A CVE was allocated for a security issue fixed upstream on December 2: http://openwall.com/lists/oss-security/2013/12/03/5 The patch was obtained from the upstream bug: https://bugzilla.samba.org/show_bug.cgi?id=10300 https://attachments.samba.org/attachment.cgi?id=9499 Fixed in samba-3.6.21-2.mga4 for Cauldron. Patch added in Mageia 3 SVN. RedHat has rated it as low severity and hasn't taken any action on it yet: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6150 Upstream also hasn't issued new versions with the fix yet (though the fix is committed in the various branches), so maybe we don't need to push this yet. Reproducible: Steps to Reproduce:
Debian has issued an advisory today (December 9): http://www.debian.org/security/2013/dsa-2812 This fixes an additional issue, CVE-2013-4408. RedHat has rated it as a high severity issue: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4408 Patched packages uploaded for Mageia 3 and Cauldron. Advisory: ======================== Updated samba packages fix security vulnerabilities: Samba before 3.6.22 incorrectly allows login from authenticated users if the require_membership_of parameter of pam_winbind specifies only invalid group names (CVE-2012-6150). It was discovered that multiple buffer overflows in the processing of DCE-RPC packets may lead to the execution of arbitrary code (CVE-2013-4408). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6150 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408 http://www.samba.org/samba/security/CVE-2012-6150 http://www.samba.org/samba/security/CVE-2013-4408 http://www.debian.org/security/2013/dsa-2812 ======================== Updated packages in core/updates_testing: ======================== samba-server-3.6.15-1.3.mga3 samba-client-3.6.15-1.3.mga3 samba-common-3.6.15-1.3.mga3 samba-doc-3.6.15-1.3.mga3 samba-swat-3.6.15-1.3.mga3 samba-winbind-3.6.15-1.3.mga3 nss_wins-3.6.15-1.3.mga3 libsmbclient0-3.6.15-1.3.mga3 libsmbclient0-devel-3.6.15-1.3.mga3 libsmbclient0-static-devel-3.6.15-1.3.mga3 libnetapi0-3.6.15-1.3.mga3 libnetapi-devel-3.6.15-1.3.mga3 libsmbsharemodes0-3.6.15-1.3.mga3 libsmbsharemodes-devel-3.6.15-1.3.mga3 libwbclient0-3.6.15-1.3.mga3 libwbclient-devel-3.6.15-1.3.mga3 samba-virusfilter-clamav-3.6.15-1.3.mga3 samba-virusfilter-fsecure-3.6.15-1.3.mga3 samba-virusfilter-sophos-3.6.15-1.3.mga3 samba-domainjoin-gui-3.6.15-1.3.mga3 from samba-3.6.15-1.3.mga3.src.rpm
URL: (none) => http://lwn.net/Vulnerabilities/576257/Assignee: bugsquad => qa-bugsSummary: samba new security issue CVE-2012-6150 => samba new security issues CVE-2012-6150 and CVE-2013-4408Severity: normal => critical
Ubuntu has issued an advisory for this today (December 11): http://www.ubuntu.com/usn/usn-2054-1/ LWN reference for CVE-2012-6150: http://lwn.net/Vulnerabilities/576621/
Testing complete mga3 32 & 64 Mounted a share in each direction. Advisory uploaded. Validating. Could sysadmin please push from 3 core/updates_testing to updates Thanks!
Keywords: (none) => validated_updateWhiteboard: (none) => advisory mga3-32-ok mga3-64-okCC: (none) => sysadmin-bugs
Update pushed: http://advisories.mageia.org/MGASA-2013-0369.html
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED