[ubuntu/dapper-security] samba (delayed), samba 3.0.22-1ubuntu3.11 (Accepted)

Ubuntu Installer archive at ubuntu.com
Wed Mar 24 13:06:36 GMT 2010 

samba (3.0.22-1ubuntu3.11) dapper-security; urgency=low

  * SECURITY UPDATE: arbitrary file disclosure via wide links
    - debian/patches/security-CVE-2010-0926.patch: disable wide links when
      UNIX extensions are enabled in source/param/loadparm.c,
      source/smbd/service.c, source/smbd/trans2.c, source/smbd/vfs.c,
      docs/htmldocs/manpages/smb.conf.5.html, docs/manpages/smb.conf.5.
    - CVE-2010-0926
  * WARNING: This changes the default samba behaviour. For security
    reasons, it is no longer possible to use wide links and UNIX
    extensions at the same time. After applying this security update, wide
    links will be disabled automatically as UNIX extensions are turned on
    by default. If wide links are required, you may re-enable them by
    adding "unix extensions = no" to the [global] section of
    the /etc/samba/smb.conf configuration file.

Date: Thu, 18 Mar 2010 16:13:15 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Eloy A. Paris <peloy at debian.org>
https://launchpad.net/ubuntu/dapper/+source/samba/3.0.22-1ubuntu3.11
-------------- next part --------------
Format: 1.7
Date: Thu, 18 Mar 2010 16:13:15 -0400
Source: samba
Binary: samba-doc-pdf samba-doc libsmbclient libpam-smbpass swat winbind smbclient samba python2.4-samba libsmbclient-dev samba-common samba-dbg smbfs
Architecture: source
Version: 3.0.22-1ubuntu3.11
Distribution: dapper-security
Urgency: low
Maintainer: Eloy A. Paris <peloy at debian.org>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 libpam-smbpass - pluggable authentication module for SMB/CIFS password database
 libsmbclient - shared library that allows applications to talk to SMB/CIFS serve
 libsmbclient-dev - libsmbclient static libraries and headers
 python2.4-samba - Python bindings that allow access to various aspects of Samba
 samba      - a LanManager-like file and printer server for Unix
 samba-common - Samba common files used by both the server and the client
 samba-dbg  - Samba debugging symbols
 samba-doc  - Samba documentation
 samba-doc-pdf - Samba documentation (PDF format)
 smbclient  - a LanManager-like simple client for Unix
 smbfs      - mount and umount commands for the smbfs (for kernels >= than 2.2.
 swat       - Samba Web Administration Tool
 winbind    - service to resolve user and group information from Windows NT ser
Changes: 
 samba (3.0.22-1ubuntu3.11) dapper-security; urgency=low
 .
   * SECURITY UPDATE: arbitrary file disclosure via wide links
     - debian/patches/security-CVE-2010-0926.patch: disable wide links when
       UNIX extensions are enabled in source/param/loadparm.c,
       source/smbd/service.c, source/smbd/trans2.c, source/smbd/vfs.c,
       docs/htmldocs/manpages/smb.conf.5.html, docs/manpages/smb.conf.5.
     - CVE-2010-0926
   * WARNING: This changes the default samba behaviour. For security
     reasons, it is no longer possible to use wide links and UNIX
     extensions at the same time. After applying this security update, wide
     links will be disabled automatically as UNIX extensions are turned on
     by default. If wide links are required, you may re-enable them by
     adding "unix extensions = no" to the [global] section of
     the /etc/samba/smb.conf configuration file.
Files: 
 1d4f2770daf28d09b1871a15808e132e 1206 net optional samba_3.0.22-1ubuntu3.11.dsc
 fa5d0bb2bbb297addfd9503b9e46bac4 164984 net optional samba_3.0.22-1ubuntu3.11.diff.gz

More information about the dapper-changes mailing list