drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in samba
| Name: |
Pufferüberlauf in samba |
|
| ID: |
SUSE-SA:2007:068 |
|
| Distribution: |
SUSE |
|
| Plattformen: |
SUSE Linux Enterprise Server 8, SUSE Linux Openexchange Server 4, SUSE UnitedLinux 1.0, SUSE Linux Desktop 1.0, SUSE Linux Standard Server 8, SUSE Linux School Server, SUSE Linux Enterprise Server 9, SUSE Novell Linux Desktop 9, SUSE Open Enterprise Server, SUSE Linux 10.0, SUSE LINUX 10.1, SUSE Novell Linux POS 9, SUSE LINUX Retail Solution 8, openSUSE 10.2, SUSE Linux Enterprise Desktop 10 SP1, SUSE Linux Enterprise Server 10 SP1, SUSE SLE SDK 10 SP1, openSUSE 10.3 |
|
| Datum: |
Mi, 12. Dezember 2007, 09:54 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015 |
|
| Applikationen: |
Samba |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
SUSE Security Announcement
Package: samba
Announcement ID: SUSE-SA:2007:068
Date: Wed, 12 Dec 2007 09:00:00 +0000
Affected Products: SUSE LINUX 10.0
SUSE LINUX 10.1
openSUSE 10.2
openSUSE 10.3
UnitedLinux 1.0
SuSE Linux Enterprise Server 8
SuSE Linux Openexchange Server 4
SuSE Linux Desktop 1.0
SuSE Linux Standard Server 8
SuSE Linux School Server
SUSE LINUX Retail Solution 8
SUSE SLES 9
Novell Linux Desktop 9
Open Enterprise Server
Novell Linux POS 9
SUSE Linux Enterprise Desktop 10 SP1
SLE SDK 10 SP1
SUSE Linux Enterprise Server 10 SP1
Vulnerability Type: remote code execution
Severity (1-10): 7
SUSE Default Package: no
Cross-References: CVE-2007-6015
Content of This Advisory:
1) Security Vulnerability Resolved:
buffer overflow fixed in send_mailslot()
Problem Description
2) Solution or Work-Around
3) Special Instructions and Notes
4) Package Location and Checksums
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
______________________________________________________________________________
1) Problem Description and Brief Discussion
The Samba suite is an open-source implementatin of the SMB protocol.
This update of samba fixes a buffer overflow in function send_mailslot()
that allows remote attackers to overwrite the stack with 0 (via memset(3))
by sending specially crafted SAMLOGON packets.
This bug can only be triggered if option "domain logon" is enabled.
2) Solution or Work-Around
Please install the update.
3) Special Instructions and Notes
restart the samba daemon
4) Package Location and Checksums
The preferred method for installing security updates is to use the YaST
Online Update (YOU) tool. YOU detects which updates are required and
automatically performs the necessary steps to verify and install them.
Alternatively, download the update packages for your distribution manually
and verify their integrity by the methods listed in Section 6 of this
announcement. Then install the packages using the command
rpm -Fhv <file.rpm>
to apply the update, replacing <file.rpm> with the filename of the
downloaded RPM package.
