Login
Newsletter
Werbung

Sicherheit: Zwei Probleme in samba4
Aktuelle Meldungen Distributionen
Name: Zwei Probleme in samba4
ID: FEDORA-2013-1667
Distribution: Fedora
Plattformen: Fedora 17
Datum: Di, 12. Februar 2013, 08:21
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0213
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0214
Applikationen: Samba

Originalnachricht

Name        : samba4
Product : Fedora 17
Version : 4.0.0
Release : 60alpha18.fc17
URL : http://www.samba.org/
Summary : Server and Client software to interoperate with Windows machines
Description :
Samba is the standard Windows interoperability suite of programs for Linux and
Unix.

-------------------------------------------------------------------------------
-
Update Information:

Fixes CVE-2013-0213 and CVE-2013-0214.
-------------------------------------------------------------------------------
-
ChangeLog:

* Thu Jan 31 2013 - Andreas Schneider <asn@redhat.com> - -
2:4.0.0-60.alpha18
- Fixes CVE-2013-0213 and CVE-2013-0214.
- resolves: #906003
- resolves: #905700
- resolves: #905704
* Tue Jan 15 2013 - Andreas Schneider <asn@redhat.com> -
2:4.0.0-59.alpha18
- Fixes CVE-2013-0172
* Thu Jul 12 2012 Andreas Schneider <asn@redhat.com> - 2:4.0.0-58.alpha18
- Add requirement for samba4-python in samba4-dc.
- resolves: #839247
- Add /etc/samba directory to samba4-common package.
- resolves: #839267
* Mon Jun 25 2012 Andreas Schneider <asn@redhat.com> - 2:4.0.0-57.alpha18
- Make sure we fail if we don't find python modules of system libraries.
- Fix configure to parse version numbers correctly.
* Fri Jun 22 2012 Andreas Schneider <asn@redhat.com> - 2:4.0.0-56.alpha18
- Add missing BuildRequires for python bindings.
* Thu Jun 21 2012 Andreas Schneider <asn@redhat.com> - 2:4.0.0-55.alpha18
- Fix ldonfig.
- Require systemd for samba4-common package.
* Mon Jun 18 2012 Andreas Schneider <asn@redhat.com> - 2:4.0.0-54.alpha18
- Fix usrmove paths.
* Tue Jun 12 2012 Andreas Schneider <asn@redhat.com> - 2:4.0.0-53.alpha18
- Fix possible memory leaks in the samba master process.
- resolves: #829694
* Mon Jun 4 2012 Andreas Schneider <asn@redhat.com> - 2:4.0.0-52.alpha18
- Add missing conflict for samba-swat.
- Move some common binaries from client to common subpackage.
- resolves: #823182
* Wed May 30 2012 Andreas Schneider <asn@redhat.com> - 2:4.0.0-51.alpha18
- Add missing iniparser-devel build requirement.
* Mon May 21 2012 Andreas Schneider <asn@redhat.com> - 2:4.0.0-50.alpha18
- Add missing python-tevent to BuildRequires.
- Move idmap modlues to winbind package.
- Move ntlm_auth to winbind-clients package.
- resolves: #823182
* Mon May 14 2012 Andreas Schneider <asn@redhat.com> - 2:4.0.0-49.alpha18
- Move tmpfiles.d config to common package as it is needed for smbd and
winbind.
- Make sure tmpfiles get created after installation.
- resolves: #820721
* Thu May 10 2012 Andreas Schneider <asn@redhat.com> - 2:4.0.0-48.alpha18
- Move testparm to samba4-common package.
- Move smbcontrol and smbstatus to samba4 package.
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #905700 - CVE-2013-0213 samba: clickjacking vulnerability in SWAT
https://bugzilla.redhat.com/show_bug.cgi?id=905700
[ 2 ] Bug #905704 - CVE-2013-0214 samba: cross-site request forgery
vulnerability in SWAT
https://bugzilla.redhat.com/show_bug.cgi?id=905704
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update samba4' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Gewinnspiel
Neue Nachrichten
Werbung