libsmbclient, libtalloc, libtdb, samba, samba3x, tdb security update

2010-06-1911:45:05

CentOS Project

lists.centos.org

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.972 High

EPSS

Percentile

99.8%

JSON

CentOS Errata and Security Advisory CESA-2010:0488

Samba is a suite of programs used by machines to share files, printers, and
other information.

An input sanitization flaw was found in the way Samba parsed client data. A
malicious client could send a specially-crafted SMB packet to the Samba
server, resulting in arbitrary code execution with the privileges of the
Samba server (smbd). (CVE-2010-2063)

Red Hat would like to thank the Samba team for responsibly reporting this
issue. Upstream acknowledges Jun Mao as the original reporter.

Users of Samba are advised to upgrade to these updated packages, which
contain a backported patch to resolve this issue. After installing this
update, the smb service will be restarted automatically.

Affected packages:
libsmbclient
libsmbclient-devel
libtalloc
libtalloc-devel
libtdb
libtdb-devel
samba
samba-client
samba-common
samba-swat
samba3x
samba3x-client
samba3x-common
samba3x-doc
samba3x-domainjoin-gui
samba3x-swat
samba3x-winbind
samba3x-winbind-devel
tdb-tools

Upstream details at:
https://access.redhat.com/errata/RHSA-2010:0488

OSVersionArchitecturePackageVersionFilename
CentOS5i386libsmbclient< 3.0.33-3.29.el5_5libsmbclient-3.0.33-3.29.el5_5.i386.rpm
CentOS5i386libsmbclient-devel< 3.0.33-3.29.el5_5libsmbclient-devel-3.0.33-3.29.el5_5.i386.rpm
CentOS5i386samba< 3.0.33-3.29.el5_5samba-3.0.33-3.29.el5_5.i386.rpm
CentOS5i386samba-client< 3.0.33-3.29.el5_5samba-client-3.0.33-3.29.el5_5.i386.rpm
CentOS5i386samba-common< 3.0.33-3.29.el5_5samba-common-3.0.33-3.29.el5_5.i386.rpm
CentOS5i386samba-swat< 3.0.33-3.29.el5_5samba-swat-3.0.33-3.29.el5_5.i386.rpm
CentOS5x86_64libsmbclient< 3.0.33-3.29.el5_5libsmbclient-3.0.33-3.29.el5_5.x86_64.rpm
CentOS5x86_64libsmbclient-devel< 3.0.33-3.29.el5_5libsmbclient-devel-3.0.33-3.29.el5_5.x86_64.rpm
CentOS5x86_64samba< 3.0.33-3.29.el5_5samba-3.0.33-3.29.el5_5.x86_64.rpm
CentOS5x86_64samba-client< 3.0.33-3.29.el5_5samba-client-3.0.33-3.29.el5_5.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
CentOS	5	i386	libsmbclient	< 3.0.33-3.29.el5_5	libsmbclient-3.0.33-3.29.el5_5.i386.rpm
CentOS	5	i386	libsmbclient-devel	< 3.0.33-3.29.el5_5	libsmbclient-devel-3.0.33-3.29.el5_5.i386.rpm
CentOS	5	i386	samba	< 3.0.33-3.29.el5_5	samba-3.0.33-3.29.el5_5.i386.rpm
CentOS	5	i386	samba-client	< 3.0.33-3.29.el5_5	samba-client-3.0.33-3.29.el5_5.i386.rpm
CentOS	5	i386	samba-common	< 3.0.33-3.29.el5_5	samba-common-3.0.33-3.29.el5_5.i386.rpm
CentOS	5	i386	samba-swat	< 3.0.33-3.29.el5_5	samba-swat-3.0.33-3.29.el5_5.i386.rpm
CentOS	5	x86_64	libsmbclient	< 3.0.33-3.29.el5_5	libsmbclient-3.0.33-3.29.el5_5.x86_64.rpm
CentOS	5	x86_64	libsmbclient-devel	< 3.0.33-3.29.el5_5	libsmbclient-devel-3.0.33-3.29.el5_5.x86_64.rpm
CentOS	5	x86_64	samba	< 3.0.33-3.29.el5_5	samba-3.0.33-3.29.el5_5.x86_64.rpm
CentOS	5	x86_64	samba-client	< 3.0.33-3.29.el5_5	samba-client-3.0.33-3.29.el5_5.x86_64.rpm