Fwd: [SECURITY] New version of samba released

From: Chris Ruvolo (csr6702.nospamat_private)
Date: Sun Aug 01 1999 - 11:44:22 PDT
Next message: Graeme Byrnes: "Re: Root Perms Gained with Patrol SNMP Agent 3.2 (all others?)"
Previous message: Sami Kuhmonen: "IE5 ActiveX security bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Debian has released updated samba packages as well.  Note that many of the
below URLs appear to have been wrapped.  Enjoy.

-Chris



>Resent-date: Sat, 31 Jul 1999 00:46:26 +0000
>Date: Sat, 31 Jul 1999 00:45:48 +0200
>Resent-from: debian-security-announceat_private
>From: Wichert Akkerman <wichertat_private>
>Subject: [SECURITY] New version of samba released
>Resent-sender: debian-security-announce-requestat_private
>To: debian-security-announceat_private
>Resent-cc: recipient list not shown: ;
>Reply-to: securityat_private
>Priority: urgent
>X-Loop: debian-security-announceat_private
>X-Envelope-Sender: wichertat_private
>X-Debian: PGP check passed for security officers
>X-Mailing-List: <debian-security-announceat_private> archive/latest/56
>
>-----BEGIN PGP SIGNED MESSAGE-----
>
>
>The version of samba as distributed in Debian GNU/Linux 2.1 has a couple of
>security problems:
>* a Denial-of-Service attack against nmbd was possible
>* it was possible to exploit smbd if you had a message command defined
>   which used the %f or %M formatter.
>* smbmnt's check to see if a user is allowed to create a mount was flawed
>   which allowed users to mount at arbitraty mountpoints in the filesystem
>
>These problems have been fixed in version 2.0.5a-1. We recommend you upgrade
>your samba packages immediately.
>
>Please note that this is a major upgrade so please be careful when you upgrade
>since some changes to the configuration file might be necessary. The
>configuration
>file also moved to a new location (/etc/samba).
>
>The smbfsx package is also obsolete with this update and has been replaced by
>smbfs, which can handle both 2.0 and 2.2 kernels now.
>
>wget url
>         will fetch the file for you
>dpkg -i file.deb
>         will install the referenced file.
>
>Debian GNU/Linux 2.1 alias slink
>- --------------------------------
>
>   This version of Debian was released only for Intel, the Motorola
>   680x0, the alpha and the Sun sparc architecture.
>
>   Source archives:
>
>http://security.debian.org/dists/stable/updates/source/samba_2.0.5a-1.diff.gz
>       MD5 checksum: 1354ea63f79e7fa0b4b71685dbac118b
>     http://security.debian.org/dists/stable/updates/source/samba_2.0.5a-1.dsc
>       MD5 checksum: e51aeb259913179b60dbddd0b9e70bf5
>
>http://security.debian.org/dists/stable/updates/source/samba_2.0.5a.orig.tar.gz
>       MD5 checksum: 497e5f98ed9b520b18e926ff2f7307ba
>
>   Architecture indendent archives:
>
>http://security.debian.org/dists/stable/updates/binary-all/samba-doc_2.0.5a
>-1_all.deb
>       MD5 checksum: a9c1addcff72605f66a2334eef5e25ef
>
>   Alpha architecture:
>
>http://security.debian.org/dists/stable/updates/binary-alpha/samba-common_2
>.0.5a-1_alpha.deb
>       MD5 checksum: 48b9651e2cefd6f6ad820ded9ebc9191
>
>http://security.debian.org/dists/stable/updates/binary-alpha/samba_2.0.5a-1
>_alpha.deb
>       MD5 checksum: 9bb86e810254fe59feb02e817815b64f
>
>http://security.debian.org/dists/stable/updates/binary-alpha/smbclient_2.0.
>5a-1_alpha.deb
>       MD5 checksum: 54a89ad98e1167a3265ff30881618b3f
>
>http://security.debian.org/dists/stable/updates/binary-alpha/smbfs_2.0.5a-1
>_alpha.deb
>       MD5 checksum: 596e22cdf0848fcffd1885f16b38cf83
>
>http://security.debian.org/dists/stable/updates/binary-alpha/smbwrapper_2.0
>.5a-1_alpha.deb
>       MD5 checksum: 5003fb2a3555daddd3d877529ac65e1e
>
>http://security.debian.org/dists/stable/updates/binary-alpha/swat_2.0.5a-1_
>alpha.deb
>       MD5 checksum: e99ec78abdac4a8ab1348773e3fa32cd
>
>   Intel ia32 architecture:
>
>http://security.debian.org/dists/stable/updates/binary-i386/samba-common_2.
>0.5a-1_i386.deb
>       MD5 checksum: eb8b9aa964912975db301f1e83919d36
>
>http://security.debian.org/dists/stable/updates/binary-i386/samba_2.0.5a-1_
>i386.deb
>       MD5 checksum: 799ab1a56dd726548c33a130edfb9231
>
>http://security.debian.org/dists/stable/updates/binary-i386/smbclient_2.0.5
>a-1_i386.deb
>       MD5 checksum: f5db7b12b67b24048d7ff915c9ec77ee
>
>http://security.debian.org/dists/stable/updates/binary-i386/smbfs_2.0.5a-1_
>i386.deb
>       MD5 checksum: b6e90edf5db22cf3952a01f726cb7dd7
>
>http://security.debian.org/dists/stable/updates/binary-i386/smbwrapper_2.0.
>5a-1_i386.deb
>       MD5 checksum: afabbae0e5ffdd03475a302586d75be5
>
>http://security.debian.org/dists/stable/updates/binary-i386/swat_2.0.5a-1_i
>386.deb
>       MD5 checksum: bd235e608944c7cd3cc7a17fceab0199
>
>   Motorola 680x0 architecture:
>
>http://security.debian.org/dists/stable/updates/binary-m68k/samba-common_2.
>0.5a-1_m68k.deb
>       MD5 checksum: 91d8b04d9ef76ca08fff5938007eb235
>
>http://security.debian.org/dists/stable/updates/binary-m68k/samba_2.0.5a-1_
>m68k.deb
>       MD5 checksum: 6404ca678a20ad17e44b6c74cc3182a1
>
>http://security.debian.org/dists/stable/updates/binary-m68k/smbclient_2.0.5
>a-1_m68k.deb
>       MD5 checksum: 37f0a04da50f9880b22cb3eaf27b2794
>
>http://security.debian.org/dists/stable/updates/binary-m68k/smbfs_2.0.5a-1_
>m68k.deb
>       MD5 checksum: 3685040bee6e01039f6588f97dab2c26
>
>http://security.debian.org/dists/stable/updates/binary-m68k/smbwrapper_2.0.
>5a-1_m68k.deb
>       MD5 checksum: 1a43221c50137cbf5d94f7ad90ab548e
>
>http://security.debian.org/dists/stable/updates/binary-m68k/swat_2.0.5a-1_m
>68k.deb
>       MD5 checksum: 7b5e610c9b044fe81ac66881ea59af64
>
>   Sun Sparc architecture:
>
>http://security.debian.org/dists/stable/updates/binary-sparc/samba-common_2
>.0.5a-1_sparc.deb
>       MD5 checksum: f4713291f719de2f32543e0fc37506ea
>
>http://security.debian.org/dists/stable/updates/binary-sparc/samba_2.0.5a-1
>_sparc.deb
>       MD5 checksum: afb22260c07c60e4afd390bb3e108674
>
>http://security.debian.org/dists/stable/updates/binary-sparc/smbclient_2.0.
>5a-1_sparc.deb
>       MD5 checksum: 28b22378ddb79b05d29b4b4fac2038c4
>
>http://security.debian.org/dists/stable/updates/binary-sparc/smbfs_2.0.5a-1
>_sparc.deb
>       MD5 checksum: 8747b52257b451a1e19c93ea10048369
>
>http://security.debian.org/dists/stable/updates/binary-sparc/smbwrapper_2.0
>.5a-1_sparc.deb
>       MD5 checksum: 420bfe236fcc1591175acd7eb3ad83e0
>
>http://security.debian.org/dists/stable/updates/binary-sparc/swat_2.0.5a-1_
>sparc.deb
>       MD5 checksum: 38380d76284421c18e557e2d3a413a62
>
>   These files will be moved into
>   ftp://ftp.debian.org/debian/dists/stable/*/binary-$arch/ soon.
>
>For not yet released architectures please refer to the appropriate
>directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .
>
>- --
>Debian GNU/Linux      .    Security Managers     .   securityat_private
>               debian-security-announceat_private
>   Christian Hudon     .     Wichert Akkerman     .     Martin Schulze
><chrishat_private>   .   <wakkermaat_private>  .   <joeyat_private>
>
>-----BEGIN PGP SIGNATURE-----
>Version: 2.6.3ia
>Charset: noconv
>
>iQB1AwUBN6IrDKjZR/ntlUftAQEmjAL/RGbp66V6Mf99rfM6i+flJiR0/3r+FfNO
>hQFTAkQ0avO+ta/rgeiVDFuBV0Paw60bPyObBB9ey7+P3ZCtNMKN9jQQHUMwBTCM
>6nPq4bbgAxInR3AvDiIOcn//JWR7ShOM
>=s865
>-----END PGP SIGNATURE-----
>
>
>--
>To UNSUBSCRIBE, email to debian-security-announce-requestat_private
>with a subject of "unsubscribe". Trouble? Contact listmasterat_private
Next message: Graeme Byrnes: "Re: Root Perms Gained with Patrol SNMP Agent 3.2 (all others?)"
Previous message: Sami Kuhmonen: "IE5 ActiveX security bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:54:51 PDT