Alerts This Week
Warning Icon 1 905
Alerts This Week
Warning Icon 1 905

Slackware 14.0/14.1 SSA:2014-175-04 Critical: Samba Denial of Service

slackware
Calendar Grey June 24, 2014
Dist Slackware Esm H88
Updated Samba distributions for Slackware versions 14.0 and 14.1 address critical vulnerabilities, specifically targeting denial of service risks.
New samba packages are available for Slackware 14.0, 14.1, and -current to fix security issues

Summary

Here are the details from the Slackware 14.1 ChangeLog: patches/packages/samba-4.1.9-i486-1_slack14.1.txz: Upgraded. This update fixes bugs and security issues, including a flaw in Samba's internal DNS server which can be exploited to cause a denial of service, a flaw in SRV_SNAPSHOT_ARRAY that permits attackers to leverage configurations that use shadow_copy* for vfs objects to reveal potentially private server information, a denial of service on the nmbd NetBIOS name services daemon, and a denial of service crash involving overwriting memory on an authenticated connection to the smbd file server. For more information, see: https://www.cve.org/CVERecord?id=CVE-2014-0178 https://www.cve.org/CVERecord?id=CVE-2014-0239 https://www.cve.org/CVERecord?id=CVE-2014-0244 https://www.cve.org/CVERecord?id=CVE-2014-3493 (* Security fix *)

Topics%20covered

Topics Covered

security advisory denial of service software update samba slackware

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 14.0:
Updated package for Slackware x86_64 14.0:
Updated package for Slackware 14.1:
Updated package for Slackware x86_64 14.1:
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:

MD5 Signatures

Slackware 14.0 package: 19e6778a1b642b051ec893b5fda161a0 samba-3.6.24-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: a18f536e4c31228132e594b1fa6f830a samba-3.6.24-x86_64-1_slack14.0.txz
Slackware 14.1 package: 44879c1d5400b830817def5730686937 samba-4.1.9-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 16cb8c3f747b0fdbaafc221bf5ce0aa6 samba-4.1.9-x86_64-1_slack14.1.txz
Slackware -current package: 399198d155fcfa5d449237ea89828c98 n/samba-4.1.9-i486-1.txz
Slackware x86_64 -current package: 8eeb6a52026f809b04bc8a2820c5c5ef n/samba-4.1.9-x86_64-1.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory denial of service software update samba slackware

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg samba-4.1.9-i486-1_slack14.1.txz Then, if Samba is running restart it: # /etc/rc.d/rc.samba restart

Your message here