-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2013:207 http://www.mandriva.com/en/support/security/ _______________________________________________________________________ Package : samba Date : August 6, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: A vulnerability has been found and corrected in samba: Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet (CVE-2013-4124). The updated packages for Enterprise Server 5.2 has been patched to correct this issue. The updated packages for Business Server 1 has been upgraded to the 3.6.17 version which resolves many upstream bugs and is not vulnerable to this issue. Additionally the libtevent packages are being provided which is a requirement since samba 3.6.16. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4124 http://www.samba.org/samba/history/samba-3.6.13.html http://www.samba.org/samba/history/samba-3.6.14.html http://www.samba.org/samba/history/samba-3.6.15.html http://www.samba.org/samba/history/samba-3.6.16.html http://www.samba.org/samba/history/samba-3.6.17.html http://www.samba.org/samba/security/CVE-2013-4124 _______________________________________________________________________ Updated Packages: Mandriva Enterprise Server 5: a4338d4ffff112db5e1a9d4ce3ca88d0 mes5/i586/libnetapi0-3.3.12-0.12mdvmes5.2.i586.rpm 98f81ef3de8b5771db939413a7df33b5 mes5/i586/libnetapi-devel-3.3.12-0.12mdvmes5.2.i586.rpm 687a36f13e217a2da051690fd0a73723 mes5/i586/libsmbclient0-3.3.12-0.12mdvmes5.2.i586.rpm a1fad872ac2fb33e3d1d4ea873859784 mes5/i586/libsmbclient0-devel-3.3.12-0.12mdvmes5.2.i586.rpm 8e8d9bff087017f7e07346affcdd8fe0 mes5/i586/libsmbclient0-static-devel-3.3.12-0.12mdvmes5.2.i586.rpm 9b814951f2f9841c78fa79d436611a76 mes5/i586/libsmbsharemodes0-3.3.12-0.12mdvmes5.2.i586.rpm 3836708d4fa033ce7e92d6cba3bd57a9 mes5/i586/libsmbsharemodes-devel-3.3.12-0.12mdvmes5.2.i586.rpm 89b7a35f7dcd28df98218819a31f74f0 mes5/i586/libtalloc1-3.3.12-0.12mdvmes5.2.i586.rpm 593e5fd0f3a1f0b2d7066cd48c59638e mes5/i586/libtalloc-devel-3.3.12-0.12mdvmes5.2.i586.rpm 67bb36c6c164f2607f1c18e7e8be1bb7 mes5/i586/libtdb1-3.3.12-0.12mdvmes5.2.i586.rpm 36c82ea156b3b03110413d9313029f5a mes5/i586/libtdb-devel-3.3.12-0.12mdvmes5.2.i586.rpm 3bdb87f25c87adcad2dc63d729de6629 mes5/i586/libwbclient0-3.3.12-0.12mdvmes5.2.i586.rpm c951e4e5b6415d8b811d3a09056dc65e mes5/i586/libwbclient-devel-3.3.12-0.12mdvmes5.2.i586.rpm f4ecfcfd2edcff488e8e01e92dde048a mes5/i586/mount-cifs-3.3.12-0.12mdvmes5.2.i586.rpm 31d83df6e8e79ea1911986caa54c6700 