Date: Tue, 13 Jan 2009 14:13:30 -0500
From: rPath Update Announcements <announce-noreply@rpath.com.>
To: [email protected],
Subject: rPSA-2009-0006-1 samba samba-client samba-server samba-swat
Message-ID: <496ce7da.vtXGoebDMyNRARjA%[email protected]>
User-Agent: nail 11.22 3/20/05
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: antivirus-gw at tyumen.ru
rPath Security Advisory: 2009-0006-1
Published: 2009-01-13
Products:
rPath Appliance Platform Linux Service 1
rPath Appliance Platform Linux Service 2
rPath Linux 1
rPath Linux 2
Rating: Minor
Exposure Level Classification:
Remote Non-deterministic Denial of Service
Updated Versions:
samba=conary.rpath.com@rpl:1/3.0.33-0.1-2
samba=conary.rpath.com@rpl:2/3.0.33-1.1-1
samba-client=conary.rpath.com@rpl:1/3.0.33-0.1-2
samba-client=conary.rpath.com@rpl:2/3.0.33-1.1-1
samba-client=rap.rpath.com@rpath:linux-1/3.0.33-1-1
samba-client=rap.rpath.com@rpath:linux-2/3.0.33-1-1
samba-server=conary.rpath.com@rpl:1/3.0.33-0.1-2
samba-server=conary.rpath.com@rpl:2/3.0.33-1.1-1
samba-swat=conary.rpath.com@rpl:1/3.0.33-0.1-2
samba-swat=conary.rpath.com@rpl:2/3.0.33-1.1-1
rPath Issue Tracking System:
https://issues.rpath.com/browse/RPL-2928
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=cvename.cgi?name=CVE-2008-4314
Description:
In previous versions of the samba package, it may be possible for
unauthenticated remote attackers to cause a denial of service in
the smbd daemon, or to access the contents of some of the memory
of the smbd daemon. It is not known whether either of these
vulnerabilities can be exploited in practice; this update fixes
the bugs which may create these vulnerabilities.
http://wiki.rpath.com/Advisories:rPSA-2009-0006
Copyright 2009 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html
