Login
Newsletter
Werbung

Sicherheit: Mangelnde Rechteprüfung in Samba
Aktuelle Meldungen Distributionen
Name: Mangelnde Rechteprüfung in Samba
ID: FEDORA-2012-7006
Distribution: Fedora
Plattformen: Fedora 16
Datum: Do, 3. Mai 2012, 12:32
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111
Applikationen: Samba

Originalnachricht

Name        : samba
Product : Fedora 16
Version : 3.6.5
Release : 85.fc16
URL : http://www.samba.org/
Summary : Server and Client software to interoperate with Windows machines
Description :

Samba is the suite of programs by which a lot of PC-related machines
share files, printers, and other information (such as lists of
available files and printers). The Windows NT, OS/2, and Linux
operating systems support this natively, and add-on packages can
enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS,
and more. This package provides an SMB/CIFS server that can be used to
provide network services to SMB/CIFS clients.
Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT
need the NetBEUI (Microsoft Raw NetBIOS frame) protocol.

-------------------------------------------------------------------------------
-
Update Information:

Security Release, fixes CVE-2012-2111
Fix dependency on (private) libkrb5 symbol.
This fixes smbd and nmbd startup issues.
-------------------------------------------------------------------------------
-
ChangeLog:

* Mon Apr 30 2012 Guenther Deschner <gdeschner@redhat.com> - 1:3.6.5-85
- Security Release, fixes CVE-2012-2111
- resolves: #XXXXX
* Mon Apr 23 2012 Andreas Schneider <asn@redhat.com> - 1:3.6.4-84
- Fix creation of /var/run/samba.
- resolves: #751625
* Fri Apr 20 2012 Guenther Deschner <gdeschner@redhat.com> - 1:3.6.4-83
- Avoid private krb5_locate_kdc usage
- resolves: #754783
* Thu Apr 12 2012 Jon Ciesla <limburgher@gmail.com> - 1:3.6.4-82
- Update to 3.6.4
- Fixes CVE-2012-1182
* Mon Mar 19 2012 Andreas Schneider <asn@redhat.com> - 1:3.6.3-81
- Fix provides for of libwclient-devel for samba-winbind-devel.
* Thu Feb 23 2012 Andreas Schneider <asn@redhat.com> - 1:3.6.3-80
- Add commented out 'max protocol' to the default config.
* Mon Feb 13 2012 Andreas Schneider <asn@redhat.com> - 1:3.6.3-79
- Create a libwbclient package.
- Replace winbind-devel with libwbclient-devel package.
* Mon Jan 30 2012 Andreas Schneider <asn@redhat.com> - 1:3.6.3-78
- Update to 3.6.3
- Fixes CVE-2012-0817
* Sat Jan 14 2012 Fedora Release Engineering
<rel-eng@lists.fedoraproject.org> - 1:3.6.1-77.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Mon Dec 5 2011 Andreas Schneider <asn@redhat.com> - 1:3.6.1-77
- Fix winbind cache upgrade.
- resolves: #760137
* Fri Nov 18 2011 Andreas Schneider <asn@redhat.com> - 1:3.6.1-76
- Fix piddir to match with systemd files.
- Fix crash bug in the debug system.
- resolves: #754525
* Fri Nov 4 2011 Andreas Schneider <asn@redhat.com> - 1:3.6.1-75
- Fix systemd dependencies
- resolves: #751397
* Wed Oct 26 2011 Andreas Schneider <asn@redhat.com> - 1:3.6.1-74
- Update to 3.6.1
* Tue Oct 4 2011 Guenther Deschner <gdeschner@redhat.com> - 1:3.6.0-73
- Fix nmbd startup
- resolves: #741630
* Tue Sep 20 2011 Tom Callaway <spot@fedoraproject.org> - 1:3.6.0-72
- convert to systemd
- restore epoch from f15
* Sat Aug 13 2011 Guenther Deschner <gdeschner@redhat.com> - 3.6.0-71
- Update to 3.6.0 final
* Sun Jul 31 2011 Guenther Deschner <gdeschner@redhat.com> - 3.6.0rc3-70
- Update to 3.6.0rc3
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #817551 - CVE-2012-2111 samba: Incorrect permission checks when
granting/removing privileges [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=817551
[ 2 ] Bug #754783 - samba's use of (private) krb5_locate_kdc() broken by
krb5-1.10
https://bugzilla.redhat.com/show_bug.cgi?id=754783
[ 3 ] Bug #751625 - Samba does not work
https://bugzilla.redhat.com/show_bug.cgi?id=751625
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update samba' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung