What Are You Looking For?

Sign Up

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  samba (SSA:2014-175-04)

New samba packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.


Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/samba-4.1.9-i486-1_slack14.1.txz:  Upgraded.
  This update fixes bugs and security issues, including a flaw in Samba's
  internal DNS server which can be exploited to cause a denial of service,
  a flaw in SRV_SNAPSHOT_ARRAY that permits attackers to leverage
  configurations that use shadow_copy* for vfs objects to reveal potentially
  private server information, a denial of service on the nmbd NetBIOS name
  services daemon, and a denial of service crash involving overwriting
  memory on an authenticated connection to the smbd file server.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0239
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(https://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on https://slackware.com for
additional mirror sites near you.

Updated package for Slackware 14.0:

Updated package for Slackware x86_64 14.0:

Updated package for Slackware 14.1:

Updated package for Slackware x86_64 14.1:

Updated package for Slackware -current:

Updated package for Slackware x86_64 -current:


MD5 signatures:
+-------------+

Slackware 14.0 package:
19e6778a1b642b051ec893b5fda161a0  samba-3.6.24-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
a18f536e4c31228132e594b1fa6f830a  samba-3.6.24-x86_64-1_slack14.0.txz

Slackware 14.1 package:
44879c1d5400b830817def5730686937  samba-4.1.9-i486-1_slack14.1.txz

Slackware x86_64 14.1 package:
16cb8c3f747b0fdbaafc221bf5ce0aa6  samba-4.1.9-x86_64-1_slack14.1.txz

Slackware -current package:
399198d155fcfa5d449237ea89828c98  n/samba-4.1.9-i486-1.txz

Slackware x86_64 -current package:
8eeb6a52026f809b04bc8a2820c5c5ef  n/samba-4.1.9-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg samba-4.1.9-i486-1_slack14.1.txz

Then, if Samba is running restart it:
# /etc/rc.d/rc.samba restart


+-----+

Slackware: 2014-175-04: samba Security Update

June 24, 2014
New samba packages are available for Slackware 14.0, 14.1, and -current to fix security issues

Summary

Here are the details from the Slackware 14.1 ChangeLog: patches/packages/samba-4.1.9-i486-1_slack14.1.txz: Upgraded. This update fixes bugs and security issues, including a flaw in Samba's internal DNS server which can be exploited to cause a denial of service, a flaw in SRV_SNAPSHOT_ARRAY that permits attackers to leverage configurations that use shadow_copy* for vfs objects to reveal potentially private server information, a denial of service on the nmbd NetBIOS name services daemon, and a denial of service crash involving overwriting memory on an authenticated connection to the smbd file server. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0239 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493 (* Security fix *)

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on https://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.0:
Updated package for Slackware x86_64 14.0:
Updated package for Slackware 14.1:
Updated package for Slackware x86_64 14.1:
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:

MD5 Signatures

Slackware 14.0 package: 19e6778a1b642b051ec893b5fda161a0 samba-3.6.24-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: a18f536e4c31228132e594b1fa6f830a samba-3.6.24-x86_64-1_slack14.0.txz
Slackware 14.1 package: 44879c1d5400b830817def5730686937 samba-4.1.9-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 16cb8c3f747b0fdbaafc221bf5ce0aa6 samba-4.1.9-x86_64-1_slack14.1.txz
Slackware -current package: 399198d155fcfa5d449237ea89828c98 n/samba-4.1.9-i486-1.txz
Slackware x86_64 -current package: 8eeb6a52026f809b04bc8a2820c5c5ef n/samba-4.1.9-x86_64-1.txz

Severity
[slackware-security] samba (SSA:2014-175-04)
New samba packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg samba-4.1.9-i486-1_slack14.1.txz Then, if Samba is running restart it: # /etc/rc.d/rc.samba restart

Related News

Kubernetes Security on AWS: A Practical Guide

Nov 18, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

Security Highlights from KubeCon + CloudNativeCon 2023

Nov 18, 2023

Severe Firefox, Thunderbird Bugs Could Lead to System Takeover

Dec 2, 2023

News

Advisories

HOWTOs

Features

Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024

About Us

Powered By

Footer Logo