Subject: Fedora Core 2 Update: kdebase-3.2.2-6.FC2
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-293
2004-09-08
---------------------------------------------------------------------
Product : Fedora Core 2
Name : kdebase
Version : 3.2.2
Release : 6.FC2
Summary : K Desktop Environment - core files
Description :
Core applications for the K Desktop Environment. Included are: kdm
(replacement for xdm), kwin (window manager), konqueror (filemanager,
web browser, ftp client, ...), konsole (xterm replacement), kpanel
(application starter and desktop pager), kaudio (audio server),
kdehelp (viewer for kde help files, info and man pages), kthememgr
(system for managing alternate theme packages) plus other KDE
components (kcheckpass, kikbd, kscreensaver, kcontrol, kfind,
kfontmanager, kmenuedit).
---------------------------------------------------------------------
Update Information:
Andrew Tuitt reported that versions of KDE up to and including 3.2.3 create
temporary directories with predictable names. A local attacker could
prevent KDE applications from functioning correctly, or overwrite files
owned by other users by creating malicious symlinks. The Common
Vulnerabilities and Exposures project has assigned the name CAN-2004-0689
to this issue.
WESTPOINT internet reconnaissance services has discovered that the KDE web
browser Konqueror allows websites to set cookies for certain country
specific secondary top level domains. An attacker within one of the
affected domains could construct a cookie which would be sent to all other
websites within the domain leading to a session fixation attack. This
issue does not affect popular domains such as .co.uk, .co.in, or .com. The
Common Vulnerabilities and Exposures project has assigned the name
CAN-2004-0721 to this issue.
A frame injection spoofing vulnerability has been discovered in the
Konqueror web browser. This issue could allow a malicious website to show
arbitrary content in a named frame of a different browser window. The
Common Vulnerabilities and Exposures project has assigned the name
CAN-2004-0746 to this issue.
All users of KDE are advised to upgrade to these packages,
which contain backported patches from the KDE team for these issues.
---------------------------------------------------------------------
* Mon Sep 06 2004 Than Ngo <than(a)redhat.com> 6:3.2.2-6.FC2
- fix a bug in keyboard layout with xorg.x11, bug #121950
- fix df problem on AFS
* Wed Sep 01 2004 Than Ngo <than(a)redhat.com> 6:3.2.2-5.FC2
- Konqueror Frame Injection Vulnerability, CAN-2004-0721
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
80f87d426b760776fc7fc03653ad30a6 SRPMS/kdebase-3.2.2-6.FC2.src.rpm
6bbf33f60b428bc3f2e0fac4fa09b64f x86_64/kdebase-3.2.2-6.FC2.x86_64.rpm
8eb7ca6d4dd1557114980885744ecdfd
x86_64/kdebase-devel-3.2.2-6.FC2.x86_64.rpm
4e9b9094fc7abd21083de2c17b9f51f0
x86_64/debug/kdebase-debuginfo-3.2.2-6.FC2.x86_64.rpm
a05b23c8202566417a5bc2d3a3a5cd88 i386/kdebase-3.2.2-6.FC2.i386.rpm
bc6d4263395d4af1a4b89503ff4a8e28 i386/kdebase-devel-3.2.2-6.FC2.i386.rpm
1835604099fdd8c8ed532f5c15709c0d
i386/debug/kdebase-debuginfo-3.2.2-6.FC2.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
Subject: Fedora Core 1 Update: kdebase-3.1.4-7
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-292
2004-09-08
---------------------------------------------------------------------
Product : Fedora Core 1
Name : kdebase
Version : 3.1.4
Release : 7
Summary : K Desktop Environment - core files
Description :
Core applications for the K Desktop Environment. Included are: kdm
(replacement for xdm), kwin (window manager), konqueror (filemanager,
web browser, ftp client, ...), konsole (xterm replacement), kpanel
(application starter and desktop pager), kaudio (audio server),
kdehelp (viewer for kde help files, info and man pages), kthememgr
(system for managing alternate theme packages) plus other KDE
components (kcheckpass, kikbd, kscreensaver, kcontrol, kfind,
kfontmanager, kmenuedit).