x86 Platform:
openSUSE 10.3:
cifs-mount-3.0.26a-3.5.i586.rpm
0e5535e4f9c58befed9342a7ab1189ab
ldapsmb-1.34b-110.5.i586.rpm
2a0a8ce1d69d105590e054cc301085e6
libmsrpc-3.0.26a-3.5.i586.rpm
9354979f15b5abef17072f0203745ddf
libmsrpc-devel-3.0.26a-3.5.i586.rpm
74629f5f4b761042b30d9336c97e5b6f
libsmbclient-3.0.26a-3.5.i586.rpm
dbcbee4977b3beeb2a46e5b56003604c
libsmbclient-devel-3.0.26a-3.5.i586.rpm
7a6c5f65bb9aed832cec9221e41f76ef
libsmbsharemodes-3.0.26a-3.5.i586.rpm
f04c0399479ecc681daa1330a187009b
libsmbsharemodes-devel-3.0.26a-3.5.i586.rpm
92f8de627f39372775c46cc588000e31
samba-3.0.26a-3.5.i586.rpm
1ee63cc24bb7862c3f80a492883a6e82
samba-client-3.0.26a-3.5.i586.rpm
b7dcfa6d0918bb8b872901d14360824e
samba-devel-3.0.26a-3.5.i586.rpm
4a4c54c5e1bdc81d1072d547de7568bf
samba-krb-printing-3.0.26a-3.5.i586.rpm
84c34910588e03462d122272b12abd22
samba-python-3.0.26a-3.5.i586.rpm
c0da4925b38c010df8ea8cfbe22b17b8
samba-vscan-0.3.6b-181.5.i586.rpm
68cdda40cb0ccd5bd66bc6d0c6a967b9
samba-winbind-3.0.26a-3.5.i586.rpm
93cdaa0a3be9f28b1f72606cd7b13dfe
openSUSE 10.2:
cifs-mount-3.0.23d-19.12.i586.rpm
afaa4c73ed2b630be1851db84b9c125d
ldapsmb-1.34b-27.10.i586.rpm
7666f91e8d67dc1f8bee49e4cb0901eb
libmsrpc-3.0.23d-19.12.i586.rpm
1601f1584035d7cb330067365af4acb4
libmsrpc-devel-3.0.23d-19.12.i586.rpm
b36d408ad52e39846e24c92546ff0517
libsmbclient-3.0.23d-19.12.i586.rpm
3997a33f24a9f6c7fa02e5d4747f134f
libsmbclient-devel-3.0.23d-19.12.i586.rpm
6e3587e997434f4dab0c3cd531cbcc98
samba-3.0.23d-19.12.i586.rpm
b6b9ad383af96ca2cd910785db95048d
samba-client-3.0.23d-19.12.i586.rpm
b0d9d68df8b89a51a831d3cfa742ce71
samba-krb-printing-3.0.23d-19.12.i586.rpm
37f8f48ac1843b8e97a7c987d7079e64
samba-pdb-3.0.23d-19.12.i586.rpm
9b6c38491f7468a6a7615d436898fa5b
samba-python-3.0.23d-19.12.i586.rpm
e4ab347d68622fc88ddc67a93d626eaf
samba-vscan-0.3.6b-98.10.i586.rpm
ce4f8adcdbf52a0d5dd7f935e69639af
samba-winbind-3.0.23d-19.12.i586.rpm
e955a157680e5b6247c18bc5034c82d1
SUSE LINUX 10.1:
cifs-mount-3.0.22-13.38.i586.rpm
2f05943a1460501e9ca60a4bd549da08
ldapsmb-1.34a-18.34.i586.rpm
cd3711d293c3fe75869ec5988cc67573
libmsrpc-3.0.22-13.38.i586.rpm
686c003b70948a3be1fd08abfa1f3dcc
libmsrpc-devel-3.0.22-13.38.i586.rpm
d1bcf481db15df72b33a08c3d7c3e5d9
libsmbclient-3.0.22-13.38.i586.rpm
6b57bda44d4f6ab9bb8f461d822f5788
libsmbclient-devel-3.0.22-13.38.i586.rpm
7b273fe131866037e60772b159b1c5b0
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/samba-3.0.22-13.38.i586.rpm
845322afd91dddf6ac2dc8e0fbc39945
samba-client-3.0.22-13.38.i586.rpm
1c55254ce8e2deeae55b091bb8e94f87
samba-pdb-3.0.22-13.38.i586.rpm
7e2a2c98c8aca6585fe596e2a54eb88d
samba-python-3.0.22-13.38.i586.rpm
250037bcd87bc1bc224777c8e851228f
samba-vscan-0.3.6b-42.67.i586.rpm
b30796df04b4a725e8d84f3f67c59db1
samba-winbind-3.0.22-13.38.i586.rpm
34acf5453bb5af282aef0ecd1f7abdb3
SUSE LINUX 10.0:
cifs-mount-3.0.20b-3.19.i586.rpm
aa3510d45fee741cbc686ea61c80ec54
ldapsmb-1.33-6.19.i586.rpm
350c28feca2c5df9aa60126d7e1bb307
libsmbclient-3.0.20b-3.19.i586.rpm
e3db796664063204bc235d770050dc55
libsmbclient-devel-3.0.20b-3.19.i586.rpm
2755f1fb5543a12616e6e5d63bd02fd9
samba-3.0.20b-3.19.i586.rpm
6aff05575f28129adc6854e9bbb19d2b
samba-client-3.0.20b-3.19.i586.rpm
5b46e739f2710e67832bf349b7d701de
samba-doc-3.0.20b-3.19.i586.rpm
f13a8777d576b78696f5093cc7ee29ff
samba-pdb-3.0.20b-3.19.i586.rpm
d3eab9eace2d9f4f4da161aeb1ad7a16
samba-python-3.0.20b-3.19.i586.rpm
720af50848e8fda98933c816a7ad556e
samba-vscan-0.3.6b-4.18.i586.rpm
36ef7b26083b51ade9b0faf74c916834
samba-winbind-3.0.20b-3.19.i586.rpm
51f4572af72d962929017527b7d5efdd
Platform Independent:
openSUSE 10.3:
samba-doc-3.0.26a-3.5.noarch.rpm
39467dee7de97fbfe021ad192ef3d572
openSUSE 10.2:
samba-doc-3.0.23d-19.9.noarch.rpm
a1b924be38bc5da02cf397271403fb15
SUSE LINUX 10.1:
samba-doc-3.0.22-20.52.noarch.rpm
5926d68856a69a339b6f9932ccd8b1fd
Power PC Platform:
openSUSE 10.3:
cifs-mount-3.0.26a-3.5.ppc.rpm
0cd62968d1c4aa6d9211c3439a117a68
ldapsmb-1.34b-110.5.ppc.rpm
a6f9195f03ab26487b52f60fd78698ed
libmsrpc-3.0.26a-3.5.ppc.rpm
6a185e53ce56877e6ce11553820eabe7
libmsrpc-devel-3.0.26a-3.5.ppc.rpm
9a34657070463217e9e9df9687143d60
libsmbclient-3.0.26a-3.5.ppc.rpm
c5f7822d14047a6bcc5f9be210ef6e7b
libsmbclient-devel-3.0.26a-3.5.ppc.rpm
a3b16e3141481d5f1790324f03833d61
libsmbsharemodes-3.0.26a-3.5.ppc.rpm
c42d71369f0149e83c55ebb7181588a3
libsmbsharemodes-devel-3.0.26a-3.5.ppc.rpm
56bfac393c26f8ed185cf288c0ec3284
samba-3.0.26a-3.5.ppc.rpm
07d93ee1ba0f8ba800dd225d4b9f952a
samba-client-3.0.26a-3.5.ppc.rpm
2b3b282ca2d9a71ac62ab4419345016b
samba-devel-3.0.26a-3.5.ppc.rpm
1f01b5a13517cc5ccf12528c8b50d68a
samba-krb-printing-3.0.26a-3.5.ppc.rpm
05a65ebf61b618b1c4c4db4ab5f8ca33
samba-python-3.0.26a-3.5.ppc.rpm
f3be951b3cfdc871ff36e592d498e4b3
samba-vscan-0.3.6b-181.5.ppc.rpm
74292b93b66f7b2bbefb5187adfed6e4
samba-winbind-3.0.26a-3.5.ppc.rpm
4b281ee450b53b2982e5183e35b2f5c9
openSUSE 10.2:
cifs-mount-3.0.23d-19.12.ppc.rpm
