[SECURITY] Fedora 19 Update: cifs-utils-6.3-2.fc19

updates at fedoraproject.org updates at fedoraproject.org
Tue Jun 10 03:14:33 UTC 2014

Fedora Update Notification
2014-05-06 20:42:43

Name        : cifs-utils
Product     : Fedora 19
Version     : 6.3
Release     : 2.fc19
URL         : http://linux-cifs.samba.org/cifs-utils/
Summary     : Utilities for mounting and managing CIFS mounts
Description :
The SMB/CIFS protocol is a standard file sharing protocol widely deployed
on Microsoft Windows machines. This package contains tools for mounting
shares on Linux using the SMB/CIFS protocol. The tools in this package
work in conjunction with support in the kernel to allow one to mount a
SMB/CIFS share onto a client and use it as if it were a standard Linux
file system.

Update Information:

Update to the latest available sources upstream. The included bug fixes fix a stack overflow issue in pam_cifscreds and also add better error handling to functions used by pam_cifscreds.

* Tue May  6 2014 Sachin Prabhu <sprabhu at redhat.com> 6.3-2
- autoconf: allow PAM security install directory to be configurable
- cifs: use krb5_kt_default() to determine default keytab location
- cifskey: better use snprintf()
- cifscreds: better error handling when key_search fails
- cifscreds: better error handling for key_add
* Thu Jan  9 2014 Jeff Layton <jlayton at redhat.com> 6.3-1
- update to 6.3 release
* Fri Dec 13 2013 Jeff Layton <jlayton at redhat.com> 6.2-5
- fix linking of wbclient
- add pam_cifscreds module and manpage
* Mon Oct 14 2013 Jeff Layton <jlayton at redhat.com> 6.2-4
- fix use-after-free in asn1_write
* Fri Oct 11 2013 Jeff Layton <jlayton at redhat.com> 6.2-3
- fixes for bugs reported by coverity:
- update bad bit shift patch with one that patches getcifsacl.c too
- remove some dead code from getcifsacl.c, asn1.c, and data_blob.c
- fix bad handling of allocated memory in del_mtab in mount.cifs.c
* Wed Oct  9 2013 Jeff Layton <jlayton at redhat.com> 6.2-2
- fix bad bit shift in setcifsacl.c
* Fri Oct  4 2013 Jeff Layton <jlayton at redhat.com> 6.2-1
- update to 6.2 release
* Sat Aug  3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 6.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Mon Jul 15 2013 Jeff Layton <jlayton at redhat.com> 6.1-3
- allow setcifsacl to work if plugin can't be loaded (bz#984087)
* Mon Jul 15 2013 Jeff Layton <jlayton at redhat.com> 6.1-2
- Convert idmapping plugin symlink to use alternatives system (bz#984088)
* Tue Jul  2 2013 Jeff Layton <jlayton at redhat.com> 6.1-1
- update to 6.1 release

  [ 1 ] Bug #1086226 - cifs-utils: stack-based buffer overflow flaw in pam_cifscreds [fedora-all]

This update can be installed with the "yum" update program.  Use
su -c 'yum update cifs-utils' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at

More information about the package-announce mailing list