---------------------------------------------------------------------
Update Information:
Andrew Tuitt reported that versions of KDE up to and including 3.2.3 create
temporary directories with predictable names. A local attacker could
prevent KDE applications from functioning correctly, or overwrite files
owned by other users by creating malicious symlinks. The Common
Vulnerabilities and Exposures project has assigned the name CAN-2004-0689
to this issue.
WESTPOINT internet reconnaissance services has discovered that the KDE web
browser Konqueror allows websites to set cookies for certain country
specific secondary top level domains. An attacker within one of the
affected domains could construct a cookie which would be sent to all other
websites within the domain leading to a session fixation attack. This
issue does not affect popular domains such as .co.uk, .co.in, or .com. The
Common Vulnerabilities and Exposures project has assigned the name
CAN-2004-0721 to this issue.
A frame injection spoofing vulnerability has been discovered in the
Konqueror web browser. This issue could allow a malicious website to show
arbitrary content in a named frame of a different browser window. The
Common Vulnerabilities and Exposures project has assigned the name
CAN-2004-0746 to this issue.
All users of KDE are advised to upgrade to these packages,
which contain backported patches from the KDE team for these issues.
---------------------------------------------------------------------
* Wed Sep 01 2004 Than Ngo <than(a)redhat.com> 6:3.1.4-7
- Konqueror Frame Injection Vulnerability, CAN-2004-0721
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/
3004c6dd30bc64d3631acd3d2219814d SRPMS/kdebase-3.1.4-7.src.rpm
e91dc13e33256a43b283372e4c7d112c x86_64/kdebase-3.1.4-7.x86_64.rpm
21b010b35a8ed93dc8ab0c53a6e37f06 x86_64/kdebase-devel-3.1.4-7.x86_64.rpm
4c89d11b04180f76815b531a52d0d19c
x86_64/debug/kdebase-debuginfo-3.1.4-7.x86_64.rpm
d0ec97d874f9a5c9b380c6aee2fa5d64 i386/kdebase-3.1.4-7.i386.rpm
af1d70916ef1fc53b7dd2f999650374a i386/kdebase-devel-3.1.4-7.i386.rpm
df6a6e5af583325164291aaeaeca4269
i386/debug/kdebase-debuginfo-3.1.4-7.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
Subject: Fedora Core 2 Update: kdelibs-3.2.2-8.FC2
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-291
2004-09-08
---------------------------------------------------------------------
Product : Fedora Core 2
Name : kdelibs
Version : 3.2.2
Release : 8.FC2
Summary : K Desktop Environment - Libraries
Description :
Libraries for the K Desktop Environment:
KDE Libraries included: kdecore (KDE core library), kdeui (user interface),
kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking),
kspell (spelling checker), jscript (javascript), kab (addressbook),
kimgio (image manipulation).
---------------------------------------------------------------------
Update Information:
Andrew Tuitt reported that versions of KDE up to and including 3.2.3 create
temporary directories with predictable names. A local attacker could
prevent KDE applications from functioning correctly, or overwrite files
owned by other users by creating malicious symlinks. The Common
Vulnerabilities and Exposures project has assigned the name CAN-2004-0689
to this issue.
WESTPOINT internet reconnaissance services has discovered that the KDE web
browser Konqueror allows websites to set cookies for certain country
specific secondary top level domains. An attacker within one of the
affected domains could construct a cookie which would be sent to all other
websites within the domain leading to a session fixation attack. This
issue does not affect popular domains such as .co.uk, .co.in, or .com. The
Common Vulnerabilities and Exposures project has assigned the name
CAN-2004-0721 to this issue.
A frame injection spoofing vulnerability has been discovered in the
Konqueror web browser. This issue could allow a malicious website to show
arbitrary content in a named frame of a different browser window. The
Common Vulnerabilities and Exposures project has assigned the name
CAN-2004-0746 to this issue.