f2444c5e913e2d84a6cded6c5c794ee6
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/ldapsmb-1.34b-27.10.ppc.rpm
78c64dc20ebb8a3a6a175f15d504d92c
libmsrpc-3.0.23d-19.12.ppc.rpm
db9db8c1ecfc417ec2f2720d42940d70
libmsrpc-devel-3.0.23d-19.12.ppc.rpm
58a63d9a08dcd9a13129fd1f880fa1b6
libsmbclient-3.0.23d-19.12.ppc.rpm
d64260ddfa5bc6b5e3c9c3c2447c8f0f
libsmbclient-devel-3.0.23d-19.12.ppc.rpm
5c7c53ccd7b10d89165bcbed29aded9e
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/samba-3.0.23d-19.12.ppc.rpm
eed181f7254fed5b96356607c6d03389
samba-client-3.0.23d-19.12.ppc.rpm
026fba74fd7dceab4eab79eb8bef8d45
samba-krb-printing-3.0.23d-19.12.ppc.rpm
36877bb2af6e0cc2acef236e242e5b52
samba-pdb-3.0.23d-19.12.ppc.rpm
d28ad04339a82d79124ad9abedd2dcf6
samba-python-3.0.23d-19.12.ppc.rpm
f42c732902e8af6717129cc14a6a974f
samba-vscan-0.3.6b-98.10.ppc.rpm
4ee6aa7c5a5dfb0fc0bf91c5ce170b18
samba-winbind-3.0.23d-19.12.ppc.rpm
98521632e3273836892abfc9a8850ec8
SUSE LINUX 10.1:
cifs-mount-3.0.22-13.38.ppc.rpm
f0e56f33899d4868cd4ae6ac7d6eacab
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/ldapsmb-1.34a-18.34.ppc.rpm
481cabc078d52395d07a03afb9260a43
libmsrpc-3.0.22-13.38.ppc.rpm
f460869c64684d95096e1331586dacdb
libmsrpc-devel-3.0.22-13.38.ppc.rpm
acf03549cb101d7173c0412e12edad1d
libsmbclient-3.0.22-13.38.ppc.rpm
d53304f19b32f5b93a62e0efb69cb039
libsmbclient-devel-3.0.22-13.38.ppc.rpm
205ac90f2737fd0d12bec7c21c718a49
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/samba-3.0.22-13.38.ppc.rpm
88304fbd17ff4f68bff897f83a4eed71
samba-client-3.0.22-13.38.ppc.rpm
e85c92e8e1069b727de46dc8dba21178
samba-pdb-3.0.22-13.38.ppc.rpm
7310693b8985014d3c0e49be93108507
samba-python-3.0.22-13.38.ppc.rpm
c54bf91f4bf84ee9087aa5f6631c849e
samba-vscan-0.3.6b-42.67.ppc.rpm
b0f48534514cbfbcccbcaef082c279ee
samba-winbind-3.0.22-13.38.ppc.rpm
75c135d1bc2c0242ee467b1ff61da8e8
SUSE LINUX 10.0:
cifs-mount-3.0.20b-3.19.ppc.rpm
73b81b3856589b55b94fda3dc519f9ec
ldapsmb-1.33-6.19.ppc.rpm
69e4ba509db113d219bd6d6b4514d74f
libsmbclient-3.0.20b-3.19.ppc.rpm
67be23ebf3c5690c69daa724c11ca546
libsmbclient-devel-3.0.20b-3.19.ppc.rpm
4ad9822904c9c1a730ea98ad94b6912c
samba-3.0.20b-3.19.ppc.rpm
132d85fe5bafdde591937e905ed1dfdf
samba-client-3.0.20b-3.19.ppc.rpm
28c59d931ef479e419382b1f1c1c10ca
samba-doc-3.0.20b-3.19.ppc.rpm
21b923582b3179d48eee80a6204a9f5d
samba-pdb-3.0.20b-3.19.ppc.rpm
68c41fccb41731ab0b82152c42503fb7
samba-python-3.0.20b-3.19.ppc.rpm
