RedHat issued an advisory for Fedora 15 and 16 on April 22: http://lwn.net/Alerts/495479/ Cauldron is also affected. The solution for Cauldron is upgrading to 5.4.
CC: (none) => bgmilne
Blocks: (none) => 5046
After some troubles due to 5.4 now enabling -Werror, but not cleaning up all warnings with all warning compiler options (by disabling -Werror), 5.4 is now in svn for cauldron. Starting on the update for Mageia 1.
Status: NEW => ASSIGNED
Blocks: 5046 => (none)
Just in case you didn't see, tmb submitted the build for Cauldron but it failed: http://pkgsubmit.mageia.org/uploads/failure/cauldron/core/release/20120502164847.tmb.valstar.14153/log/cifs-utils-5.4-1.mga2/build.0.20120502164847.log The BuildRequires for the library it fails to find are already there, so this is a strange error. Maybe it's not looking in the right path for the library?
It builds like this on Mageia 1 x86_64 (with lib64wbclient-devel-3.6.5-1.mga1, since I tested the samba 3.6.5 build on this machine as well). I will try and get a cauldron VM up (or an existing one updated) today.
Mandriva has issued advisories for samba and cifs-utils for this today: http://www.mandriva.com/en/support/security/advisories/?dis=2010.1&name=MDVSA-2012:070 http://www.mandriva.com/en/support/security/advisories/?dis=2010.1&name=MDVSA-2012:069
OK, I fixed the build problem in Cauldron (thanks to mdv). Since mdv issued an update for samba as well, we might as well patch that in Mageia 1.
cifs-utils-4.8.1-1.3.mga1 is available in core/updates_testing for Mageia 1, fixing this issue: [bgmilne@tiger cifs-utils]$ rpm -q cifs-utils cifs-utils-4.8.1-1.2.mga1 [bgmilne@tiger cifs-utils]$ mount.cifs //localhost/bgmilne /root/drakx This program is not installed setuid root - "user" CIFS mounts not supported. [bgmilne@tiger cifs-utils]$ mount.cifs //localhost/bgmilne /root/doesnotexist This program is not installed setuid root - "user" CIFS mounts not supported. [bgmilne@tiger cifs-utils]$ su - root's password: [root@tiger ~]# chmod u+s /sbin/mount.cifs [root@tiger ~]# logout [bgmilne@tiger cifs-utils]$ mount.cifs //localhost/bgmilne /root/drakx mount.cifs: permission denied: no match for /root/drakx found in /etc/fstab [bgmilne@tiger cifs-utils]$ mount.cifs //localhost/bgmilne /root/doesnotexist Couldn't chdir to /root/doesnotexist: No such file or directory [bgmilne@tiger cifs-utils]$ urpmi cifs-utils-4.8.1-1.3.mga1 Running urpmi in restricted mode... installing cifs-utils-4.8.1-1.3.mga1.x86_64.rpm from //home/bgmilne/rpm/Mageia/RPMS.mga1/x86_64 Preparing... ################################################## 1/1: cifs-utils ################################################## [bgmilne@tiger cifs-utils]$ mount.cifs //localhost/bgmilne /root/drakx This program is not installed setuid root - "user" CIFS mounts not supported. [bgmilne@tiger cifs-utils]$ mount.cifs //localhost/bgmilne /root/doesnotexist This program is not installed setuid root - "user" CIFS mounts not supported. [bgmilne@tiger cifs-utils]$ su - root's password: [root@tiger ~]# chmod u+s /sbin/mount.cifs [root@tiger ~]# logout [bgmilne@tiger cifs-utils]$ mount.cifs //localhost/bgmilne /root/drakx Couldn't chdir to /root/drakx: Permission denied [bgmilne@tiger cifs-utils]$ mount.cifs //localhost/bgmilne /root/doesnotexist Couldn't chdir to /root/doesnotexist: Permission denied Remember to: # chmod u-s /sbin/mount.cifs
Patched samba package uploaded. See Comment 6 for details on cifs-utils. Advisory: ======================== Updated cifs-utils and samba packages fix security vulnerability: A file existence dislosure flaw was found in the way mount.cifs tool of the Samba SMB/CIFS tools suite performed mount of a Linux CIFS (Common Internet File System) filesystem. A local user, able to mount a remote CIFS share / target to a local directory could use this flaw to confirm (non) existence of a file system object (file, directory or process descriptor) via error messages generated during the mount.cifs tool run (CVE-2012-1586). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1586 https://bugzilla.samba.org/show_bug.cgi?id=8821 http://www.mandriva.com/en/support/security/advisories/?dis=2010.1&name=MDVSA-2012:069 http://www.mandriva.com/en/support/security/advisories/?dis=2010.1&name=MDVSA-2012:070 ======================== Updated packages in core/updates_testing: ======================== cifs-utils-4.8.1-1.3.mga1 samba-server-3.5.8-1.4.mga1 samba-client-3.5.8-1.4.mga1 samba-common-3.5.8-1.4.mga1 samba-doc-3.5.8-1.4.mga1 samba-swat-3.5.8-1.4.mga1 samba-winbind-3.5.8-1.4.mga1 nss_wins-3.5.8-1.4.mga1 libsmbclient0-3.5.8-1.4.mga1 libsmbclient0-devel-3.5.8-1.4.mga1 libsmbclient0-static-devel-3.5.8-1.4.mga1 libnetapi0-3.5.8-1.4.mga1 libnetapi-devel-3.5.8-1.4.mga1 libsmbsharemodes0-3.5.8-1.4.mga1 libsmbsharemodes-devel-3.5.8-1.4.mga1 libwbclient0-3.5.8-1.4.mga1 libwbclient-devel-3.5.8-1.4.mga1 mount-cifs-3.5.8-1.4.mga1 samba-domainjoin-gui-3.5.8-1.4.mga1 from SRPMS: cifs-utils-4.8.1-1.3.mga1.src.rpm samba-3.5.8-1.4.mga1.src.rpm
Assignee: bugsquad => qa-bugs
Thanks Buchan for the procedure. Confirmed the problem and fix mga1 32
Hardware: i586 => AllWhiteboard: (none) => mga1-32-OK
Confirmed the problem and fix mga1 64 Validating Please see comment 7 for advisory and srpm Could sysadmin please push from core/updates_testing to core/updates Thanks!
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugsWhiteboard: mga1-32-OK => mga1-32-OK mga1-64-OK
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0162
Status: ASSIGNED => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED