[ubuntu/hardy-security] samba, samba_3.0.28a-1ubuntu4.11_lpia_translations.tar.gz, samba_3.0.28a-1ubuntu4.11_i386_translations.tar.gz, samba_3.0.28a-1ubuntu4.11_powerpc_translations.tar.gz, samba_3.0.28a-1ubuntu4.11_amd64_translations.tar.gz, samba_3.0.28a-1ubuntu4.11_sparc_translations.tar.gz (delayed), samba_3.0.28a-1ubuntu4.11_ia64_translations.tar.gz, samba_3.0.28a-1ubuntu4.11_hppa_translations.tar.gz 3.0.28a-1ubuntu4.11 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Wed Mar 24 13:06:07 GMT 2010
samba (3.0.28a-1ubuntu4.11) hardy-security; urgency=low
* SECURITY UPDATE: arbitrary file disclosure via wide links
- debian/patches/security-CVE-2010-0926.patch: disable wide links when
UNIX extensions are enabled in source/param/loadparm.c,
source/smbd/service.c, source/smbd/trans2.c, source/smbd/vfs.c,
docs/htmldocs/manpages/smb.conf.5.html, docs/manpages/smb.conf.5.
- CVE-2010-0926
* WARNING: This changes the default samba behaviour. For security
reasons, it is no longer possible to use wide links and UNIX
extensions at the same time. After applying this security update, wide
links will be disabled automatically as UNIX extensions are turned on
by default. If wide links are required, you may re-enable them by
adding "unix extensions = no" to the [global] section of
the /etc/samba/smb.conf configuration file.
Date: Thu, 18 Mar 2010 15:44:02 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/samba/3.0.28a-1ubuntu4.11
-------------- next part --------------
Format: 1.7
Date: Thu, 18 Mar 2010 15:44:02 -0400
Source: samba
Binary: samba samba-common smbclient swat samba-doc samba-doc-pdf smbfs libpam-smbpass libsmbclient libsmbclient-dev winbind samba-dbg
Architecture: source
Version: 3.0.28a-1ubuntu4.11
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libpam-smbpass - pluggable authentication module for SMB/CIFS password database
libsmbclient - shared library that allows applications to talk to SMB/CIFS serve
libsmbclient-dev - libsmbclient static libraries and headers
samba - a LanManager-like file and printer server for Unix
samba-common - Samba common files used by both the server and the client
samba-dbg - Samba debugging symbols
samba-doc - Samba documentation
samba-doc-pdf - Samba documentation (PDF format)
smbclient - a LanManager-like simple client for Unix
smbfs - mount and umount commands for the smbfs (for kernels >= than 2.2.
swat - Samba Web Administration Tool
winbind - service to resolve user and group information from Windows NT ser
Changes:
samba (3.0.28a-1ubuntu4.11) hardy-security; urgency=low
.
* SECURITY UPDATE: arbitrary file disclosure via wide links
- debian/patches/security-CVE-2010-0926.patch: disable wide links when
UNIX extensions are enabled in source/param/loadparm.c,
source/smbd/service.c, source/smbd/trans2.c, source/smbd/vfs.c,
docs/htmldocs/manpages/smb.conf.5.html, docs/manpages/smb.conf.5.
- CVE-2010-0926
* WARNING: This changes the default samba behaviour. For security
reasons, it is no longer possible to use wide links and UNIX
extensions at the same time. After applying this security update, wide
links will be disabled automatically as UNIX extensions are turned on
by default. If wide links are required, you may re-enable them by
adding "unix extensions = no" to the [global] section of
the /etc/samba/smb.conf configuration file.
Files:
a88188d156f455d605f3718591a41dde 1589 net optional samba_3.0.28a-1ubuntu4.11.dsc
f3babbe6a81ba2e201a0c7adea3d12db 237498 net optional samba_3.0.28a-1ubuntu4.11.diff.gz
Original-Maintainer: Debian Samba Maintainers <pkg-samba-maint at lists.alioth.debian.org>
More information about the Hardy-changes
mailing list