3317974bcf40ecd486874ed515dfbdaa
samba-vscan-0.3.6b-4.18.ppc.rpm
bed5f00541dbf418ee2c266daa92c6a7
samba-winbind-3.0.20b-3.19.ppc.rpm
f378061ff72f1d7f2e2512d291575cb9
x86-64 Platform:
openSUSE 10.3:
cifs-mount-3.0.26a-3.5.x86_64.rpm
af0f7a523a45b6db682fe22baa726478
ldapsmb-1.34b-110.5.x86_64.rpm
c74da5b770b833e83c2de23763e19d9b
libmsrpc-3.0.26a-3.5.x86_64.rpm
ba8a8c86b2abc2dd07638a14acf8a749
libmsrpc-devel-3.0.26a-3.5.x86_64.rpm
8502b0e45b25df6153622a2ec680d2c6
libsmbclient-3.0.26a-3.5.x86_64.rpm
a2d40bf47101679f432acf277699ab1c
libsmbclient-32bit-3.0.26a-3.5.x86_64.rpm
e2261330c01aa2cd610c01c31a3e71b3
libsmbclient-devel-3.0.26a-3.5.x86_64.rpm
8ac32adf2af43277ad39df05885cf004
libsmbsharemodes-3.0.26a-3.5.x86_64.rpm
9c92b0ad6910b5a91801118fd53a3f14
libsmbsharemodes-devel-3.0.26a-3.5.x86_64.rpm
c6b097b4292fec495b59ba09354b12cf
samba-3.0.26a-3.5.x86_64.rpm
b55934f29d8a486d2abc3b2b4536e7d3
samba-32bit-3.0.26a-3.5.x86_64.rpm
e67397a0cdcca4ffe33d458a078a71ab
samba-client-3.0.26a-3.5.x86_64.rpm
216ec6be569f63742ecbf4a787e1824b
samba-client-32bit-3.0.26a-3.5.x86_64.rpm
068f0ceb354a0f0741c1f1a743710dc0
samba-devel-3.0.26a-3.5.x86_64.rpm
c138f629b99d53769e8f18581578991d
samba-krb-printing-3.0.26a-3.5.x86_64.rpm
3a001c4d1796128725e1ead04732ece1
samba-python-3.0.26a-3.5.x86_64.rpm
d3cad141787e3e564d2bfd88823261e3
samba-vscan-0.3.6b-181.5.x86_64.rpm
3479f65df3061ec6fe2f4c5f5d3e4364
samba-winbind-3.0.26a-3.5.x86_64.rpm
b24df7dd9097e4c35385fa60d638aea2
samba-winbind-32bit-3.0.26a-3.5.x86_64.rpm
08ca3c1773eccba6cebe600f0198bc57
openSUSE 10.2:
cifs-mount-3.0.23d-19.12.x86_64.rpm
9081c59e9c88c537f7fecb4999070fa1
ldapsmb-1.34b-27.10.x86_64.rpm
5b5d5cc40f7b51b5473c2effec7a961d
libmsrpc-3.0.23d-19.12.x86_64.rpm
b5f5bbd929ccbfb4fdeef987f1a0a7f2
libmsrpc-devel-3.0.23d-19.12.x86_64.rpm
3e0f3ac7cbcc182a66f99ce147812123
libsmbclient-3.0.23d-19.12.x86_64.rpm
64377e86d45de128b22af942cab575ea
libsmbclient-32bit-3.0.23d-19.12.x86_64.rpm
8e21116ddd67f748ba49b453e64f16af
libsmbclient-devel-3.0.23d-19.12.x86_64.rpm
36a4c1b65cfdd027a4726b85df6d7e75
samba-3.0.23d-19.12.x86_64.rpm
6bd4864e67f9450d119029b8744289ad
samba-32bit-3.0.23d-19.12.x86_64.rpm
514f048e68196dc85787ed84a209be48
samba-client-3.0.23d-19.12.x86_64.rpm
cec9ba17ea0abb1962bcbc9b8791f72a
samba-client-32bit-3.0.23d-19.12.x86_64.rpm
af7c9a1aed49df4020a7720f5f5721f0
samba-krb-printing-3.0.23d-19.12.x86_64.rpm
8d1faa3f69aeaaf9cc20d22c9dc369d9
samba-pdb-3.0.23d-19.12.x86_64.rpm
