samba (2:3.4.0-3ubuntu5) karmic; urgency=low
* SECURITY UPDATE: whole filesystem share via user with no home directory
- debian/patches/security-CVE-2009-2813.patch: make sure home directory
is set in source3/param/loadparm.c, source3/smbd/service.c.
- CVE-2009-2813
* SECURITY UPDATE: credentials file disclosure and unauthorized usage via
setuid mount.cifs
- debian/patches/security-CVE-2009-2948.patch: don't open credentials
file if user doesn't have permission, and don't print password when
using verbose option in source3/client/mount.cifs.c.
- CVE-2009-2948
* SECURITY UPDATE: denial of service via unexpected oplock break
notification reply
- debian/patches/security-CVE-2009-2906.patch: track messages already
processed in source3/include/smb.h, source3/smbd/process.c.
- CVE-2009-2906
Date: Thu, 01 Oct 2009 08:20:29 -0400
Changed-By: Marc Deslauriers <[email protected]>
Maintainer: Ubuntu Core Developers <[email protected]>
Signed-By: Chuck Short <[email protected]>
https://launchpad.net/ubuntu/karmic/+source/samba/2:3.4.0-3ubuntu5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 01 Oct 2009 08:20:29 -0400
Source: samba
Binary: samba samba-common-bin samba-common samba-tools smbclient swat
samba-doc samba-doc-pdf smbfs libpam-smbpass libsmbclient libsmbclient-dev
winbind samba-dbg libwbclient0
Architecture: source
Version: 2:3.4.0-3ubuntu5
Distribution: karmic
Urgency: low
Maintainer: Ubuntu Core Developers <[email protected]>
Changed-By: Marc Deslauriers <[email protected]>
Description:
libpam-smbpass - pluggable authentication module for Samba
libsmbclient - shared library for communication with SMB/CIFS servers
libsmbclient-dev - development files for libsmbclient
libwbclient0 - Samba winbind client library
samba - SMB/CIFS file, print, and login server for Unix
samba-common - common files used by both the Samba server and client
samba-common-bin - common files used by both the Samba server and client
samba-dbg - Samba debugging symbols
samba-doc - Samba documentation
samba-doc-pdf - Samba documentation in PDF format
samba-tools - Samba testing utilities
smbclient - command-line SMB/CIFS clients for Unix
smbfs - Samba file system utilities
swat - Samba Web Administration Tool
winbind - Samba nameservice integration server
Changes:
samba (2:3.4.0-3ubuntu5) karmic; urgency=low
.
* SECURITY UPDATE: whole filesystem share via user with no home directory
- debian/patches/security-CVE-2009-2813.patch: make sure home directory
is set in source3/param/loadparm.c, source3/smbd/service.c.
- CVE-2009-2813
* SECURITY UPDATE: credentials file disclosure and unauthorized usage via
setuid mount.cifs
- debian/patches/security-CVE-2009-2948.patch: don't open credentials
file if user doesn't have permission, and don't print password when
using verbose option in source3/client/mount.cifs.c.
- CVE-2009-2948
* SECURITY UPDATE: denial of service via unexpected oplock break
notification reply
- debian/patches/security-CVE-2009-2906.patch: track messages already
processed in source3/include/smb.h, source3/smbd/process.c.
- CVE-2009-2906
Checksums-Sha1:
c101dbf75372271b5b41437c4094aa6077f1de7a 2190 samba_3.4.0-3ubuntu5.dsc
1bebc201e9c135a9fafe3d2bf812a8642559517c 488950 samba_3.4.0-3ubuntu5.diff.gz
Checksums-Sha256:
844f0f0021dd0adf91a5ab9d4e907696daacaf5ea0b8c72ce501382911d439f0 2190
samba_3.4.0-3ubuntu5.dsc
f26df79ed4b969d186ee38e84c5981c7670955daefc5f9cc776293e2c1301fec 488950
samba_3.4.0-3ubuntu5.diff.gz
Files:
731f148100ced147df79d4a2ddd86e77 2190 net optional samba_3.4.0-3ubuntu5.dsc
8d8c229e5d812b9ba5f245c145ed7895 488950 net optional
samba_3.4.0-3ubuntu5.diff.gz
Original-Maintainer: Debian Samba Maintainers
<[email protected]>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkrE6p0ACgkQIHZ33voUATtzpwCgtF5FyCcZqwsTbima4DMLYRH9
4oQAnicv1AXe6//OBKU3wNZtMuUBTdDr
=6i3H
-----END PGP SIGNATURE-----
--
Karmic-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/karmic-changes
