Presuming you have a RHEL subscription, you should be able to download
the ISO's and patches on an internet machine and xfr via sneaker net
(USB drive, DVD) to the internal network. You can even set up an
internal yum repository. Even with out an internet connection, you
still have to consider internal security concerns.
With Solaris, you can also download the latest monthly patch cluster
(assuming you have a support contract.) This will bring up to samba
3.5.x. or 3.6.x. It also fixes some issues with max group
membership, and I recall some mention of kernel and nfs bug fixes. Just
make sure you backup all your samba config before patching.
On 03/06/13 09:12, Jonathan Buzzard wrote:
On Wed, 2013-03-06 at 08:28 -0500, Joseph, Matthew (EXP) wrote:
Hello JAB,
Thank you for taking the time to respond to this in a very helpful
manner... If the SAMBA community does not care about helping someone
with a "wildly out of date server" then they should state that before
letting someone join the mailing list.
Given you are running RHEL, you should have been over the last four
years been reading the security bulletins for RHEL and responding to
them appropriately.
It should be apparent to any sensible person that the first step would
be to check that my distribution does not have fixes for the problems
that I am seeing. (hint I am 99% certain it does).
This is a production server on a closed LAN which we don't have the
option of upgrading it to RHEL 5.9 or greater in the near future.
No lan is that closed. That you have no procedure for upgrading the OS
on your server which suffers from a number of remote root security holes
that require nothing more than a connection to your network is very bad
practice.
So with that being said, anyone have any experience with what I am
dealing with?
Read your distro release and security notes. I am 99% certain that this
is a known problem that can be fixed by upgrading.
JAB.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
