4.279. samba
Updated samba packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6; Red Hat Enterprise Linux 5.3 Long Life; and Red Hat Enterprise Linux 5.6, 6.0 and 6.1 Extended Update Support.
The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) associated with each description below.
Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information.
Security Fix
- CVE-2012-1182
- A flaw in the Samba suite's Perl-based DCE/RPC IDL (PIDL) compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon (smbd) to crash or, possibly, execute arbitrary code with the privileges of the root user.
Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing this update, the smb service will be restarted automatically.
Updated samba3x and samba packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6 respectively.
The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link(s) associated with each description below.
Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information.
Security Fix
- CVE-2012-2111
- A flaw was found in the way Samba handled certain Local Security Authority (LSA) Remote Procedure Calls (RPC). An authenticated user could use this flaw to issue an RPC call that would modify the privileges database on the Samba server, allowing them to steal the ownership of files and directories that are being shared by the Samba server, and create, delete, and modify user accounts, as well as other Samba server administration tasks.
Red Hat would like to thank the Samba project for reporting this issue. Upstream acknowledges Ivano Cristofolini as the original reporter.
Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing this update, the smb service will be restarted automatically.
Updated samba packages that fix multiple bugs are now available for Red Hat Enterprise Linux 6.
Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information (such as lists of available files and printers).
- BZ#713570
- Previously, Samba did not correctly create user principal names for trusted domain users. As a result, joining Samba to a Windows domain using an account from a trusted domain did not work. With this update, composing the user principal name for Kerberos authentication has been fixed so that the bug no longer occurs.
- BZ#709617
- Previously, printers controlled by the Common Unix Printing System (CUPS) and shared by a Samba server did not display the information on "location", which was controlled by the CUPS server, on Windows clients. With this update, the bug has been fixed so that the information on "location" is now correctly displayed on Windows clients.
- BZ#719355
- Previously, Samba did not correctly support clients with plain text passwords. As a result, Windows clients were unable to connect to Samba with plain text passwords. With this update, Samba support for plain text passwords has been fixed.
- BZ#703393
- Previously, when a paper format on a Samba shared printer was selected from a Windows client, this selection was not saved properly on the Samba server. As a result, changing printer properties had no effect. With this update, the bug has been fixed so that the printer properties are now saved, as expected.
- BZ#725281
- Previously, in certain environments with many users, the
pam_winbind
module stopped operating. As a result, there were failures encountered if users attempted to log in. With this update, the bug has been fixed so thatpam_winbind
now works, as expected. - BZ#741934
- Previously, Winbind did not recover from network connection failures after an unsuccessful user authentication. As a result, Winbind had to be restarted for users to be able to retry the authentication process. With this update, the bug has been fixed so that users are now able to retry the authentication process without restarting Winbind.
- BZ#709070
- Previously, there were performance problems with print servers that served a large number of printers. As a result, clients had to wait a long time to be able to use printers shared on a Samba server. With this update, the performance problems with print servers have been fixed.
- BZ#740832
- If Linux clients used the Common Internet File System (CIFS) client in the kernel to mount a Samba share, the
force create mode
parameter was not honored properly. As a result, files created on a mounted Samba share did not properly follow theumask
parameter, and files with undesired permissions were created. With this update, the bug has been fixed and no longer occurs. - BZ#743892
- Previously, Windows Internet Explorer 9 running on Microsoft Windows 7 was unable to download files onto a Samba share. With this update, the bug has been fixed and no longer occurs
- BZ#709641
- Previously, Winbind was not able to correctly retrieve user and group information from a Windows server. As a result, Winbind was unable to expose users and groups on the local system. This bug has been fixed in this update.
- BZ#705123
- Previously, if Winbind was used to provide MS-CHAPv2 authentication for FreeRadius, an invalid session key was used. As a result, users with MS-CHAPv2 authentication were unable to authenticate. With this update, this bug has been fixed so that MS-CHAPv2 authentication for FreeRadius now works as expected.
- BZ#739186
- Previously, certain Samba components logged a large number of unimportant internal messages to the system log. This bug has been fixed in this update by increasing the log level for the log messages.
- BZ#737810
- Previously, the net(8) man page did not document Kerberos authentication. This bug has been fixed by adding the missing documentation to the man page.
- BZ#693136
- If a printer driver was installed on a Samba server, there was a failure encountered on the Windows client. As a result, driver settings were not properly initialized and the printer did not work properly. With this update, the bug has been fixed so that the printer driver installation now works as expected.
- BZ#737808
- Previously, the net utility used for joining the Windows domains did not use the existing Kerberos credential cache. As a result, users were unable to reuse their existing tickets to join the Windows domains with Kerberos. With this update, the net utility has been fixed so that it now uses existing tickets from the default credential cache.
- BZ#691423
- When registering the Domain Name System (DNS) names, certain Samba utilities aborted the DNS registration if Samba tried to contact a disconnected DNS name server. With this update, Samba has been fixed so that it skips those DNS name servers that are not available on the network.
- BZ#652609
- Previously, the man pages for certain Samba components did not document that if the Windows Services for UNIX (SFU) are enabled, or if the standard RFC 2307 LDAP attributes in the Active Directory (AD) are used, primary group membership is not calculated based on the
gidNumber
LDAP attribute. Instead, Winbind uses theprimaryGroupID
LDAP attribute. As a result, setting thegidNumber
attribute in AD has no effect for accounts if Winbind is used. With this update, the man pages have been updated accordingly to reflect the aforementioned limitation. - BZ#748325
- Previously, extracting files from a ZIP archive failed on the Distributed File System (DFS) shares if the
follow symlinks = yes
parameter was not set. This bug has been fixed in this update so that extracting files from the ZIP archive now works as expected.
All users of samba should upgrade to these updated packages, which fix these bugs.