[Pkg-samba-maint] Bug#596891: samba: CVE-2010-3069: buffer overrun vulnerability Available
Christian PERRIER
bubulle at debian.org
Tue Sep 14 20:10:04 UTC 2010
Package: samba
Severity: critical
Tags: security
This vulnerability has been unveiled publicly without prior warning,
so probably exploits can be in the wild already.
3.2 from lenny is affected, too. Backporting the fix seems trivial and
I think we'll be working on it ASAP.
----- Forwarded message from Karolin Seeger <kseeger at samba.org> -----
Date: Tue, 14 Sep 2010 13:14:28 +0200
From: Karolin Seeger <kseeger at samba.org>
To: samba at samba.org, samba-technical at samba.org, samba-announce at samba.org
Subject: [Announce] Samba 3.5.5, 3.4.9 and 3.3.14 Security Releases Available
Organization: SerNet GmbH, Goettingen, Germany
X-CRM114-Status: Good ( pR: 82.4819 )
Release Announcements
=====================
These are a security releases in order to address CVE-2010-3069.
o CVE-2010-3069:
All current released versions of Samba are vulnerable to
a buffer overrun vulnerability. The sid_parse() function
(and related dom_sid_parse() function in the source4 code)
do not correctly check their input lengths when reading a
binary representation of a Windows SID (Security ID). This
allows a malicious client to send a sid that can overflow
the stack variable that is being used to store the SID in the
Samba smbd server.
Changes
-------
o Jeremy Allison <jra at samba.org>
* BUG 7669: Fix for CVE-2010-3069.
o Andrew Bartlett <abartlet at samba.org>
* BUG 7669: Fix for CVE-2010-3069.
######################################################################
Reporting bugs & Development Discussion
#######################################
Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical IRC channel on irc.freenode.net.
If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored. All bug reports should
be filed under the Samba corresponding product in the project's Bugzilla
database (https://bugzilla.samba.org/).
======================================================================
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
======================================================================
================
Download Details
================
The uncompressed tarballs and patch files have been signed
using GnuPG (ID 6568B7EA). The source code can be downloaded
from:
http://download.samba.org/samba/ftp/
The release notes are available online at:
http://www.samba.org/samba/ftp/history/samba-3.3.14.html
http://www.samba.org/samba/ftp/history/samba-3.4.9.html
http://www.samba.org/samba/ftp/history/samba-3.5.5.html
Binary packages will be made available on a volunteer basis from
http://download.samba.org/samba/ftp/Binary_Packages/
Our Code, Our Bugs, Our Responsibility.
(https://bugzilla.samba.org/)
--Enjoy
The Samba Team
** CRM114 Whitelisted by: lists.samba.org **
----- End forwarded message -----
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20100914/6a71897b/attachment.pgp>
More information about the Pkg-samba-maint
mailing list