Synopsis: Critical: samba3x security update Issue date: 2010-09-14 CVE Names: CVE-2010-3069 NOTE: This errata went out 2010-09-15, but this email was not sent. A missing array boundary checking flaw was found in the way Samba parsed the binary representation of Windows security identifiers (SIDs). A malicious client could send a specially-crafted SMB request to the Samba server, resulting in arbitrary code execution with the privileges of the Samba server (smbd). (CVE-2010-3069) After installing this update, the smb service will be restarted automatically. SL 5.x SRPMS: samba3x-3.3.8-0.52.el5_5.2.src.rpm i386: libtalloc-1.2.0-52.el5_5.2.i386.rpm libtalloc-devel-1.2.0-52.el5_5.2.i386.rpm libtdb-1.1.2-52.el5_5.2.i386.rpm libtdb-devel-1.1.2-52.el5_5.2.i386.rpm samba3x-3.3.8-0.52.el5_5.2.i386.rpm samba3x-client-3.3.8-0.52.el5_5.2.i386.rpm samba3x-common-3.3.8-0.52.el5_5.2.i386.rpm samba3x-doc-3.3.8-0.52.el5_5.2.i386.rpm samba3x-domainjoin-gui-3.3.8-0.52.el5_5.2.i386.rpm samba3x-swat-3.3.8-0.52.el5_5.2.i386.rpm samba3x-winbind-3.3.8-0.52.el5_5.2.i386.rpm samba3x-winbind-devel-3.3.8-0.52.el5_5.2.i386.rpm tdb-tools-1.1.2-52.el5_5.2.i386.rpm x86_64: libtalloc-1.2.0-52.el5_5.2.i386.rpm libtalloc-1.2.0-52.el5_5.2.x86_64.rpm libtalloc-devel-1.2.0-52.el5_5.2.i386.rpm libtalloc-devel-1.2.0-52.el5_5.2.x86_64.rpm libtdb-1.1.2-52.el5_5.2.i386.rpm libtdb-1.1.2-52.el5_5.2.x86_64.rpm libtdb-devel-1.1.2-52.el5_5.2.i386.rpm libtdb-devel-1.1.2-52.el5_5.2.x86_64.rpm samba3x-3.3.8-0.52.el5_5.2.x86_64.rpm samba3x-client-3.3.8-0.52.el5_5.2.x86_64.rpm samba3x-common-3.3.8-0.52.el5_5.2.x86_64.rpm samba3x-doc-3.3.8-0.52.el5_5.2.x86_64.rpm samba3x-domainjoin-gui-3.3.8-0.52.el5_5.2.x86_64.rpm samba3x-swat-3.3.8-0.52.el5_5.2.x86_64.rpm samba3x-winbind-3.3.8-0.52.el5_5.2.i386.rpm samba3x-winbind-3.3.8-0.52.el5_5.2.x86_64.rpm samba3x-winbind-devel-3.3.8-0.52.el5_5.2.i386.rpm samba3x-winbind-devel-3.3.8-0.52.el5_5.2.x86_64.rpm tdb-tools-1.1.2-52.el5_5.2.x86_64.rpm -Connie Sieh -Troy Dawson