rPSA-2009-0006-1 samba samba-client samba-server samba-swat
- To: product-announce@xxxxxxxxxxxxxxx, product-announce@xxxxxxxxxxxxxxx, security-announce@xxxxxxxxxxxxxxx, update-announce@xxxxxxxxxxxxxxx, security-announce@xxxxxxxxxxxxxxx, update-announce@xxxxxxxxxxxxxxx
- Subject: rPSA-2009-0006-1 samba samba-client samba-server samba-swat
- From: rPath Update Announcements <announce-noreply@xxxxxxxxx>
- Date: Tue, 13 Jan 2009 14:13:30 -0500
- Cc: full-disclosure@xxxxxxxxxxxxxxxxx, vulnwatch@xxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx, lwn@xxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx, vulnwatch@xxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx, lwn@xxxxxxx
- List-help: <mailto:bugtraq-help@securityfocus.com>
- List-id: <bugtraq.list-id.securityfocus.com>
- List-post: <mailto:bugtraq@securityfocus.com>
- List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
- List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
- Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
- User-agent: nail 11.22 3/20/05
rPath Security Advisory: 2009-0006-1
Published: 2009-01-13
Products:
rPath Appliance Platform Linux Service 1
rPath Appliance Platform Linux Service 2
rPath Linux 1
rPath Linux 2
Rating: Minor
Exposure Level Classification:
Remote Non-deterministic Denial of Service
Updated Versions:
samba=conary.rpath.com@rpl:1/3.0.33-0.1-2
samba=conary.rpath.com@rpl:2/3.0.33-1.1-1
samba-client=conary.rpath.com@rpl:1/3.0.33-0.1-2
samba-client=conary.rpath.com@rpl:2/3.0.33-1.1-1
samba-client=rap.rpath.com@rpath:linux-1/3.0.33-1-1
samba-client=rap.rpath.com@rpath:linux-2/3.0.33-1-1
samba-server=conary.rpath.com@rpl:1/3.0.33-0.1-2
samba-server=conary.rpath.com@rpl:2/3.0.33-1.1-1
samba-swat=conary.rpath.com@rpl:1/3.0.33-0.1-2
samba-swat=conary.rpath.com@rpl:2/3.0.33-1.1-1
rPath Issue Tracking System:
https://issues.rpath.com/browse/RPL-2928
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=cvename.cgi?name=CVE-2008-4314
Description:
In previous versions of the samba package, it may be possible for
unauthenticated remote attackers to cause a denial of service in
the smbd daemon, or to access the contents of some of the memory
of the smbd daemon. It is not known whether either of these
vulnerabilities can be exploited in practice; this update fixes
the bugs which may create these vulnerabilities.
http://wiki.rpath.com/Advisories:rPSA-2009-0006
Copyright 2009 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html