39e1bdfdcca7e49a911efb00f33717e7
samba-python-3.0.23d-19.12.x86_64.rpm
e7ac921e2ed73fce7463b0dbb2b96461
samba-vscan-0.3.6b-98.10.x86_64.rpm
106e3660b76b9499501a0e61b01059c8
samba-winbind-3.0.23d-19.12.x86_64.rpm
43465347bf1d998eeb3e40c3b50995a6
samba-winbind-32bit-3.0.23d-19.12.x86_64.rpm
44fa9cfafb953cdc2e183dc8d6937acb
SUSE LINUX 10.1:
cifs-mount-3.0.22-13.38.x86_64.rpm
f399c965065c9d15fa9eb6c25d75dfd0
ldapsmb-1.34a-18.34.x86_64.rpm
6ebe4219211e90da6771db9c5fa17e65
libmsrpc-3.0.22-13.38.x86_64.rpm
d268f0edf1ec53bdfdcc9193dab34a1a
libmsrpc-devel-3.0.22-13.38.x86_64.rpm
a60678ede2d3c252b2dbc907585f9059
libsmbclient-3.0.22-13.38.x86_64.rpm
5de55c73b1addb72fec37b90ee33b5ab
libsmbclient-32bit-3.0.22-13.38.x86_64.rpm
d5e9f4362f7b93a23a89509b5529fab7
libsmbclient-devel-3.0.22-13.38.x86_64.rpm
f0847fd830347f01686ff8ff10f01cfb
samba-3.0.22-13.38.x86_64.rpm
b3b21034e364084d9a0437943b126007
samba-32bit-3.0.22-13.38.x86_64.rpm
c01154efe5c8703ba2eefb765ad92c8b
samba-client-3.0.22-13.38.x86_64.rpm
fe1c09a1bd074c5b5eafdffa6dbe8690
samba-client-32bit-3.0.22-13.38.x86_64.rpm
754ec0cfbd5dc4f698c8d5d1ee6fac6b
samba-pdb-3.0.22-13.38.x86_64.rpm
c657a9008ec9c024efbb58938e922c73
samba-python-3.0.22-13.38.x86_64.rpm
7b3a2dab4dcd936e9e9cc3165a9d5a9f
samba-vscan-0.3.6b-42.67.x86_64.rpm
e87a1a9191785d22210da556bd31da5f
samba-winbind-3.0.22-13.38.x86_64.rpm
dff37b747c895070babb9638702a3750
samba-winbind-32bit-3.0.22-13.38.x86_64.rpm
827202c10aeeb251e2e40a0065abb0ab
SUSE LINUX 10.0:
cifs-mount-3.0.20b-3.19.x86_64.rpm
2aad8134654b11f9fdfcb658ed8637a5
ldapsmb-1.33-6.19.x86_64.rpm
723e5b47831f247b8f5e37dca0a2bfdb
libsmbclient-3.0.20b-3.19.x86_64.rpm
4a5a603903cb13158895e26baec491c5
libsmbclient-32bit-3.0.20b-3.19.x86_64.rpm
29814d08bf2348e753a19819df3beb14
libsmbclient-devel-3.0.20b-3.19.x86_64.rpm
4bb34360311fad4524d5167a025b145c
samba-3.0.20b-3.19.x86_64.rpm
99aaf715ae30f7774842f1eba35820f3
samba-client-3.0.20b-3.19.x86_64.rpm
c2646918e6044d0052c36dab4ffd0e93
samba-doc-3.0.20b-3.19.x86_64.rpm
93ffe07900ccd4c5d8e0cbacfc5e5403
samba-pdb-3.0.20b-3.19.x86_64.rpm
5226a870eb989b475cc6a871cc024cf3
samba-python-3.0.20b-3.19.x86_64.rpm
73adc1b93d86c22df501076a9a41bb68
samba-vscan-0.3.6b-4.18.x86_64.rpm
a0f2c6fbcb92acc477370ff5609e177c
samba-winbind-3.0.20b-3.19.x86_64.rpm
35e2801afd91d1fd4f1663c61aaa7fb4
Sources:
openSUSE 10.3:
samba-3.0.26a-3.5.src.rpm
0c51e5e8c284b4a4d92e75c8e8eb8831
samba-doc-3.0.26a-3.5.nosrc.rpm
482dcc2dfce7d00c253ace3465400e6e
