Fedora Legacy Test Update Notification: samba

Dominic Hargreaves dom at earth.li
Thu Oct 7 17:42:15 UTC 2004 

---------------------------------------------------------------------
Fedora Test Update Notification
FEDORALEGACY-2004-2102
Bugzilla https://bugzilla.fedora.us/show_bug.cgi?id=2102
2004-10-07
---------------------------------------------------------------------
 
Name          : samba
Version (7.3) : 2.2.12-0.73.2.legacy
Version (9)   : 2.2.12-0.90.1.legacy
Summary       : The Samba SMB server.
Description   :
Samba is the protocol by which a lot of PC-related machines share
files, printers, and other information (such as lists of available
files and printers). The Windows NT, OS/2, and Linux operating systems
support this natively, and add-on packages can enable the same thing
for DOS, Windows, VMS, UNIX of all kinds, MVS, and more. This package
provides an SMB server that can be used to provide network services to
SMB (sometimes called "Lan Manager") clients. Samba uses NetBIOS over
TCP/IP (NetBT) protocols and does NOT need the NetBEUI (Microsoft Raw
NetBIOS frame) protocol.

---------------------------------------------------------------------
Update Information:
 
Karol Wiesek discovered an input validation issue in Samba prior to 3.0.6.
An authenticated user could send a carefully crafted request to the Samba
server, which would allow access to files outside of the configured file
share. Note: Such files would have to be readable by the account used
for the connection. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0815 to this issue.

Users of Samba should upgrade to these updated packages, which contain an
upgrade to Samba-2.2.12, which is not vulnerable to this issue.

---------------------------------------------------------------------
7.3 changelog:

* Thu Oct 07 2004 Dominic Hargreaves <dom at earth.li> 2.2.12-0.73.2.legacy

- Add BuildRequires: libtool

* Mon Oct 04 2004 Craig Kelley <ckelley at ibnads.com> 2.2.12-0.73.1.legacy

- Updated to samba-2.2.12 to fix CAN-2004-0815

* Tue Sep 14 2004 Craig Kelley <ckelley at ibnads.com> 2.2.11-0.73.0.legacy

- Updated to samba-2.2.11 to fix the PrintChangeNotify bug (samba bug #1520)

* Thu Aug 05 2004 Marc Deslauriers <marcdeslauriers at videotron.ca> 2.2.10-0.73.1.
legacy

- Rebuilt as Fedora Legacy update.

* Wed Jul 21 2004 Jay Fenlason <fenlason at redhat.com> 2.2.9-1.21as.1

- Upgrade to 2.2.10 to fix CAN-2004-0686

9 changelog:

* Thu Oct 07 2004 Dominic Hargreaves <dom at earth.li> 2.2.12-0.90.1.legacy

- Add BuildRequires: libtool

* Mon Oct 04 2004 Marc Deslauriers <marcdeslauriers at videotron.ca> 2.2.12-0.90.0.
legacy

- Updated to samba-2.2.12 to fix CAN-2004-0815

* Tue Sep 14 2004 Marc Deslauriers <marcdeslauriers at videotron.ca> 2.2.11-0.90.0.
legacy

- Updated to samba-2.2.11 to fix the PrintChangeNotify bug (samba bug #1520)

* Thu Aug 05 2004 Marc Deslauriers <marcdeslauriers at videotron.ca> 2.2.10-0.90.1.
legacy

- Upgrade to 2.2.10 to fix CAN-2004-0686
- Include an explicit epoch on all requires lines.
- chmod +x the configure in examples/VFS since it seems to have lost its
  execute permissions somewhere.


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedoralegacy.org/redhat/

664447fbbf1371174b601099d18102023537ecbf  7.3/updates-testing/SRPMS/samba-2.2.12-0.73.2.legacy.src.rpm
ab34e621cdaa5ad567276244eb2ed2234c418890  7.3/updates-testing/i386/samba-2.2.12-0.73.2.legacy.i386.rpm
aaae87969ae3287e432503cee8fbcb83525d020e  7.3/updates-testing/i386/samba-client-2.2.12-0.73.2.legacy.i386.rpm
728d7f6d68dc837fd874ac870e5d2241e2514a6d  7.3/updates-testing/i386/samba-common-2.2.12-0.73.2.legacy.i386.rpm
3cb01bb47a5fa55151637050f01769898b7dc89c  7.3/updates-testing/i386/samba-swat-2.2.12-0.73.2.legacy.i386.rpm
2968358eb51a4342b520f5494a4013643ba73e1b  9/updates-testing/SRPMS/samba-2.2.12-0.90.1.legacy.src.rpm
dcafbbcb96a0848e8b4017bdf1745c275681db35  9/updates-testing/i386/samba-2.2.12-0.90.1.legacy.i386.rpm
e7fe4b9425d535768fc17464f7879dd1f048a8b2  9/updates-testing/i386/samba-client-2.2.12-0.90.1.legacy.i386.rpm
f590e48b6a9ad6841f7ea96070d08c8151ae12d7  9/updates-testing/i386/samba-common-2.2.12-0.90.1.legacy.i386.rpm
75fbf38b5381ee7cf9b91c5723aa8d66f8e92fbc  9/updates-testing/i386/samba-swat-2.2.12-0.90.1.legacy.i386.rpm

Please note that this update is also available via yum and apt through the 
updates-testing channel.  Many people find this an easier way to apply 
updates.
---------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/fedora-legacy-list/attachments/20041007/eef71834/attachment.sig>

More information about the fedora-legacy-list mailing list