All users of KDE are advised to upgrade to these packages,
which contain backported patches from the KDE team for these issues.
---------------------------------------------------------------------
* Wed Sep 01 2004 Than Ngo <than(a)redhat.com> 6:3.2.2-8.FC2
- Konqueror Frame Injection Vulnerability CAN-2004-0721
- Konqueror Cross-Domain Cookie Injection CAN-2004-0746
* Wed Jul 28 2004 Than Ngo <than(a)redhat.com> 6:3.2.2-7
- DCOPServer Temporary Filename Vulnerability, CAN-2004-0690
- temporary directory vulnerability, CAN-2004-0689
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
1f58d8b1b9a5598e249f9cca9dfd989d SRPMS/kdelibs-3.2.2-8.FC2.src.rpm
b5106d0e1e28796c79df11a798d1e1bb x86_64/kdelibs-3.2.2-8.FC2.x86_64.rpm
9460641c334c4e448cd94f20dfda49fd
x86_64/kdelibs-devel-3.2.2-8.FC2.x86_64.rpm
82353b5f48c540655dbec591ff6afa28
x86_64/debug/kdelibs-debuginfo-3.2.2-8.FC2.x86_64.rpm
bbe4cd8f2842be7209f7821d8548926a i386/kdelibs-3.2.2-8.FC2.i386.rpm
9d25c78e9ae1e911411c47f8f4aaae2f i386/kdelibs-devel-3.2.2-8.FC2.i386.rpm
3cb3189b5c72aa10fef2bfb99b2059d2
i386/debug/kdelibs-debuginfo-3.2.2-8.FC2.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
Subject: Fedora Core 1 Update: kdelibs-3.1.4-7
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-290
2004-09-08
---------------------------------------------------------------------
Product : Fedora Core 1
Name : kdelibs
Version : 3.1.4
Release : 7
Summary : K Desktop Environment - Libraries
Description :
Libraries for the K Desktop Environment:
KDE Libraries included: kdecore (KDE core library), kdeui (user interface),
kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking),
kspell (spelling checker), jscript (javascript), kab (addressbook),
kimgio (image manipulation).
---------------------------------------------------------------------
Update Information:
Andrew Tuitt reported that versions of KDE up to and including 3.2.3 create
temporary directories with predictable names. A local attacker could
prevent KDE applications from functioning correctly, or overwrite files
owned by other users by creating malicious symlinks. The Common
Vulnerabilities and Exposures project has assigned the name CAN-2004-0689
to this issue.
WESTPOINT internet reconnaissance services has discovered that the KDE web
browser Konqueror allows websites to set cookies for certain country
specific secondary top level domains. An attacker within one of the
affected domains could construct a cookie which would be sent to all other
websites within the domain leading to a session fixation attack. This
issue does not affect popular domains such as .co.uk, .co.in, or .com. The
Common Vulnerabilities and Exposures project has assigned the name
CAN-2004-0721 to this issue.
A frame injection spoofing vulnerability has been discovered in the
Konqueror web browser. This issue could allow a malicious website to show
arbitrary content in a named frame of a different browser window. The
Common Vulnerabilities and Exposures project has assigned the name
CAN-2004-0746 to this issue.
All users of KDE are advised to upgrade to these erratum packages,
which contain backported patches from the KDE team for these issues.
