Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Slackware Local Security Checks >> SSA-2006-200-01 Samba 2.0.23 repackaged


Vulnerability Assessment Details

SSA-2006-200-01 Samba 2.0.23 repackaged

Vulnerability Assessment Summary
SSA-2006-200-01 Samba 2.0.23 repackaged

Detailed Explanation for this Vulnerability Assessment

New Samba packages are available for Slackware 10.0, 10.1, 10.2,
and -current.

In Slackware 10.0, 10.1, and 10.2, Samba was evidently picking up
the libdm.so.0 library causing a Samba package issued primarily as
a security patch to suddenly require a library that would only be
present on the machine if the xfsprogs package (from the A series
but marked "optional") was installed. Sorry -- this was not
intentional, though I do know that I'm taking the chance of this
kind of issue when trying to get security related problems fixed
quickly (hopefully balanced with reasonable testing), and when the
fix is achieved by upgrading to a new version rather than with the
smallest patch possible to fix the known issue. However, I tend
to trust that by following upstream sources as much as possible
I'm also fixing some problems that aren't yet public.

So, all of the the 10.0, 10.1, and 10.2 packages have been rebuilt
on systems without the dm library, and should be able to directly
upgrade older samba packages without additional requirements.
Well, unless they are also under /patches.
-)

All the packages (including -current) have been patched with a
fix from Samba's CVS for some reported problems with winbind.
Thanks to Mikhail Kshevetskiy for pointing me to the patch.

I realize these packages don't really fix security issues, but
they do fix security patch packages that are less than a couple
of days old, so it seems prudent to notify slackware-security
(and any subscribed lists) again. Sorry if it's noise...




Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2006 Michel Arboi

Cables, Connectors


Genuine OEM Apple USB-C to MagSafe 3 Cable (2 m) 2 Meter - MLYV3AM/A picture

Genuine OEM Apple USB-C to MagSafe 3 Cable (2 m) 2 Meter - MLYV3AM/A

$29.95



Original OEM 60W MagSafe1 AC Power Adapter for APPLE 13

Original OEM 60W MagSafe1 AC Power Adapter for APPLE 13" MACBOOK PRO A1344 Used

$22.75



Apple MagSafe Power Adapter MacBook Pro Original Charger 60W / 85W L - Tip OEM picture

Apple MagSafe Power Adapter MacBook Pro Original Charger 60W / 85W L - Tip OEM

$27.95



New Genuine Original OEM APPLE Lightning USB Cable for iPad Pro 12.9

New Genuine Original OEM APPLE Lightning USB Cable for iPad Pro 12.9" 10.5" 9.7"

$8.95



OEM Genuine 61W USB-C Power Adapter for MacBook Pro with 2m USB-C to USB-C Cable picture

OEM Genuine 61W USB-C Power Adapter for MacBook Pro with 2m USB-C to USB-C Cable

$24.99



NEW Black Apple Logo Sticker Decal - Genuine OEM - Includes 2 Stickers - Large picture

NEW Black Apple Logo Sticker Decal - Genuine OEM - Includes 2 Stickers - Large

$4.00



NEW White Apple Logo Sticker Decal - Genuine OEM - Includes 2 Stickers - Large picture

NEW White Apple Logo Sticker Decal - Genuine OEM - Includes 2 Stickers - Large

$0.99



**BRAND NEW** Original OEM Apple Smart Cover for 10.5

**BRAND NEW** Original OEM Apple Smart Cover for 10.5" iPad 9th generation

$12.99



Apple Original USB-C to MagSafe 3 Cable for Macbook Pro OEM White MLYV3AM/A ✅ picture

Apple Original USB-C to MagSafe 3 Cable for Macbook Pro OEM White MLYV3AM/A ✅

$34.95



New 61W USB C Charger for 2016-2019 MacBook Pro 13

New 61W USB C Charger for 2016-2019 MacBook Pro 13" Power Supply Adapter OEM

$26.99



Discussions

No Discussions have been posted on this vulnerability.