--------------------------------------------------------------------- Fedora Test Update Notification FEDORALEGACY-2004-2102 Bugzilla https://bugzilla.fedora.us/show_bug.cgi?id=2102 2004-10-07 --------------------------------------------------------------------- Name : samba Version (7.3) : 2.2.12-0.73.2.legacy Version (9) : 2.2.12-0.90.1.legacy Summary : The Samba SMB server. Description : Samba is the protocol by which a lot of PC-related machines share files, printers, and other information (such as lists of available files and printers). The Windows NT, OS/2, and Linux operating systems support this natively, and add-on packages can enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS, and more. This package provides an SMB server that can be used to provide network services to SMB (sometimes called "Lan Manager") clients. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need the NetBEUI (Microsoft Raw NetBIOS frame) protocol. --------------------------------------------------------------------- Update Information: Karol Wiesek discovered an input validation issue in Samba prior to 3.0.6. An authenticated user could send a carefully crafted request to the Samba server, which would allow access to files outside of the configured file share. Note: Such files would have to be readable by the account used for the connection. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0815 to this issue. Users of Samba should upgrade to these updated packages, which contain an upgrade to Samba-2.2.12, which is not vulnerable to this issue. --------------------------------------------------------------------- 7.3 changelog: * Thu Oct 07 2004 Dominic Hargreaves <dom@xxxxxxxx> 2.2.12-0.73.2.legacy - Add BuildRequires: libtool * Mon Oct 04 2004 Craig Kelley <ckelley@xxxxxxxxxx> 2.2.12-0.73.1.legacy - Updated to samba-2.2.12 to fix CAN-2004-0815 * Tue Sep 14 2004 Craig Kelley <ckelley@xxxxxxxxxx> 2.2.11-0.73.0.legacy - Updated to samba-2.2.11 to fix the PrintChangeNotify bug (samba bug #1520) * Thu Aug 05 2004 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.2.10-0.73.1. legacy - Rebuilt as Fedora Legacy update. * Wed Jul 21 2004 Jay Fenlason <fenlason@xxxxxxxxxx> 2.2.9-1.21as.1 - Upgrade to 2.2.10 to fix CAN-2004-0686 9 changelog: * Thu Oct 07 2004 Dominic Hargreaves <dom@xxxxxxxx> 2.2.12-0.90.1.legacy - Add BuildRequires: libtool * Mon Oct 04 2004 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.2.12-0.90.0. legacy - Updated to samba-2.2.12 to fix CAN-2004-0815 * Tue Sep 14 2004 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.2.11-0.90.0. legacy - Updated to samba-2.2.11 to fix the PrintChangeNotify bug (samba bug #1520) * Thu Aug 05 2004 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.2.10-0.90.1. legacy - Upgrade to 2.2.10 to fix CAN-2004-0686 - Include an explicit epoch on all requires lines. - chmod +x the configure in examples/VFS since it seems to have lost its execute permissions somewhere. --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/redhat/ 664447fbbf1371174b601099d18102023537ecbf 7.3/updates-testing/SRPMS/samba-2.2.12-0.73.2.legacy.src.rpm ab34e621cdaa5ad567276244eb2ed2234c418890 7.3/updates-testing/i386/samba-2.2.12-0.73.2.legacy.i386.rpm aaae87969ae3287e432503cee8fbcb83525d020e 7.3/updates-testing/i386/samba-client-2.2.12-0.73.2.legacy.i386.rpm 728d7f6d68dc837fd874ac870e5d2241e2514a6d 7.3/updates-testing/i386/samba-common-2.2.12-0.73.2.legacy.i386.rpm 3cb01bb47a5fa55151637050f01769898b7dc89c 7.3/updates-testing/i386/samba-swat-2.2.12-0.73.2.legacy.i386.rpm 2968358eb51a4342b520f5494a4013643ba73e1b 9/updates-testing/SRPMS/samba-2.2.12-0.90.1.legacy.src.rpm dcafbbcb96a0848e8b4017bdf1745c275681db35 9/updates-testing/i386/samba-2.2.12-0.90.1.legacy.i386.rpm e7fe4b9425d535768fc17464f7879dd1f048a8b2 9/updates-testing/i386/samba-client-2.2.12-0.90.1.legacy.i386.rpm f590e48b6a9ad6841f7ea96070d08c8151ae12d7 9/updates-testing/i386/samba-common-2.2.12-0.90.1.legacy.i386.rpm 75fbf38b5381ee7cf9b91c5723aa8d66f8e92fbc 9/updates-testing/i386/samba-swat-2.2.12-0.90.1.legacy.i386.rpm Please note that this update is also available via yum and apt through the updates-testing channel. Many people find this an easier way to apply updates. ---------------------------------------------------------------------
Attachment:
signature.asc
Description: Digital signature
-- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
