Saturday, November 17, 2007

Security Update : Samba

Slackware security team has released an update for Samba package to fix security problems. This package has been released for 10.1 and above (up to -Current). Here's the latest -Current changelog
Fri Nov 16 17:22:18 CST 2007
n/samba-3.0.27-i486-1.tgz:
Upgraded to samba-3.0.27.
Samba 3.0.27 is a security release in order to address a stack buffer overflow in nmbd's logon request processing, and remote code execution in Samba's WINS server daemon (nmbd) when processing name registration followed name query requests.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398
(* Security fix *)