Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Slackware 12.1: 2008-149-01 Critical: Samba Heap Overflow Risk

slackware
Calendar Grey May 29, 2008
Dist Slackware Esm H88
Updated samba modules released for Slackware to address heap buffer overflow vulnerability impacting both client and server setups.
New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, and -current to fix a security issue: "Specifically crafted SMB responses can result in a heap ov...

Summary

Here are the details from the Slackware 12.1 ChangeLog: patches/packages/samba-3.0.30-i486-1_slack12.1.tgz: Upgraded to samba-3.0.30. This is a security release in order to address CVE-2008-1105 ("Boundary failure when parsing SMB responses can result in a buffer overrun"). For more information on the security issue, see: https://www.cve.org/CVERecord?id=CVE-2008-1105 (* Security fix *)

Topics%20covered

Topics Covered

security advisory critical software upgrade heap overflow Slackware Samba

Where Find New Packages

HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading directly from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 10.0:
Updated package for Slackware 10.1:
Updated package for Slackware 10.2:
Updated package for Slackware 11.0:
Updated package for Slackware 12.0:
Updated package for Slackware 12.1:
Updated package for Slackware -current:

MD5 Signatures

Slackware 10.0 package: 2af7aaf16a310355e18b62e3cca532ab samba-3.0.30-i486-1_slack10.0.tgz
Slackware 10.1 package: eaa84d1a5246cc8e10d3bd80de60df82 samba-3.0.30-i486-1_slack10.1.tgz
Slackware 10.2 package: f20bbc463452f867edb58adb346168f3 samba-3.0.30-i486-1_slack10.2.tgz
Slackware 11.0 package: 6f547d788b0e3459bae593c5d7a31160 samba-3.0.30-i486-1_slack11.0.tgz
Slackware 12.0 package: 69d751c4affb27fd93ea80aab094417a samba-3.0.30-i486-1_slack12.0.tgz
Slackware 12.1 package: 45721736e34bc9a18018c492817fddf7 samba-3.0.30-i486-1_slack12.1.tgz
Slackware -current package: 9baa5b1893735a9335b3371a84b0545f samba-3.0.30-i486-1.tgz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory critical software upgrade heap overflow Slackware Samba

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg samba-3.0.30-i486-1_slack12.1.tgz Restart Samba: # sh /etc/rc.d/rc.samba restart

Related News

Your message here