[Samba] CVE-2010-0728 and SUSE based products (was: Security problem with Samba on Linux - affects 3.5.0, 3.4.6 and 3.3.11)
in [Samba]
|
From: Lars Müller on 12 Mar 2010 13:50 On Mon, Mar 08, 2010 at 02:08:27PM -0800, Jeremy Allison wrote: > Security problem with Samba on Linux > ------------------------------------ > > In Samba releases 3.5.0, 3.4.6 and 3.3.11 new code > was added to fix a problem with Linux asynchronous IO handling. As the SUSE Samba binaries are not linked against libcap, we are not affected in any shipping products. Therefore no action is required from SUSE users. Nevertheless https://bugzilla.samba.org/show_bug.cgi?id=7222 CVE-2010-0728 and https://bugzilla.novell.com/show_bug.cgi?id=586683 are noted in the package change log as reference to this security issue. 3.5.1 got already merged into the current openSUSE development tree (Factory). Binaries of current Samba version are available from the openSUSE Build Service by the network:samba:STABLE repository. More information about this service, Samba and SUSE is available from http://en.openSUSE.org/Samba Lars -- Lars Müller [ËlaË(r)z ËmÊlÉ] Samba Team SUSE Linux, MaxfeldstraÃe 5, 90409 Nürnberg, Germany
|
Pages: 1 Prev: removing roaming profiles. Next: [Samba] Catch secondary groups with samba's variable? |