---------------------------------------------------------------------
* Wed Sep 01 2004 Than Ngo <than(a)redhat.com> 6:3.1.4-7
- Konqueror Frame Injection Vulnerability CAN-2004-0721
- Konqueror Cross-Domain Cookie Injection CAN-2004-0746
* Wed Jul 28 2004 Than Ngo <than(a)redhat.com> 6:3.1.4-6
- temporary directory vulnerability, CAN-2004-0689
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/
008938cbdcd2153b84d2dda1cbcbf887 SRPMS/kdelibs-3.1.4-7.src.rpm
eb7ea45f4d74c1445336bcef9761f02f x86_64/kdelibs-3.1.4-7.x86_64.rpm
09e622613f98b001d548815e0e8a8a1e x86_64/kdelibs-devel-3.1.4-7.x86_64.rpm
5b239bdfa7ccadb00fe6eca14b4c0593
x86_64/debug/kdelibs-debuginfo-3.1.4-7.x86_64.rpm
61cef6ddcc8a103f0aae6d7c8a31e224 i386/kdelibs-3.1.4-7.i386.rpm
987c650d14f71dc848cce75f8bf4dc3a i386/kdelibs-devel-3.1.4-7.i386.rpm
b2831db469e778da7a7d4073d6cb5517
i386/debug/kdelibs-debuginfo-3.1.4-7.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
Subject: Fedora Core 1 Update: lha-1.14i-12.2
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-294
2004-09-08
---------------------------------------------------------------------
Product : Fedora Core 1
Name : lha
Version : 1.14i
Release : 12.2
Summary : An archiving and compression utility for LHarc format
archives.
Description :
LHA is an archiving and compression utility for LHarc format archives.
LHA is mostly used in the DOS world, but can be used under Linux to
extract DOS files from LHA archives.
Install the lha package if you need to extract DOS files from LHA archives.
---------------------------------------------------------------------
Update Information:
Lukasz Wojtow discovered a stack-based buffer overflow in all versions
of lha up to and including version 1.14. A carefully created archive could
allow an attacker to execute arbitrary code when a victim extracts or tests
the archive. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0769 to this issue.
Buffer overflows were discovered in the command line processing of all
versions of lha up to and including version 1.14. If a malicious user can
trick a victim into passing a specially crafted command line to the lha
command, it is possible that arbitrary code could be executed. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
names CAN-2004-0771 and CAN-2004-0694 to these issues.
Thomas Biege discovered a shell meta character command execution
vulnerability in all versions of lha up to and including 1.14. An attacker
could create a directory with shell meta characters in its name which could
lead to arbitrary command execution. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0745 to
this issue.
Users of lha should update to this updated package
---------------------------------------------------------------------
* Tue Sep 07 2004 Than Ngo <than(a)redhat.com> 1.14i-12.2
- security vulnerabilities CAN-2004-0769, CAN-2004-0771, CAN-2004-0694,
CAN-2004-0745
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/
4c8e03b8489c398e6f01c9c26e76a956 SRPMS/lha-1.14i-12.2.src.rpm
170bcabffe4609754eac38e4cab8b592 x86_64/lha-1.14i-12.2.x86_64.rpm
571754fe612bce9f0119dec63049dbca
x86_64/debug/lha-debuginfo-1.14i-12.2.x86_64.rpm
6b0f4909ea0753a01a2e29319348240d i386/lha-1.14i-12.2.i386.rpm
db44f0f1eeb45ebbbd0f39e079593879
i386/debug/lha-debuginfo-1.14i-12.2.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
Subject: Fedora Core 2 Update: lha-1.14i-14.1
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-295
2004-09-08
---------------------------------------------------------------------
Product : Fedora Core 2
Name : lha
Version : 1.14i
Release : 14.1
Summary : An archiving and compression utility for LHarc format
archives.
Description :
LHA is an archiving and compression utility for LHarc format archives.
LHA is mostly used in the DOS world, but can be used under Linux to
extract DOS files from LHA archives.
Install the lha package if you need to extract DOS files from LHA archives.
---------------------------------------------------------------------
Update Information:
Lukasz Wojtow discovered a stack-based buffer overflow in all versions
of lha up to and including version 1.14. A carefully created archive could
allow an attacker to execute arbitrary code when a victim extracts or tests
the archive. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0769 to this issue.
Buffer overflows were discovered in the command line processing of all
versions of lha up to and including version 1.14. If a malicious user can
trick a victim into passing a specially crafted command line to the lha
command, it is possible that arbitrary code could be executed. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
names CAN-2004-0771 and CAN-2004-0694 to these issues.
Thomas Biege discovered a shell meta character command execution
vulnerability in all versions of lha up to and including 1.14. An attacker
could create a directory with shell meta characters in its name which could
lead to arbitrary command execution. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0745 to
this issue.
