Synopsis:	Critical: samba3x security update
Issue date:	2010-09-14
CVE Names:	CVE-2010-3069

NOTE: This errata went out  2010-09-15, but this email was not sent.

A missing array boundary checking flaw was found in the way Samba parsed
the binary representation of Windows security identifiers (SIDs). A
malicious client could send a specially-crafted SMB request to the Samba
server, resulting in arbitrary code execution with the privileges of the
Samba server (smbd). (CVE-2010-3069)

After installing this update, the smb service will be restarted 
automatically.

SL 5.x

     SRPMS:
samba3x-3.3.8-0.52.el5_5.2.src.rpm
     i386:
libtalloc-1.2.0-52.el5_5.2.i386.rpm
libtalloc-devel-1.2.0-52.el5_5.2.i386.rpm
libtdb-1.1.2-52.el5_5.2.i386.rpm
libtdb-devel-1.1.2-52.el5_5.2.i386.rpm
samba3x-3.3.8-0.52.el5_5.2.i386.rpm
samba3x-client-3.3.8-0.52.el5_5.2.i386.rpm
samba3x-common-3.3.8-0.52.el5_5.2.i386.rpm
samba3x-doc-3.3.8-0.52.el5_5.2.i386.rpm
samba3x-domainjoin-gui-3.3.8-0.52.el5_5.2.i386.rpm
samba3x-swat-3.3.8-0.52.el5_5.2.i386.rpm
samba3x-winbind-3.3.8-0.52.el5_5.2.i386.rpm
samba3x-winbind-devel-3.3.8-0.52.el5_5.2.i386.rpm
tdb-tools-1.1.2-52.el5_5.2.i386.rpm
     x86_64:
libtalloc-1.2.0-52.el5_5.2.i386.rpm
libtalloc-1.2.0-52.el5_5.2.x86_64.rpm
libtalloc-devel-1.2.0-52.el5_5.2.i386.rpm
libtalloc-devel-1.2.0-52.el5_5.2.x86_64.rpm
libtdb-1.1.2-52.el5_5.2.i386.rpm
libtdb-1.1.2-52.el5_5.2.x86_64.rpm
libtdb-devel-1.1.2-52.el5_5.2.i386.rpm
libtdb-devel-1.1.2-52.el5_5.2.x86_64.rpm
samba3x-3.3.8-0.52.el5_5.2.x86_64.rpm
samba3x-client-3.3.8-0.52.el5_5.2.x86_64.rpm
samba3x-common-3.3.8-0.52.el5_5.2.x86_64.rpm
samba3x-doc-3.3.8-0.52.el5_5.2.x86_64.rpm
samba3x-domainjoin-gui-3.3.8-0.52.el5_5.2.x86_64.rpm
samba3x-swat-3.3.8-0.52.el5_5.2.x86_64.rpm
samba3x-winbind-3.3.8-0.52.el5_5.2.i386.rpm
samba3x-winbind-3.3.8-0.52.el5_5.2.x86_64.rpm
samba3x-winbind-devel-3.3.8-0.52.el5_5.2.i386.rpm
samba3x-winbind-devel-3.3.8-0.52.el5_5.2.x86_64.rpm
tdb-tools-1.1.2-52.el5_5.2.x86_64.rpm

-Connie Sieh
-Troy Dawson