openSUSE 10.2:
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/samba-3.0.23d-19.12.src.rpm
6d6bcf35be28199114f4e43bba61f43b
samba-doc-3.0.23d-19.9.nosrc.rpm
4ed2b2447d2ef68f982e803270dc9b1b
SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/samba-3.0.22-13.38.src.rpm
3319209b169a2f45f066ab8934148b88
samba-doc-3.0.22-20.52.nosrc.rpm
bb2e30f3bbcd5181e0d6ad6b6868d225
SUSE LINUX 10.0:
samba-3.0.20b-3.19.src.rpm
ae95f8c0dc92a4096ff84ab83c8753fd
Our maintenance customers are notified individually. The packages are
offered for installation from the maintenance web:
UnitedLinux 1.0
62b9c0440dd934e47058664687d5b084.html
SuSE Linux Openexchange Server 4
62b9c0440dd934e47058664687d5b084.html
Open Enterprise Server
62b9c0440dd934e47058664687d5b084.html
Novell Linux POS 9
62b9c0440dd934e47058664687d5b084.html
Novell Linux Desktop 9
62b9c0440dd934e47058664687d5b084.html
SuSE Linux Enterprise Server 8
62b9c0440dd934e47058664687d5b084.html
SuSE Linux Standard Server 8
62b9c0440dd934e47058664687d5b084.html
SuSE Linux School Server
62b9c0440dd934e47058664687d5b084.html
SUSE LINUX Retail Solution 8
62b9c0440dd934e47058664687d5b084.html
SuSE Linux Desktop 1.0
62b9c0440dd934e47058664687d5b084.html
SUSE Linux Enterprise Server 10 SP1
62b9c0440dd934e47058664687d5b084.html
SLE SDK 10 SP1
62b9c0440dd934e47058664687d5b084.html
SUSE Linux Enterprise Desktop 10 SP1
62b9c0440dd934e47058664687d5b084.html
SUSE SLES 9
62b9c0440dd934e47058664687d5b084.html
______________________________________________________________________________
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
______________________________________________________________________________
6) Authenticity Verification and Additional Information
- Announcement authenticity verification:
SUSE security announcements are published via mailing lists and on Web
sites. The authenticity and integrity of a SUSE security announcement is
guaranteed by a cryptographic signature in each announcement. All SUSE
security announcements are published with a valid signature.
To verify the signature of the announcement, save it as text into a file
and run the command
gpg --verify <file>
replacing <file> with the name of the file where you saved the
announcement. The output for a valid signature looks like:
gpg: Signature made <DATE> using RSA key ID 3D25D3D9
gpg: Good signature from "SuSE Security Team
<security@suse.de>"
where <DATE> is replaced by the date the document was signed.
