samba and security fixes?

Mailing List

Home

Linux - General Red Hat Linux discussion list

Enterprise Linux 3 - Discussion of Red Hat Enterprise Linux 3 (Taroon)

Installation - Getting started with Red Hat Linux

Red Hat Linux 9 - Discussion of Red Hat Linux 9 (Shrike)

Red Hat Linux 7.3 - Discussion of Red Hat Linux 7.3 (Valhalla)

Red Hat Linux 7.2 - Discussion of Red Hat Linux 7.2 (Enigma)

Red Hat Linux 8.0 - Discussion of Red Hat Linux 8.0 (Psyche)

Red Hat Linux 7.1 - Discussion of Red Hat Linux 7.1 (Seawolf)

Apache Web Server

Oracle database, Microsoft SQL server ...

Subjects

•	application/x mplayer2 plugin
•	RPM error: db4 error(16) from dbenv >remove: Device or resource busy
•	Command stream end of file while reading
•	X Windows problem (xauth)
•	Upgrading openoffice 1 1 rpm
•	FTP: connection refused
•	FTP: connection refused
•	mount: /dev/cdrom: is not a valid block device
•	Dell Precision 650, RedHat 9, no sound
•	how to trace the cause resulting in the crash of bind server
•	Virus on the list
•	UNINSTALL RPM MYSQL
•	usb pen drives: mounting as a user
•	broadcom network interface
•	make mrproper
•	sendmail configuration on redhat
•	Couldn 't open PID file /var/run/named/named pid Permission denied
•	Promise 378 controller
•	kernel 2 6 and /dev/sound/mixer not found
•	Problem using up2date
•	mrtg step by step howto/configuration for a newbie?
•	Compiling and Installing Kernel 2 6
•	Can 't locate module ppp0, can 't locate module ppp compress 21
•	HOW I CAN MAKE BOOTABLE FLOPPY DISKET
•	Lotus Notes under Wine
•	/etc/security/limits conf question
•	Intel E/1000 driver
•	Command stream end of file while reading
•	rpm database corrupt
•	qla2300 modules

samba and security fixes?

samba and security fixes?

2004-11-15 - By Rainer Traut

Back

Reply: 1 2

Hi,
maybe I am doing something wrong, but
is it possible that there are two very severe security flaws in the
redhat el3 samba rpms and a fix is nowhere to be seen?
Well the fixes exist, but not on rhn?!

First I tried
dir ***********************************************z
on a share and now smbd is running with 99% cpu.

Then I read
http://security.e-matters.de/advisories/132004.html

While:
[root@(protected) root]# rpm -q --changelog samba|head
* Di Sep 14 2004 Jay Fenlason <fenlason@(protected) > 3.0.7-1.3E

- Upgrade to 3.0.7, which fixes CAN-2004-0807 and CAN-2004-0808
This obsoletes the 3.0.6-schema patch.

* Sa Jul 24 2004 Jay Fenlason <fenlason@(protected) > 3.0.6-2.3E

- Upgrade to 3.0.6, merging -logfiles, -pie, -schema, and -64bit-timestamps
patches from head.
Obsoletes -backport -winbind -base64_decode and -hash patches.

Thanks
Rainer

--
Taroon-list mailing list
Taroon-list@(protected)
http://www.redhat.com/mailman/listinfo/taroon-list