|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Slackware Local Security Checks >> SSA-2006-200-01 Samba 2.0.23 repackaged Vulnerability Assessment Details
|
SSA-2006-200-01 Samba 2.0.23 repackaged |
||
SSA-2006-200-01 Samba 2.0.23 repackaged Detailed Explanation for this Vulnerability Assessment New Samba packages are available for Slackware 10.0, 10.1, 10.2, and -current. In Slackware 10.0, 10.1, and 10.2, Samba was evidently picking up the libdm.so.0 library causing a Samba package issued primarily as a security patch to suddenly require a library that would only be present on the machine if the xfsprogs package (from the A series but marked "optional") was installed. Sorry -- this was not intentional, though I do know that I'm taking the chance of this kind of issue when trying to get security related problems fixed quickly (hopefully balanced with reasonable testing), and when the fix is achieved by upgrading to a new version rather than with the smallest patch possible to fix the known issue. However, I tend to trust that by following upstream sources as much as possible I'm also fixing some problems that aren't yet public. So, all of the the 10.0, 10.1, and 10.2 packages have been rebuilt on systems without the dm library, and should be able to directly upgrade older samba packages without additional requirements. Well, unless they are also under /patches. -) All the packages (including -current) have been patched with a fix from Samba's CVS for some reported problems with winbind. Thanks to Mikhail Kshevetskiy for pointing me to the patch. I realize these packages don't really fix security issues, but they do fix security patch packages that are less than a couple of days old, so it seems prudent to notify slackware-security (and any subscribed lists) again. Sorry if it's noise... Networks Security ID: Vulnerability Assessment Copyright: This script is Copyright (C) 2006 Michel Arboi |
||
Cables, Connectors |
ASUS H110M-R Motherboard Intel 6th/7th Gen LGA1151 DDR4 Micro-ATX i/o shield
$42.00
MSI B450M-A PRO MAX II AM4 AMD B450 SATA 6Gb/s Micro ATX Motherboard
$69.99
ASROCK Micro ATX Motherboard B250M PRO4 Chipset Intel 250, DDR4, LGA 1151
$64.99
Asrock Z390 Phantom Gaming 4S/AC Wifi 8th/9th Gen Intel 1151 Motherboard Bulk
$99.00
MSI MAG Z590 TOMAHAWK WIFI Intel LGA1200 PCIE 4.0 WiFi 6E ATX Motherboard
$119.99
Gigabyte Ultra Durable B550 GAMING X V2 Desktop Motherboard
$99.99
ASUS H110M-C LGA 1151 DDR4 SDRAM MSIP-REM-MSQ-H110M-C Desktop Motherboard
$43.95
MSI A520M-A PRO AM4 AMD A520 USB3.2 Gen1 Micro-ATX Motherboard
$59.99
Asus X99-A II Foxconn LGA2011 ATX Motherboard - Motherboard Only
$112.50
GIGABYTE MB10-Datto Motherboard Xeon D-1521- SR2DF 2.40 GHz- Open Box
$121.50
|
||
No Discussions have been posted on this vulnerability. |