Synopsis:	Critical: samba security and bug fix update
Issue date:	2007-12-10
CVE Names:	CVE-2007-6015

A stack buffer overflow flaw was found in the way Samba authenticates
remote users. A remote unauthenticated user could trigger this flaw to
cause the Samba server to crash, or execute arbitrary code with the
permissions of the Samba server. (CVE-2007-6015)

This update also fixes a regression caused by the fix for CVE-2007-4572,
which prevented some clients from being able to properly access shares.

SL 3.0.x

    SRPMS:
samba-3.0.9-1.3E.14.3.src.rpm
    i386:
samba-3.0.9-1.3E.14.3.i386.rpm
samba-client-3.0.9-1.3E.14.3.i386.rpm
samba-common-3.0.9-1.3E.14.3.i386.rpm
samba-swat-3.0.9-1.3E.14.3.i386.rpm
    x86_64:
samba-3.0.9-1.3E.14.3.i386.rpm
samba-3.0.9-1.3E.14.3.x86_64.rpm
samba-client-3.0.9-1.3E.14.3.x86_64.rpm
samba-common-3.0.9-1.3E.14.3.i386.rpm
samba-common-3.0.9-1.3E.14.3.x86_64.rpm
samba-swat-3.0.9-1.3E.14.3.x86_64.rpm

SL 4.x

    SRPMS:
samba-3.0.25b-1.el4_6.4.src.rpm
    i386:
samba-3.0.25b-1.el4_6.4.i386.rpm
samba-client-3.0.25b-1.el4_6.4.i386.rpm
samba-common-3.0.25b-1.el4_6.4.i386.rpm
samba-swat-3.0.25b-1.el4_6.4.i386.rpm
    x86_64:
samba-3.0.25b-1.el4.4.x86_64.rpm
samba-client-3.0.25b-1.el4.4.x86_64.rpm
samba-common-3.0.25b-1.el4.4.x86_64.rpm
samba-common-3.0.25b-1.el4_6.4.i386.rpm
samba-swat-3.0.25b-1.el4.4.x86_64.rpm

SL 5.x

    SRPMS:
samba-3.0.25b-1.el5_1.4.src.rpm
    i386:
samba-3.0.25b-1.el5.4.i386.rpm
samba-client-3.0.25b-1.el5.4.i386.rpm
samba-common-3.0.25b-1.el5.4.i386.rpm
samba-swat-3.0.25b-1.el5.4.i386.rpm
    x86_64:
samba-3.0.25b-1.el5.4.x86_64.rpm
samba-client-3.0.25b-1.el5.4.x86_64.rpm
samba-common-3.0.25b-1.el5.4.i386.rpm
samba-common-3.0.25b-1.el5.4.x86_64.rpm
samba-swat-3.0.25b-1.el5.4.x86_64.rpm

-Connie Sieh
-Troy Dawson