Synopsis: Critical: samba3x security update Issue Date: 2012-04-10 CVE Numbers: CVE-2012-1182 Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw in the Samba suite's Perl-based DCE/RPC IDL (PIDL) compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon (smbd) to crash or, possibly, execute arbitrary code with the privileges of the root user. (CVE-2012-1182) Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing this update, the smb service will be restarted automatically. SL5: i386 samba3x-3.5.10-0.108.el5_8.i386.rpm samba3x-client-3.5.10-0.108.el5_8.i386.rpm samba3x-common-3.5.10-0.108.el5_8.i386.rpm samba3x-debuginfo-3.5.10-0.108.el5_8.i386.rpm samba3x-doc-3.5.10-0.108.el5_8.i386.rpm samba3x-domainjoin-gui-3.5.10-0.108.el5_8.i386.rpm samba3x-swat-3.5.10-0.108.el5_8.i386.rpm samba3x-winbind-3.5.10-0.108.el5_8.i386.rpm samba3x-winbind-devel-3.5.10-0.108.el5_8.i386.rpm x86_64 samba3x-3.5.10-0.108.el5_8.x86_64.rpm samba3x-client-3.5.10-0.108.el5_8.x86_64.rpm samba3x-common-3.5.10-0.108.el5_8.x86_64.rpm samba3x-debuginfo-3.5.10-0.108.el5_8.i386.rpm samba3x-debuginfo-3.5.10-0.108.el5_8.x86_64.rpm samba3x-doc-3.5.10-0.108.el5_8.x86_64.rpm samba3x-domainjoin-gui-3.5.10-0.108.el5_8.x86_64.rpm samba3x-swat-3.5.10-0.108.el5_8.x86_64.rpm samba3x-winbind-3.5.10-0.108.el5_8.i386.rpm samba3x-winbind-3.5.10-0.108.el5_8.x86_64.rpm samba3x-winbind-devel-3.5.10-0.108.el5_8.i386.rpm samba3x-winbind-devel-3.5.10-0.108.el5_8.x86_64.rpm - Scientific Linux Development Team