Arne Fitzenreiter

Samba security Update
by Arne Fitzenreiter, February 28, 2011

The Samba team has released a security Update to version 3.5.7
it is currently in testing and soon also in normal pakfire tree.
Please update as soon as possible.

Arne

=========================
Release Notes for Samba 3.5.7
February 28, 2011
=========================

This is a security release in order to address CVE-2011-0719.

o CVE-2011-0719: All current released versions of Samba are vulnerable to a denial of service caused by memory corruption. Range checks on file descriptors being used in the FD_SET macro were not present allowing stack corruption. This can cause the Samba code to crash or to loop attempting to select on a bad file descriptor set.

Changes since 3.5.6:
——————————

o Jeremy Allison * BUG 7949: Fix DoS in Winbind and smbd with many file descriptors open.


Posted: February 28, 2011 • 563 views