Synopsis: Critical: samba security update
Issue date: 2010-06-16
CVE Names: CVE-2010-2063
An input sanitization flaw was found in the way Samba parsed client
data. A malicious client could send a specially-crafted SMB packet to
the Samba server, resulting in arbitrary code execution with the
privileges of the Samba server (smbd). (CVE-2010-2063)
After installing this update, the smb service will be restarted
automatically.
SL 3.0.x
SRPMS:
samba-3.0.9-1.3E.17.src.rpm
i386:
samba-3.0.9-1.3E.17.i386.rpm
samba-client-3.0.9-1.3E.17.i386.rpm
samba-common-3.0.9-1.3E.17.i386.rpm
samba-swat-3.0.9-1.3E.17.i386.rpm
x86_64:
samba-3.0.9-1.3E.17.i386.rpm
samba-3.0.9-1.3E.17.x86_64.rpm
samba-client-3.0.9-1.3E.17.x86_64.rpm
samba-common-3.0.9-1.3E.17.i386.rpm
samba-common-3.0.9-1.3E.17.x86_64.rpm
samba-swat-3.0.9-1.3E.17.x86_64.rpm
SL 4.x
SRPMS:
samba-3.0.33-0.19.el4_8.1.src.rpm
i386:
samba-3.0.33-0.19.el4_8.1.i386.rpm
samba-client-3.0.33-0.19.el4_8.1.i386.rpm
samba-common-3.0.33-0.19.el4_8.1.i386.rpm
samba-swat-3.0.33-0.19.el4_8.1.i386.rpm
x86_64:
samba-3.0.33-0.19.el4_8.1.x86_64.rpm
samba-client-3.0.33-0.19.el4_8.1.x86_64.rpm
samba-common-3.0.33-0.19.el4_8.1.i386.rpm
samba-common-3.0.33-0.19.el4_8.1.x86_64.rpm
samba-swat-3.0.33-0.19.el4_8.1.x86_64.rpm
-Connie Sieh
-Troy Dawson