Samba security Update

by Arne Fitzenreiter, February 28, 2011

Do you like what you are reading? Subscribe to our newsletter and don't miss out on the latest...   Join Now

The Samba team has released a security Update to version 3.5.7
it is currently in testing and soon also in normal pakfire tree.
Please update as soon as possible.


Release Notes for Samba 3.5.7
February 28, 2011

This is a security release in order to address CVE-2011-0719.

o CVE-2011-0719: All current released versions of Samba are vulnerable to a denial of service caused by memory corruption. Range checks on file descriptors being used in the FD_SET macro were not present allowing stack corruption. This can cause the Samba code to crash or to loop attempting to select on a bad file descriptor set.

Changes since 3.5.6:

o Jeremy Allison * BUG 7949: Fix DoS in Winbind and smbd with many file descriptors open.