mes5/i586/nss_wins-3.3.12-0.12mdvmes5.2.i586.rpm 12939f0ce1aaa60ef29a1376abafdbc6 mes5/i586/samba-client-3.3.12-0.12mdvmes5.2.i586.rpm 54f249d033e9161f6953583ceb7a8968 mes5/i586/samba-common-3.3.12-0.12mdvmes5.2.i586.rpm f1514d952b9f04927c7f6710bd9d4783 mes5/i586/samba-doc-3.3.12-0.12mdvmes5.2.i586.rpm cc23d499471cf3e4a1a9dd2676100039 mes5/i586/samba-server-3.3.12-0.12mdvmes5.2.i586.rpm fa4dca70f0ce76cd3aeb0151d642034c mes5/i586/samba-swat-3.3.12-0.12mdvmes5.2.i586.rpm 45dc4c5c108e8aae19f1331cf696ba21 mes5/i586/samba-winbind-3.3.12-0.12mdvmes5.2.i586.rpm 447c206c4202adf72578febd6ce4994f mes5/SRPMS/samba-3.3.12-0.12mdvmes5.2.src.rpm Mandriva Enterprise Server 5/X86_64: 27ca2e1359dadd72cdbb6cba9efc42ba mes5/x86_64/lib64netapi0-3.3.12-0.12mdvmes5.2.x86_64.rpm cce6ab20d60159b8a449b98e6f553f7f mes5/x86_64/lib64netapi-devel-3.3.12-0.12mdvmes5.2.x86_64.rpm 010346f8644ababc4c843c90554ca3e1 mes5/x86_64/lib64smbclient0-3.3.12-0.12mdvmes5.2.x86_64.rpm 5cb5954ce9178659a996fec992a73a22 mes5/x86_64/lib64smbclient0-devel-3.3.12-0.12mdvmes5.2.x86_64.rpm b84b675c138eb9258cf2ca276c906c2c mes5/x86_64/lib64smbclient0-static-devel-3.3.12-0.12mdvmes5.2.x86_64.rpm ae1d81f3f0c7d248b14366c29b6c2695 mes5/x86_64/lib64smbsharemodes0-3.3.12-0.12mdvmes5.2.x86_64.rpm a36aac31f0d7797878b0162c31707112 mes5/x86_64/lib64smbsharemodes-devel-3.3.12-0.12mdvmes5.2.x86_64.rpm e7c60db83295d3466f715a41b2aa1514 mes5/x86_64/lib64talloc1-3.3.12-0.12mdvmes5.2.x86_64.rpm d9dfe0e46de1cb438b154fa154e68278 mes5/x86_64/lib64talloc-devel-3.3.12-0.12mdvmes5.2.x86_64.rpm 1c255221c0a05fb382060cb973b89455 mes5/x86_64/lib64tdb1-3.3.12-0.12mdvmes5.2.x86_64.rpm e4e507399982dc2c319b03def067de19 mes5/x86_64/lib64tdb-devel-3.3.12-0.12mdvmes5.2.x86_64.rpm 209aae3686319e58721b31d56b6cdeef mes5/x86_64/lib64wbclient0-3.3.12-0.12mdvmes5.2.x86_64.rpm 5a52c2f6c4a4ac54bcdb373bba83ff65 mes5/x86_64/lib64wbclient-devel-3.3.12-0.12mdvmes5.2.x86_64.rpm 3e7f0fbb9c18df92068244c24b1bbdf1 mes5/x86_64/mount-cifs-3.3.12-0.12mdvmes5.2.x86_64.rpm 7e31e8f9b03903de07f312684d121309 mes5/x86_64/nss_wins-3.3.12-0.12mdvmes5.2.x86_64.rpm a10840ca38583ebf1f3a0323f4ade328 mes5/x86_64/samba-client-3.3.12-0.12mdvmes5.2.x86_64.rpm 18a674c1ba05d8123eac2eb504c4dee9 mes5/x86_64/samba-common-3.3.12-0.12mdvmes5.2.x86_64.rpm e2d0b4fb9d3dd1d9d07a75efeea1cceb mes5/x86_64/samba-doc-3.3.12-0.12mdvmes5.2.x86_64.rpm c80c6f561ad6aa790c66bfe28145a3ee mes5/x86_64/samba-server-3.3.12-0.12mdvmes5.2.x86_64.rpm 613f7e1bfe07c53970516ab2f124df9b mes5/x86_64/samba-swat-3.3.12-0.12mdvmes5.2.x86_64.rpm 