Medium: samba

2016-03-29T15:30:00
ID ALAS-2016-674
Type amazon
Reporter Amazon
Modified 2016-03-29T15:30:00

Description

Issue Overview:

A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL.

Affected Packages:

samba

Issue Correction:
Run yum update samba to update your system.

New Packages:

i686:  
    samba-test-4.2.3-12.31.amzn1.i686  
    samba-test-libs-4.2.3-12.31.amzn1.i686  
    samba-test-devel-4.2.3-12.31.amzn1.i686  
    samba-common-libs-4.2.3-12.31.amzn1.i686  
    samba-winbind-4.2.3-12.31.amzn1.i686  
    samba-libs-4.2.3-12.31.amzn1.i686  
    samba-devel-4.2.3-12.31.amzn1.i686  
    ctdb-devel-4.2.3-12.31.amzn1.i686  
    ctdb-tests-4.2.3-12.31.amzn1.i686  
    libsmbclient-4.2.3-12.31.amzn1.i686  
    samba-winbind-clients-4.2.3-12.31.amzn1.i686  
    samba-winbind-modules-4.2.3-12.31.amzn1.i686  
    samba-python-4.2.3-12.31.amzn1.i686  
    samba-client-libs-4.2.3-12.31.amzn1.i686  
    samba-4.2.3-12.31.amzn1.i686  
    samba-debuginfo-4.2.3-12.31.amzn1.i686  
    libwbclient-4.2.3-12.31.amzn1.i686  
    samba-client-4.2.3-12.31.amzn1.i686  
    samba-winbind-krb5-locator-4.2.3-12.31.amzn1.i686  
    samba-common-tools-4.2.3-12.31.amzn1.i686  
    libwbclient-devel-4.2.3-12.31.amzn1.i686  
    ctdb-4.2.3-12.31.amzn1.i686  
    libsmbclient-devel-4.2.3-12.31.amzn1.i686

noarch:  
    samba-pidl-4.2.3-12.31.amzn1.noarch  
    samba-common-4.2.3-12.31.amzn1.noarch

src:  
    samba-4.2.3-12.31.amzn1.src

x86_64:  
    samba-libs-4.2.3-12.31.amzn1.x86_64  
    samba-winbind-modules-4.2.3-12.31.amzn1.x86_64  
    samba-winbind-4.2.3-12.31.amzn1.x86_64  
    samba-winbind-krb5-locator-4.2.3-12.31.amzn1.x86_64  
    libwbclient-4.2.3-12.31.amzn1.x86_64  
    samba-devel-4.2.3-12.31.amzn1.x86_64  
    libwbclient-devel-4.2.3-12.31.amzn1.x86_64  
    ctdb-4.2.3-12.31.amzn1.x86_64  
    libsmbclient-devel-4.2.3-12.31.amzn1.x86_64  
    samba-winbind-clients-4.2.3-12.31.amzn1.x86_64  
    samba-python-4.2.3-12.31.amzn1.x86_64  
    ctdb-tests-4.2.3-12.31.amzn1.x86_64  
    libsmbclient-4.2.3-12.31.amzn1.x86_64  
    samba-test-4.2.3-12.31.amzn1.x86_64  
    samba-common-libs-4.2.3-12.31.amzn1.x86_64  
    samba-test-devel-4.2.3-12.31.amzn1.x86_64  
    ctdb-devel-4.2.3-12.31.amzn1.x86_64  
    samba-4.2.3-12.31.amzn1.x86_64  
    samba-client-libs-4.2.3-12.31.amzn1.x86_64  
    samba-common-tools-4.2.3-12.31.amzn1.x86_64  
    samba-client-4.2.3-12.31.amzn1.x86_64  
    samba-test-libs-4.2.3-12.31.amzn1.x86_64  
    samba-debuginfo-4.2.3-12.31.amzn1.x86_64