Alexander Hansen wrote: > On 4/12/12 10:36 AM, Alexander Hansen wrote: >> On 4/12/12 10:04 AM, Robert Wyatt wrote: >>> My ISO (information security office) is requiring me (it says >>> "recommends" below--but that's not what they really mean) to update my >>> Samba installation on a MacOS 10.5 machine that I have. >>> >>> Currently fink offers Samba3 at version: 3.6.0. >>> >>> ------------------------------ >>> Steps for Remediation >>> ------------------------------ >>> >>> The ISO highly recommends that you update Samba. Versions 3.6.4, >>> 3.5.14, and >>> 3.4.16 have been released to address this defect, and are available at >>> http://www.samba.org/samba/security/. In addition, due to the >>> severity and >>> extreme risk posed by this flaw, Samba has also made patches >>> available for all >>> versions currently out of support and maintenance from 3.0.37 >>> onwards at >>> http://samba.org/samba/patches/. If you are using RedHat, RedHat has >>> released >>> Samba version 3.5.10-115 to address this vulnerability. >>> >>> >>> My question: Has anyone tried a newer build yet on any of the active >>> trees? This machine is a PPC; I need to either update it or disable >>> Samba. >>> >>> Thanks, >>> Robert >>> >>> >> ( Correcting Daniel J.'s address. :-) ) >> >> In case nobody else has tried that, it may be worth doing a local >> update of samba3 on your machine to build 3.6.4. It may just be a >> simple matter of changing the version and Source-MD5 (though I >> wouldn't count on it). >> >> > Maybe I'm too negative. :-) I tried changing the version of samba3 to > 3.6.4 and updating the Source-MD5 and the build appears to be successful. > > One thing to note is that our samba3 is set up _not_ to run its smbd > automatically: > > DescUsage: << > No attempt to start the smbd server automatically has been made as it > could interfere with OS X's own smbd server. This might be > implemented > later but for now is left as an exercise for the user. > << >
Got it, thanks Alexander! Considering the vulnerability, I'll need to switch to fink's Samba or the ISO will be on my LAN administrator whose job it is to enforce compliance.. I guess I'll need to think about how to do that unless someone happens to know a tidy method offhand...? At any rate, I'll try the build next. --Robert ------------------------------------------------------------------------------ For Developers, A Lot Can Happen In A Second. Boundary is the first to Know...and Tell You. Monitor Your Applications in Ultra-Fine Resolution. Try it FREE! http://p.sf.net/sfu/Boundary-d2dvs2 _______________________________________________ Fink-users mailing list Fink-users@lists.sourceforge.net List archive: http://news.gmane.org/gmane.os.macosx.fink.user Subscription management: https://lists.sourceforge.net/lists/listinfo/fink-users
