Pufferüberläufe in samba
ID: | SSA:2004-208-01 |
Distribution: | Slackware |
Plattformen: | Slackware -current, Slackware 10.0 |
Datum: | Di, 27. Juli 2004, 13:00 |
Referenzen: | Keine Angabe |
Applikationen: | Samba |
Originalnachricht |
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] alternate samba package for Slackware 10.0 (SSA:2004-208-01) It was pointed out that the new Samba packages for Slackware 10.0 (and -current) have a dependency on libattr.so that wasn't in the previous packages. Since it's not the intent to introduce new requirements in security patches (especially for stable versions), an alternate version of the samba package is being made available that does not require libattr.so. The original samba-3.0.5-i486-1.tgz package for Slackware 10.0 will also remain in the patches directory (at least for now, since it was just referenced in a security advisory and the URL to it should remain working), and because the original package works fine if the xfsprogs package (which contains libattr) is installed. If you're running a full installation or have xfsprogs installed, you do not need to update samba again. Here are the details from the Slackware 10.0 ChangeLog: +--------------------------+ Mon Jul 26 14:10:01 PDT 2004 patches/packages/samba-3.0.5-i486-2.tgz: Rebuilt using --with-acl-support=no to avoid a dependency on libattr (found in the xfsprogs package). Thanks to Fredrik, Naresh Donti, and Dimitar Katerinski for pointing this out. It wasn't intentional (only the version number changed in the build script). +--------------------------+ Where to find the new packages: +-----------------------------+ Updated package for Slackware 10.0: ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/samba-3.0.5-i486-2.tgz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/samba-3.0.5-i486-2.tgz MD5 signatures: +-------------+ Slackware 10.0 package: ce2cf65d8c5ebbd0e002cdd21780ffb8 samba-3.0.5-i486-2.tgz Slackware -current package: ce2cf65d8c5ebbd0e002cdd21780ffb8 samba-3.0.5-i486-2.tgz Installation instructions: +------------------------+ As root, stop the samba server: . /etc/rc.d/rc.samba stop Next, upgrade the samba package(s) with upgradepkg: upgradepkg samba-3.0.5-i486-2.tgz Finally, start samba again: . /etc/rc.d/rc.samba start +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFBBYB6akRjwEAQIjMRAhBHAJ9+JT92bh6FjcEgIRA0KKuBSGJVJACfe6cf Se5XNKxlVB2mxQliU+3L+AM= =p23P -----END PGP SIGNATURE----- |