Slackware: 2009-276-01: samba Security Update


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  samba (SSA:2009-276-01)

New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0,
12.1, 12.2, 13.0, and -current to fix security issues.

More details about the issues may be found in the Common
Vulnerabilities and Exposures (CVE) database:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906


Here are the details from the Slackware 13.0 ChangeLog:
+--------------------------+
patches/packages/samba-3.2.15-i486-1_slack13.0.txz:
  This update fixes the following security issues.
  A misconfigured /etc/passwd with no defined home directory could allow
  security restrictions to be bypassed.
  mount.cifs could allow a local user to read the first line of an arbitrary
  file if installed setuid.  (On Slackware, it was not installed setuid)
  Specially crafted SMB requests could cause a denial of service.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

HINT:  Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try.  This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(https://osuosl.org/) for donating additional FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on http://www.slackware.com/ for
additional mirror sites near you.

Updated package for Slackware 10.0:

Updated package for Slackware 10.1:

Updated package for Slackware 10.2:

Updated package for Slackware 11.0:

Updated package for Slackware 12.0:

Updated package for Slackware 12.1:

Updated package for Slackware 12.2:

Updated package for Slackware 13.0:

Updated package for Slackware x86_64 13.0:

Updated package for Slackware -current:

Updated package for Slackware x86_64 -current:


MD5 signatures:
+-------------+

Slackware 10.0 package:
e02ad43f20e3c31e50cf28363541db9c  samba-3.0.37-i486-1_slack10.0.tgz

Slackware 10.1 package:
bac29aae3e5f23bd815f4452c2954dc6  samba-3.0.37-i486-1_slack10.1.tgz

Slackware 10.2 package:
60ac24589c806850e7a74a09302a4ed9  samba-3.0.37-i486-1_slack10.2.tgz

Slackware 11.0 package:
58eaa3f9cb2c677f8b0a6249863685e6  samba-3.0.37-i486-1_slack11.0.tgz

Slackware 12.0 package:
8f68ccdee93cb131b395d9b3eeae1674  samba-3.0.37-i486-1_slack12.0.tgz

Slackware 12.1 package:
ea18bf39fa98cd52cf90fc593ee3ddf8  samba-3.0.37-i486-1_slack12.1.tgz

Slackware 12.2 package:
edb0b282ea777c2edabd8147d83f6978  samba-3.2.15-i486-1_slack12.2.tgz

Slackware 13.0 package:
9a848ba2af68ee2d01dd7440b4b49405  samba-3.2.15-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
e84b39e9ee6353e0a682e71a88e97b00  samba-3.2.15-x86_64-1_slack13.0.txz

Slackware -current package:
968d2bfd83f13d40e630c14fab19a676  samba-3.4.2-i486-1.txz

Slackware x86_64 -current package:
8b80e5bcd2b603a42e92185501823d26  samba-3.4.2-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg samba-3.2.15-i486-1_slack13.0.txz

Then, if Samba is running restart it:

# /etc/rc.d/rc.samba restart


+-----+
Slackware: 2009-276-01: samba Security Update

Summary

Where Find New Packages

MD5 Signatures

Installation Instructions

Related News

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By