Users of lha should update to this updated package
---------------------------------------------------------------------
* Tue Sep 07 2004 Than Ngo <than(a)redhat.com> 1.14i-14.1
- security vulnerabilities CAN-2004-0769, CAN-2004-0771, CAN-2004-0694,
CAN-2004-0745
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
bccb95c64b01e506961bdacb3323031b SRPMS/lha-1.14i-14.1.src.rpm
af515d31f9ff998a88383d0651efff68 x86_64/lha-1.14i-14.1.x86_64.rpm
8641060ad39c6bbe14e68014fbe06ce2
x86_64/debug/lha-debuginfo-1.14i-14.1.x86_64.rpm
494c07eccce7cd3f5a040d8fb384eb8b i386/lha-1.14i-14.1.i386.rpm
a8d018efd6c9fe0b8db6f96327557182
i386/debug/lha-debuginfo-1.14i-14.1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-283
2004-09-07
---------------------------------------------------------------------
Product : Fedora Core 2
Name : kudzu
Version : 1.1.68.2
Release : 1
Summary : The Red Hat Linux hardware probing tool.
Description :
Kudzu is a hardware probing tool run at system boot time to determine
what hardware has been added or removed from the system.
---------------------------------------------------------------------
Update Information:
This update reworks the network device detection in kudzu, fixing various reported bugs,
among them #108178, #111639, #112837, #120584, #120988, #122983, and #124765.
---------------------------------------------------------------------
* Tue Aug 31 2004 Bill Nottingham <notting(a)redhat.com> - 1.1.68.2-1
- fix a minor memory leak
* Fri Aug 27 2004 Bill Nottingham <notting(a)redhat.com> - 1.1.68.1-1
- tweak net device algorithm
* Mon May 24 2004 Bill Nottingham <notting(a)redhat.com> - 1.1.68-1
- fix checking of modules loaded which have a - in their name as
/proc/modules will contain an _ instead, this time for the !loader
case (#122983, at least)
* Fri May 21 2004 Jeremy Katz <katzj(a)redhat.com> - 1.1.67-1
- look for module.usbmap under /modules also for anaconda usage
* Wed May 19 2004 Bill Nottingham <notting(a)redhat.com> 1.1.66-1
- MacIO fixes (#115286, <alex.kiernan(a)thus.net>)
* Thu May 13 2004 Karsten Hopp <karsten(a)redhat.de> 1.1.65-1
- add CTC and Escon detection (mainframe)
* Tue May 11 2004 Karsten Hopp <karsten(a)redhat.de> 1.1.64-1
- change QETH module name back, newer kernels have reverted the
name change
* Mon May 10 2004 Jeremy Katz <katzj(a)redhat.com> - 1.1.63-1
- minor fix for viodasd probing
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
1338c9ee6eb181a777c57d5aa4ceaab5 SRPMS/kudzu-1.1.68.2-1.src.rpm
e1031d37bdda34ebbf5202e65675d5e3 x86_64/kudzu-1.1.68.2-1.x86_64.rpm
103fc7fb361d7324e0cb55d2c5f01724 x86_64/kudzu-devel-1.1.68.2-1.x86_64.rpm
193e959187a8ee71e500893a53dcd577 x86_64/debug/kudzu-debuginfo-1.1.68.2-1.x86_64.rpm
a8a96c2adea4995d9b185dc0ecc1b33a i386/kudzu-1.1.68.2-1.i386.rpm
665a6f6e6eaa42c0d3552dd4c02a4695 i386/kudzu-devel-1.1.68.2-1.i386.rpm
f03761bcaed2ac254a91c41924557247 i386/debug/kudzu-debuginfo-1.1.68.2-1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-282
2004-09-07
---------------------------------------------------------------------
Product : Fedora Core 1
Name : kudzu
Version : 1.1.36.3
Release : 1
Summary : The Red Hat Linux hardware probing tool.
Description :
Kudzu is a hardware probing tool run at system boot time to determine
what hardware has been added or removed from the system.