If the security team's key is not contained in your key ring, you can
import it from the first installation CD. To import the key, use the
command
gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
- Package authenticity verification:
SUSE update packages are available on many mirror FTP servers all over the
world. While this service is considered valuable and important to the free
and open source software community, the authenticity and the integrity of
a package needs to be verified to ensure that it has not been tampered
with.
There are two verification methods that can be used independently from
each other to prove the authenticity of a downloaded file or RPM package:
1) Using the internal gpg signatures of the rpm package
2) MD5 checksums as provided in this announcement
1) The internal rpm package signatures provide an easy way to verify the
authenticity of an RPM package. Use the command
rpm -v --checksig <file.rpm>
to verify the signature of the package, replacing <file.rpm> with
the
filename of the RPM package downloaded. The package is unmodified if it
contains a valid signature from build@suse.de with the key ID 9C800ACA.
This key is automatically imported into the RPM database (on
RPMv4-based distributions) and the gpg key ring of 'root' during
installation. You can also find it on the first installation CD and at
the end of this announcement.
2) If you need an alternative means of verification, use the md5sum
command to verify the authenticity of the packages. Execute the command
md5sum <filename.rpm>
after you downloaded the file from a SUSE FTP server or its mirrors.
Then compare the resulting md5sum with the one that is listed in the
SUSE security announcement. Because the announcement containing the
checksums is cryptographically signed (by security@suse.de), the
checksums show proof of the authenticity of the package if the
signature of the announcement is valid. Note that the md5 sums
published in the SUSE Security Announcements are valid for the
respective packages only. Newer versions of these packages cannot be
verified.
- SUSE runs two security mailing lists to which any interested party may
subscribe:
opensuse-security@opensuse.org
- General Linux and SUSE security discussion.
All SUSE security announcements are sent to this list.
To subscribe, send an e-mail to
<opensuse-security+subscribe@opensuse.org>.
opensuse-security-announce@opensuse.org
- SUSE's announce-only mailing list.
Only SUSE's security announcements are sent to this list.
To subscribe, send an e-mail to
<opensuse-security-announce+subscribe@opensuse.org>.
=====================================================================
SUSE's security contact is <security@suse.com> or
<security@suse.de>.
The <security@suse.de> public key is listed below.
=====================================================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way. In particular, the
clear text signature should show proof of the authenticity of the text.
SUSE Linux Products GmbH provides no warranties of any kind whatsoever
with respect to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security@suse.de>
pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build@suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.2 (GNU/Linux)
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU
F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS
FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW
tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It
Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF
AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+
3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk
YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP
+Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR
8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U
8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S
cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh
ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB
UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo
AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n
KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi
BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro
nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg
KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx
yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn
B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV
wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh
UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF
5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3
D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu
zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd
9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi
a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13
CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp
271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE
t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG
B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw
rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt
IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL
rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H
RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa
g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA
CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO
=ypVs
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBR1+gi3ey5gA9JdPZAQKKAQf/QXi2ziQFAuIA34rMp+FNIen6YZ2drup3
hJzkzUInNQEFN6Ghnf/pcThTQnoc/QknxR8kOdNIInf0UgjqJOyGTqzJJxgKE0Ie
+nlU1uEelS2UfeiIoa4vFRW8e1AeIcbKAjStA1fhAEfbm+DP4pxuJbZ2cvTVNoU8
7GeppMsPfHXk9tJM17rg16pdImWPLElAGA9183ir6Nuj31RsIzE7cmHpFKnSKLX4
jWv2B29hMmqejliuvH2sv+rlOgQOhwk1fS9QyZt+TVitLJhEAEag46Y1vHlb2qnK
tGsMsUvj7i7JZCMfXEsB1cV6O3YFVcMSo1Bvdta4MdzFaHnuuif+GA==
=NwjI
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
|
|
|
|
