Synopsis: Critical: samba security and bug fix update Issue date: 2010-09-14 CVE Names: CVE-2010-3069 NOTE: This errata went out 2010-09-15, but this email was not sent. A missing array boundary checking flaw was found in the way Samba parsed the binary representation of Windows security identifiers (SIDs). A malicious client could send a specially-crafted SMB request to the Samba server, resulting in arbitrary code execution with the privileges of the Samba server (smbd). (CVE-2010-3069) For Scientific Linux 4, this update also fixes the following bug: * Previously, the restorecon utility was required during the installationof the samba-common package. As a result, attempting to update sambawithout this utility installed may have failed with the following error: /var/tmp/rpm-tmp.[xxxxx]: line 7: restorecon: command not found With this update, the utility is only used when it is already present on the system, and the package is now always updated as expected. (BZ#629602) After installing this update, the smb service will be restarted automatically. SL 3.0.x SRPMS: samba-3.0.9-1.3E.18.src.rpm i386: samba-3.0.9-1.3E.18.i386.rpm samba-client-3.0.9-1.3E.18.i386.rpm samba-common-3.0.9-1.3E.18.i386.rpm samba-swat-3.0.9-1.3E.18.i386.rpm x86_64: samba-3.0.9-1.3E.18.i386.rpm samba-3.0.9-1.3E.18.x86_64.rpm samba-client-3.0.9-1.3E.18.x86_64.rpm samba-common-3.0.9-1.3E.18.i386.rpm samba-common-3.0.9-1.3E.18.x86_64.rpm samba-swat-3.0.9-1.3E.18.x86_64.rpm SL 4.x SRPMS: samba-3.0.33-0.19.el4_8.3.src.rpm i386: samba-3.0.33-0.19.el4_8.3.i386.rpm samba-client-3.0.33-0.19.el4_8.3.i386.rpm samba-common-3.0.33-0.19.el4_8.3.i386.rpm samba-swat-3.0.33-0.19.el4_8.3.i386.rpm x86_64: samba-3.0.33-0.19.el4_8.3.x86_64.rpm samba-client-3.0.33-0.19.el4_8.3.x86_64.rpm samba-common-3.0.33-0.19.el4_8.3.i386.rpm samba-common-3.0.33-0.19.el4_8.3.x86_64.rpm samba-swat-3.0.33-0.19.el4_8.3.x86_64.rpm SL 5.x SRPMS: samba-3.0.33-3.29.el5_5.1.src.rpm i386: libsmbclient-3.0.33-3.29.el5_5.1.i386.rpm libsmbclient-devel-3.0.33-3.29.el5_5.1.i386.rpm samba-3.0.33-3.29.el5_5.1.i386.rpm samba-client-3.0.33-3.29.el5_5.1.i386.rpm samba-common-3.0.33-3.29.el5_5.1.i386.rpm samba-swat-3.0.33-3.29.el5_5.1.i386.rpm x86_64: libsmbclient-3.0.33-3.29.el5_5.1.i386.rpm libsmbclient-3.0.33-3.29.el5_5.1.x86_64.rpm libsmbclient-devel-3.0.33-3.29.el5_5.1.i386.rpm libsmbclient-devel-3.0.33-3.29.el5_5.1.x86_64.rpm samba-3.0.33-3.29.el5_5.1.x86_64.rpm samba-client-3.0.33-3.29.el5_5.1.x86_64.rpm samba-common-3.0.33-3.29.el5_5.1.i386.rpm samba-common-3.0.33-3.29.el5_5.1.x86_64.rpm samba-swat-3.0.33-3.29.el5_5.1.x86_64.rpm -Connie Sieh -Troy Dawson