---------------------------------------------------------------------
Update Information:
This update reworks the network device detection in kudzu, fixing various reported bugs,
among them #108178, #111639, #112837, #120584, #120988, #122983, and #124765.
---------------------------------------------------------------------
* Tue Aug 31 2004 Bill Nottingham <notting(a)redhat.com> 1.1.36.3-1
- fix a minor memory leak
* Fri Aug 27 2004 Bill Nottingham <notting(a)redhat.com> 1.1.36.2-1
- tweak network device naming algorithm
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/
9f44b13a911b9ac76bdc6f65cabcf2d0 SRPMS/kudzu-1.1.36.3-1.src.rpm
373e542803caad82a809bee16a8240e5 x86_64/kudzu-1.1.36.3-1.x86_64.rpm
5eef263e6fb86e48f069a2c55e54a91a x86_64/kudzu-devel-1.1.36.3-1.x86_64.rpm
2ba184236f546d2737a71c8a37c0270f x86_64/debug/kudzu-debuginfo-1.1.36.3-1.x86_64.rpm
99e52ba8ed962fb0833a528e27cdb6bc i386/kudzu-1.1.36.3-1.i386.rpm
1bd6b50ac1c264b70d9cffaa0d100c42 i386/kudzu-devel-1.1.36.3-1.i386.rpm
da7c5a1a93954e2e0cde12b511ea6427 i386/debug/kudzu-debuginfo-1.1.36.3-1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
If you have not already upgraded to samba-3.0.5-2.FC2.1 (from fedora
testing), this is a seurity release, as it contains fixes for
CAN-2004-0600 and CAN-2004-0686.
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-285
2004-09-02
---------------------------------------------------------------------
Product : Fedora Core 2
Name : samba
Version : 3.0.6
Release : 2.fc2
Summary : The Samba SMB server.
Description :
Samba is the protocol by which a lot of PC-related machines share
files, printers, and other information (such as lists of available
files and printers). The Windows NT, OS/2, and Linux operating systems
support this natively, and add-on packages can enable the same thing
for DOS, Windows, VMS, UNIX of all kinds, MVS, and more. This package
provides an SMB server that can be used to provide network services to
SMB (sometimes called "Lan Manager") clients. Samba uses NetBIOS over
TCP/IP (NetBT) protocols and does NOT need the NetBEUI (Microsoft Raw
NetBIOS frame) protocol.
---------------------------------------------------------------------
* Tue Aug 31 2004 Jay Fenlason <fenlason(a)redhat.com> 3.0.6-2.fc2
- Upgrade to 3.0.6
Include the same patchset as rawhide and fc1
- Update BuildRequires
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
d5610f25b8e429f06adec8505c0d3551 SRPMS/samba-3.0.6-2.fc2.src.rpm
a364d645dbf9711e3a0cf3a2c8c2ee44 x86_64/samba-3.0.6-2.fc2.x86_64.rpm
bd5cc0032d75339b146a711d2ad7095e x86_64/samba-client-3.0.6-2.fc2.x86_64.rpm
f5627fad3aaff96e94fb59ac9c2a7710 x86_64/samba-common-3.0.6-2.fc2.x86_64.rpm
82d4646d7706257b1781115992ff81c1 x86_64/samba-swat-3.0.6-2.fc2.x86_64.rpm
20eab73da693739bf486fecdb21fd24d x86_64/debug/samba-debuginfo-3.0.6-2.fc2.x86_64.rpm
e708e83401cc6bd594d1d1e50824df8a i386/samba-3.0.6-2.fc2.i386.rpm
cd399571aa808057e3a1e16edaed2d75 i386/samba-client-3.0.6-2.fc2.i386.rpm
5d05708a289bc8b81c7efd214ad747fc i386/samba-common-3.0.6-2.fc2.i386.rpm
b5a2676fabd8da840499e33517caaa30 i386/samba-swat-3.0.6-2.fc2.i386.rpm
54a4574e0ed2e79375a7b29a16cd3f00 i386/debug/samba-debuginfo-3.0.6-2.fc2.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
If you have not updated to the 3.0.5-2.FC1.1 rpms from testing, this
is a security update, as it fixes CAN-2004-0600 and CAN-2004-0686.
