33-3.29.el5_6.2.i386.rpm
samba-common-3.0.33-3.29.el5_6.2.i386.rpm
samba-swat-3.0.33-3.29.el5_6.2.i386.rpm
 x86_64:
libsmbclient-3.0.33-3.29.el5_6.2.i386.rpm
libsmbclient-3.0.33-3.29.el5_6.2.x86_64.rpm
libsmbclient-devel-3.0.33-3.29.el5_6.2.i386.rpm
libsmbclient-devel-3.0.33-3.29.el5_6.2.x86_64.rpm
samba-3.0.33-3.29.el5_6.2.x86_64.rpm
samba-client-3.0.33-3.29.el5_6.2.x86_64.rpm
samba-common-3.0.33-3.29.el5_6.2.i386.rpm
samba-common-3.0.33-3.29.el5_6.2.x86_64.rpm
samba-swat-3.0.33-3.29.el5_6.2.x86_64.rpm

-Connie Sieh
-Troy Dawson