This affect versions in Mageia 1 and cauldron : https://www.samba.org/samba/security/CVE-2012-1182
samba-3.5.8-1.2.mga1 was submitted to updates_testing for 1 samba-3.6.4 for Cauldron needs to go through version freeze
CC: (none) => pterjanAssignee: bgmilne => qa-bugs
Advisory: ======================== Updated samba packages fix security vulnerability: A flaw in the Samba suite's Perl-based DCE/RPC IDL (PIDL) compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon (smbd) to crash or, possibly, execute arbitrary code with the privileges of the root user (CVE-2012-1182). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 https://www.samba.org/samba/security/CVE-2012-1182 https://rhn.redhat.com/errata/RHSA-2012-0465.html ======================== Updated packages in core/updates_testing: ======================== samba-server-3.5.8-1.2.mga1 samba-client-3.5.8-1.2.mga1 samba-common-3.5.8-1.2.mga1 samba-doc-3.5.8-1.2.mga1 samba-swat-3.5.8-1.2.mga1 samba-winbind-3.5.8-1.2.mga1 nss_wins-3.5.8-1.2.mga1 libsmbclient0-3.5.8-1.2.mga1 libsmbclient0-devel-3.5.8-1.2.mga1 libsmbclient0-static-devel-3.5.8-1.2.mga1 libnetapi0-3.5.8-1.2.mga1 libnetapi-devel-3.5.8-1.2.mga1 libsmbsharemodes0-3.5.8-1.2.mga1 libsmbsharemodes-devel-3.5.8-1.2.mga1 libwbclient0-3.5.8-1.2.mga1 libwbclient-devel-3.5.8-1.2.mga1 mount-cifs-3.5.8-1.2.mga1 samba-domainjoin-gui-3.5.8-1.2.mga1 from samba-3.5.8-1.2.mga1.src.rpm
CC: (none) => luigiwalser
Testing complete on i586 for the srpm samba-3.5.8-1.2.mga1.src.rpm Successfully accessed a share from my host system using the lxde file manager in a VirtualBox guest with both the host and the server using the updates, with the url smb://MYWORKGROUP;dave@192.168.10.101/homes 192.168.10.101 is the ip of the host.
CC: (none) => davidwhodgins
Just fyi, I also managed to add the share permanently following https://wiki.ubuntu.com/MountWindowsSharesPermanently
Testing with the network of my university, sharing file between some laptops. OK Suggested Advisory: ------------- Updated samba packages fix security vulnerability: A flaw in the Samba suite's Perl-based DCE/RPC IDL (PIDL) compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon (smbd) to crash or, possibly, execute arbitrary code with the privileges of the root user (CVE-2012-1182). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 https://www.samba.org/samba/security/CVE-2012-1182 https://rhn.redhat.com/errata/RHSA-2012-0465.html https://bugs.mageia.org/show_bug.cgi?id=5336 ------------- SRPM: samba-3.5.8-1.2.mga1.src.rpm Could sysadmin please push from core/updates_testing to core/updates Thankyou!
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Confirmed validated on x86_64
CC: (none) => derekjenn
Update pushed.
Status: NEW => RESOLVEDResolution: (none) => FIXED
*** Bug 5353 has been marked as a duplicate of this bug. ***
CC: (none) => marja11