Description: | Description:
The remote host is missing an update to samba announced via advisory FEDORA-2006-808.
Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information (such as lists of available files and printers). The Windows NT, OS/2, and Linux operating systems support this natively, and add-on packages can enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS, and more. This package provides an SMB server that can be used to provide network services to SMB (sometimes called Lan Manager) clients. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need the NetBEUI (Microsoft Raw NetBIOS frame) protocol.
* Wed Jul 12 2006 Jay Fenlason 3.0.23-1.fc4 - Update to 3.0.23 to close bz#197836 CVE-2006-3403 Samba denial of service - include related spec file, filter-requires-samba.sh and patch changes from rawhide. -winbind, and -access patches are obsolete. - include the fixed smb.init file from rawhide, closing bz#182560 Wrong retval for initscript when smbd is dead * Mon Oct 10 2005 Jay Fenlason - Upgrade to 3.0.20a, which includes all the previous upstream patches. - Include the -winbind patch from Jeremy Allison to fix a problem with winbind crashing. - Include the -access patch from Jeremy Allison to fix a problem with MS Access lock files. - Updated the -warnings patch for 3.0.20a. - Include --with-shared-modules=idmap_ad,idmap_rid to close bz#156810 ? --with-shared-modules=idmap_ad,idmap_rid - Include the new samba.pamd from Tomas Mraz (tmraz@redhat.com) to close bz#170259 ? pam_stack is deprecated * Mon Aug 22 2005 Jay Fenlason - New upstream release Includes five upstream patches -bug3010_v1, -groupname_enumeration_v3, -regcreatekey_winxp_v1, -usrmgr_groups_v1, and -winbindd_v1 This obsoletes the -pie and -delim patches the -warning and -gcc4 patches are obsolete too The -man, -passwd, and -smbspool patches were updated to match 3.0.20pre1 Also, the -quoting patch was implemented differently upstream There is now a umount.cifs executable and manpage We run autogen.sh as part of the build phase The testprns command is now gone libsmbclient now has a man page - Include -bug106483 patch to close bz#106483 smbclient: -N negates the provided password, despite documentation - Added the -warnings patch to quiet some compiler warnings. - Removed many obsolete patches from CVS.
Solution: Apply the appropriate updates.
This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/.
https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2006-808
Risk factor : Medium
CVSS Score: 5.0
|