[SECURITY] Fedora 11 Update: samba-3.4.2-0.42.fc11

Sat Oct 3 18:59:38 UTC 2009

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-10180
2009-10-03 17:52:42
--------------------------------------------------------------------------------

Name        : samba
Product     : Fedora 11
Version     : 3.4.2
Release     : 0.42.fc11
URL         : http://www.samba.org/
Summary     : Server and Client software to interoperate with Windows machines
Description :

Samba is the suite of programs by which a lot of PC-related machines
share files, printers, and other information (such as lists of
available files and printers). The Windows NT, OS/2, and Linux
operating systems support this natively, and add-on packages can
enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS,
and more. This package provides an SMB/CIFS server that can be used to
provide network services to SMB/CIFS clients.
Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT
need the NetBEUI (Microsoft Raw NetBIOS frame) protocol.

--------------------------------------------------------------------------------
Update Information:

Security Release, fixes CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct  1 2009 Guenther Deschner <gdeschner at redhat.com> - 3.4.2-0.42
- Update to 3.4.2
- Security Release, fixes CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906
* Wed Sep  9 2009 Guenther Deschner <gdeschner at redhat.com> - 3.4.1.0-41
- Update to 3.4.1
* Fri Jul 17 2009 Guenther Deschner <gdeschner at redhat.com> - 3.4.0-0.40
- Fix Bug #6551 (vuid and tid not set in sessionsetupX and tconX)
- Specify required talloc and tdb version for BuildRequires
* Wed Jul 15 2009 Guenther Deschner <gdeschner at redhat.com> - 3.4.0-0.39
- Update to 3.4.0
- resolves: #510558
* Fri Jun 19 2009 Guenther Deschner <gdeschner at redhat.com> - 3.3.5-0.38
- Fix password expiry calculation in pam_winbind
* Tue Jun 16 2009 Guenther Deschner <gdeschner at redhat.com> - 3.3.5-0.37
- Update to 3.3.5
* Wed Apr 29 2009 Guenther Deschner <gdeschner at redhat.com> - 3.3.4-0.36
- Update to 3.3.4
* Mon Apr 20 2009 Guenther Deschner <gdeschner at redhat.com> - 3.3.3-0.35
- Enable build of idmap_tdb2 for clustered setups
* Wed Apr  1 2009 Guenther Deschner <gdeschner at redhat.com> - 3.3.3-0.34
- Update to 3.3.3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #523752 - CVE-2009-2813 Samba: Share restriction bypass via home-less directory user account(s)
        https://bugzilla.redhat.com/show_bug.cgi?id=523752
  [ 2 ] Bug #526074 - CVE-2009-2948 samba: information disclosure in suid mount.cifs
        https://bugzilla.redhat.com/show_bug.cgi?id=526074
  [ 3 ] Bug #526645 - CVE-2009-2906 samba: infinite loop flaw in smbd on unexpected oplock break notification reply
        https://bugzilla.redhat.com/show_bug.cgi?id=526645
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update samba' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------