Upstream has issued advisories today (March 8): https://www.samba.org/samba/security/CVE-2015-7560.html https://www.samba.org/samba/security/CVE-2016-0771.html CVE-2016-0771 only affects Samba 4 (Cauldron) and is fixed in 4.3.6. CVE-2015-7560 also affects Mageia 5 and is also fixed in 4.3.6. Ubuntu has issued an advisory for this today (March 8): http://www.ubuntu.com/usn/usn-2922-1/ Patch from Ubuntu added to the Mageia 5 package to fix CVE-2015-7560. Advisory: ======================== Updated samba packages fix security vulnerability: Jeremy Allison discovered that Samba incorrectly handled ACLs on symlink paths. A remote attacker could use this issue to overwrite the ownership of ACLs using symlinks (CVE-2015-7560). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560 https://www.samba.org/samba/security/CVE-2015-7560.html http://www.ubuntu.com/usn/usn-2922-1 ======================== Updated packages in core/updates_testing: ======================== samba-server-3.6.25-2.2.mga5 samba-client-3.6.25-2.2.mga5 samba-common-3.6.25-2.2.mga5 samba-doc-3.6.25-2.2.mga5 samba-swat-3.6.25-2.2.mga5 samba-winbind-3.6.25-2.2.mga5 nss_wins-3.6.25-2.2.mga5 libsmbclient0-3.6.25-2.2.mga5 libsmbclient0-devel-3.6.25-2.2.mga5 libsmbclient0-static-devel-3.6.25-2.2.mga5 libnetapi0-3.6.25-2.2.mga5 libnetapi-devel-3.6.25-2.2.mga5 libsmbsharemodes0-3.6.25-2.2.mga5 libsmbsharemodes-devel-3.6.25-2.2.mga5 libwbclient0-3.6.25-2.2.mga5 libwbclient-devel-3.6.25-2.2.mga5 samba-virusfilter-clamav-3.6.25-2.2.mga5 samba-virusfilter-fsecure-3.6.25-2.2.mga5 samba-virusfilter-sophos-3.6.25-2.2.mga5 samba-domainjoin-gui-3.6.25-2.2.mga5 from samba-3.6.25-2.2.mga5.src.rpm
URL: (none) => http://lwn.net/Vulnerabilities/679264/
[root@localhost brian]# urpmi samba-server Package samba-server-3.6.25-2.2.mga5.i586 is already installed Package samba-virusfilter-clamav-3.6.25-2.2.mga5.i586 is already installed Package samba-virusfilter-fsecure-3.6.25-2.2.mga5.i586 is already installed Package samba-client-3.6.25-2.2.mga5.i586 is already installed [root@localhost brian]# uname -a Linux localhost 4.1.15-desktop-2.mga5 #1 SMP Wed Jan 20 17:37:30 UTC 2016 i686 i686 i686 GNU/Linux I installed the various modules. Configured the samba-server and was able to transfer files from windows box. not extensive testing obviously, but services are running and it is moving files.
CC: (none) => brtians1
Whiteboard: (none) => MGA5-32-OK
Been a while since I've tested samba. Trying to start smb.service is failing with smbd: error while loading shared libraries: libreplace-samba4.so: cannot open shared object file: No such file or directory
CC: (none) => davidwhodgins
I should add, this is on Mageia 5 x86_64
Whiteboard: MGA5-32-OK => MGA5-32-OK feedback
Dave, you installed samba4 packages from updates_testing that were never assigned to QA and have since been removed. You need to remove those and actually install this update.
Whiteboard: MGA5-32-OK feedback => MGA5-32-OK
I missed reverting the lib64smbclient0 and lib64wbclient0. Fixed now, thanks. Validating the update.
Keywords: (none) => validated_updateWhiteboard: MGA5-32-OK => MGA5-32-OK MGA6-64-OK advisoryCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0106.html
Status: NEW => RESOLVEDResolution: (none) => FIXED