070b1682e13533cec08b96857f8b9015 mes5/x86_64/samba-winbind-3.3.12-0.12mdvmes5.2.x86_64.rpm 447c206c4202adf72578febd6ce4994f mes5/SRPMS/samba-3.3.12-0.12mdvmes5.2.src.rpm Mandriva Business Server 1/X86_64: 915037284efd27685e278e9ace8081df mbs1/x86_64/lib64netapi0-3.6.17-1.mbs1.x86_64.rpm afc142187d3218020b18b94bf762c39a mbs1/x86_64/lib64netapi-devel-3.6.17-1.mbs1.x86_64.rpm 80179bf48ccc600f14c285405b7682a2 mbs1/x86_64/lib64smbclient0-3.6.17-1.mbs1.x86_64.rpm 3893c3cbbe0dc50d7316fc22e55d2deb mbs1/x86_64/lib64smbclient0-devel-3.6.17-1.mbs1.x86_64.rpm 4fe9d8c749ecd91d262c83c978ec6ca7 mbs1/x86_64/lib64smbclient0-static-devel-3.6.17-1.mbs1.x86_64.rpm 50afc2217bbdccb075762405620be73b mbs1/x86_64/lib64smbsharemodes0-3.6.17-1.mbs1.x86_64.rpm 91563639a180b53050912d6ef0828e7b mbs1/x86_64/lib64smbsharemodes-devel-3.6.17-1.mbs1.x86_64.rpm c09a10899d72f392de16f49574a78702 mbs1/x86_64/lib64tevent0-0.9.17-1.mbs1.x86_64.rpm 5e5bf0c2c48ec03de9ad820f3411a458 mbs1/x86_64/lib64tevent-devel-0.9.17-1.mbs1.x86_64.rpm 0be02fe6acc793457333d026b34cf159 mbs1/x86_64/lib64wbclient0-3.6.17-1.mbs1.x86_64.rpm fc5038eb86215685afef7aa29e721d54 mbs1/x86_64/lib64wbclient-devel-3.6.17-1.mbs1.x86_64.rpm 06b9d6d55441db1e5fe1b5a43a2be6c4 mbs1/x86_64/nss_wins-3.6.17-1.mbs1.x86_64.rpm 54f4bf43827db43f814ab8485a323095 mbs1/x86_64/python-tevent-0.9.17-1.mbs1.x86_64.rpm aa27c4e17fef5e61326ad4183a52797c mbs1/x86_64/samba-client-3.6.17-1.mbs1.x86_64.rpm 12bcaa2da1dd8355b0b8cced8a799bf3 mbs1/x86_64/samba-common-3.6.17-1.mbs1.x86_64.rpm 4e06c7af112367a5c61b0b73d875cce7 mbs1/x86_64/samba-doc-3.6.17-1.mbs1.noarch.rpm e5d8d7147dfaab75bdf55dce403739b6 mbs1/x86_64/samba-domainjoin-gui-3.6.17-1.mbs1.x86_64.rpm c6477e547ec012dc4dc29cff7534191c mbs1/x86_64/samba-server-3.6.17-1.mbs1.x86_64.rpm 7978fc64e044df06a98128060159fdae mbs1/x86_64/samba-swat-3.6.17-1.mbs1.x86_64.rpm d072d9878a23aeaac142eb6aef02f473 mbs1/x86_64/samba-virusfilter-clamav-3.6.17-1.mbs1.x86_64.rpm bf392636bb98fb3f7fb32c7de5be01bf mbs1/x86_64/samba-virusfilter-fsecure-3.6.17-1.mbs1.x86_64.rpm 73f36e4384ea427f282718aa02368800 mbs1/x86_64/samba-virusfilter-sophos-3.6.17-1.mbs1.x86_64.rpm 788d711e140dde720541d968092f0d71 mbs1/x86_64/samba-winbind-3.6.17-1.mbs1.x86_64.rpm d3c3ccbff0c59c9a87b4c7e65d02e127 mbs1/SRPMS/samba-3.6.17-1.mbs1.src.rpm a04162122c764dee8609a9caf2b089a4 mbs1/SRPMS/tevent-0.9.17-1.mbs1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFSALVVmqjQ0CJFipgRAphEAKCINy1hi3rEPtPlTpnhBvztdxkn3wCgzUQz Pz8K3dJcD1Q26YagVdAMBPo= =KJFD -----END PGP SIGNATURE-----