Mailinglist Archive: opensuse-updates (12 mails)

< Previous Next >
openSUSE-SU-2010:0346-1 (important): samba: Fixed various security issues
  • From: opensuse-security@xxxxxxxxxxxx
  • Date: Tue, 29 Jun 2010 23:08:19 +0200 (CEST)
  • Message-id: <20100629210819.C61C2BE25@xxxxxxxxxxxxxx>
openSUSE Security Update: samba: Fixed various security issues
______________________________________________________________________________

Announcement ID: openSUSE-SU-2010:0346-1
Rating: important
References: #550002 #577868 #605935 #606947 #611927
Cross-References: CVE-2010-2063
Affected Products:
openSUSE 11.1
openSUSE 11.0
______________________________________________________________________________

An update that solves one vulnerability and has four fixes
is now available. It includes two new package versions.

Description:

This update of the Samba server package fixes security
issues and bugs.

Following security issues were fixed: CVE-2010-2063: A
buffer overrun was possible in chain_reply code in 3.3.x
and below, which could be used to crash the samba server or
potentially execute code.

CVE-2010-0787: Take extra care that a mount point of
mount.cifs isn't changed during mount.

Also the following bugs were fixed:
- Honor "interfaces" list in net ad dns register.
(bnc#606947)
- An uninitialized variable read could cause an smbd crash;
(bso#7254); (bnc#605935).


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.1:

zypper in -t patch cifs-mount-2543

- openSUSE 11.0:

zypper in -t patch cifs-mount-2543

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.1 (i586 ppc src x86_64) [New Version: 3.2.7]:

samba-3.2.7-11.7.1

- openSUSE 11.1 (i586 ppc x86_64) [New Version: 3.2.7]:

cifs-mount-3.2.7-11.7.1
ldapsmb-1.34b-6.7.1
libnetapi-devel-3.2.7-11.7.1
libnetapi0-3.2.7-11.7.1
libsmbclient-devel-3.2.7-11.7.1
libsmbclient0-3.2.7-11.7.1
libsmbsharemodes-devel-3.2.7-11.7.1
libsmbsharemodes0-3.2.7-11.7.1
libtalloc-devel-3.2.7-11.7.1
libtalloc1-3.2.7-11.7.1
libtdb-devel-3.2.7-11.7.1
libtdb1-3.2.7-11.7.1
libwbclient-devel-3.2.7-11.7.1
libwbclient0-3.2.7-11.7.1
samba-client-3.2.7-11.7.1
samba-devel-3.2.7-11.7.1
samba-krb-printing-3.2.7-11.7.1
samba-vscan-0.3.6b-6.7.1
samba-winbind-3.2.7-11.7.1

- openSUSE 11.1 (x86_64) [New Version: 3.2.7]:

libsmbclient0-32bit-3.2.7-11.7.1
libtalloc1-32bit-3.2.7-11.7.1
libtdb1-32bit-3.2.7-11.7.1
libwbclient0-32bit-3.2.7-11.7.1
samba-32bit-3.2.7-11.7.1
samba-client-32bit-3.2.7-11.7.1
samba-winbind-32bit-3.2.7-11.7.1

- openSUSE 11.1 (ppc) [New Version: 3.2.7]:

libsmbclient0-64bit-3.2.7-11.7.1
libtalloc1-64bit-3.2.7-11.7.1
libtdb1-64bit-3.2.7-11.7.1
libwbclient0-64bit-3.2.7-11.7.1
samba-64bit-3.2.7-11.7.1
samba-client-64bit-3.2.7-11.7.1
samba-winbind-64bit-3.2.7-11.7.1

- openSUSE 11.0 (i586 ppc src x86_64) [New Version: 3.2.4]:

samba-3.2.4-4.12

- openSUSE 11.0 (i586 ppc x86_64) [New Version: 3.2.4]:

cifs-mount-3.2.4-4.12
ldapsmb-1.34b-195.17
libnetapi-devel-3.2.4-4.12
libnetapi0-3.2.4-4.12
libsmbclient-devel-3.2.4-4.12
libsmbclient0-3.2.4-4.12
libsmbsharemodes-devel-3.2.4-4.12
libsmbsharemodes0-3.2.4-4.12
libtalloc-devel-3.2.4-4.12
libtalloc1-3.2.4-4.12
libtdb-devel-3.2.4-4.12
libtdb1-3.2.4-4.12
libwbclient-devel-3.2.4-4.12
libwbclient0-3.2.4-4.12
samba-client-3.2.4-4.12
samba-devel-3.2.4-4.12
samba-krb-printing-3.2.4-4.12
samba-winbind-3.2.4-4.12

- openSUSE 11.0 (x86_64) [New Version: 3.2.4]:

libsmbclient0-32bit-3.2.4-4.12
libtalloc1-32bit-3.2.4-4.12
libtdb1-32bit-3.2.4-4.12
libwbclient0-32bit-3.2.4-4.12
samba-32bit-3.2.4-4.12
samba-client-32bit-3.2.4-4.12
samba-winbind-32bit-3.2.4-4.12

- openSUSE 11.0 (ppc) [New Version: 3.2.4]:

libsmbclient0-64bit-3.2.4-4.12
libtalloc1-64bit-3.2.4-4.12
libtdb1-64bit-3.2.4-4.12
libwbclient0-64bit-3.2.4-4.12
samba-64bit-3.2.4-4.12
samba-client-64bit-3.2.4-4.12
samba-winbind-64bit-3.2.4-4.12


References:

http://support.novell.com/security/cve/CVE-2010-2063.html
https://bugzilla.novell.com/550002
https://bugzilla.novell.com/577868
https://bugzilla.novell.com/605935
https://bugzilla.novell.com/606947
https://bugzilla.novell.com/611927


< Previous Next >
List Navigation
This Thread
  • No further messages