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-284
2004-09-02
---------------------------------------------------------------------
Product : Fedora Core 1
Name : samba
Version : 3.0.6
Release : 2.FC1
Summary : The Samba SMB server.
Description :
Samba is the protocol by which a lot of PC-related machines share
files, printers, and other information (such as lists of available
files and printers). The Windows NT, OS/2, and Linux operating systems
support this natively, and add-on packages can enable the same thing
for DOS, Windows, VMS, UNIX of all kinds, MVS, and more. This package
provides an SMB server that can be used to provide network services to
SMB (sometimes called "Lan Manager") clients. Samba uses NetBIOS over
TCP/IP (NetBT) protocols and does NOT need the NetBEUI (Microsoft Raw
NetBIOS frame) protocol.
---------------------------------------------------------------------
* Wed Aug 25 2004 Jay Fenlason <fenlason(a)redhat.com> 3.0.6-1.FC2
- Upgade to 3.0.6
include the following patches:
samba-3.0.5rc1-passwd.patch from me. This changes the character
used in the password field of the entries generated by winbind
from a 'x' to a '*'. 'x' means something special ("password is
in /etc/shadow") to another pam module.
samba-3.0.5pre1-smbclient-kerberos.patch from
Alexander Larsson (alexl(a)redhat.com) Make kerberized smbclient
work better.
samba-3.0.5pre1-use_authtok.patch from Nalin Dahyabhai
<nalin(a)redhat.com> Fix an apparent braino in pam_winbind.c and
correct Cristian Gafton's name
samba-3.0.6-schema.patch from Gerald (Jerry) Carter <jerry(a)samba.org>
Correct the LDAP schema
samba-3.0.5rc1-64bit-timestamps.patch from Ravikumar
(rkumar(a)hp.com) to allow correct timestamp handling on 64-bit
platforms and fix #126109.
samba-3.0.4-install.mount.smbfs.patch from Juanjo Villaplana
(villapla(a)si.uji.es) to prevent building the srpm from trashing
the installed /usr/bin/smbmount
* Thu May 20 2004 Jay Fenlason <fenlason(a)redhat.com> 3.0.4-2.FC1
- include -winbind patch from Gerald (Jerry) Carter (jerry(a)samba.org)
https://bugzilla.samba.org/show_bug.cgi?id=1315
to make winbindd work against Windows versions that do not have
128 bit encryption enabled.
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/
d0352aebb980e15200389705284f59ff SRPMS/samba-3.0.6-2.FC1.src.rpm
0fce19d5f2d92c475489ff64a88f4799 x86_64/samba-3.0.6-2.FC1.x86_64.rpm
987315b19e8a2f480aeada49a324dc87 x86_64/samba-client-3.0.6-2.FC1.x86_64.rpm
1af85132be7349cdf02d7aee4a6c71b7 x86_64/samba-common-3.0.6-2.FC1.x86_64.rpm
7c1e334d6090abdcad6000bc91b7f478 x86_64/samba-swat-3.0.6-2.FC1.x86_64.rpm
f0e741704ac3253a7f72445cd3834d13 x86_64/debug/samba-debuginfo-3.0.6-2.FC1.x86_64.rpm
7b5d636df97aa289c7fbd53fb6ad040d i386/samba-3.0.6-2.FC1.i386.rpm
ac80201c92b13ac07acdf14d22c3223e i386/samba-client-3.0.6-2.FC1.i386.rpm
5ecee2d2e560b164acbe5b7708e6372c i386/samba-common-3.0.6-2.FC1.i386.rpm
8814aeed14a086e6f2f195d2017c5272 i386/samba-swat-3.0.6-2.FC1.i386.rpm
c31881d34432bd163e0f6fb1e08c2df8 i386/debug/samba-debuginfo-3.0.6-2.FC1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------