: Log in!

メインメニュー
Google


ウェブ 検索
サイト内検索
トップ  >  Linux09歩  >  2009-10-03 openssh,sambaのupdate

20091003 openssh-5.3p1にupdateしました

configファイルの変更点 5.2p1 → 5.3p1

・sshd_config,ssh_configの変更はありません

Changelog

・opensshサイトのChangelogを参照してください



20091003 samba-3.4.2にupdateしました

smb.confの変更

・デフォルトのsmb.confの変更はありません

Release Notes for Samba 3.4.2 October 1, 2009


This is a security release in order to address
CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906.

o CVE-2009-2813:
In all versions of Samba later than 3.0.11, connecting to the home
share of a user will use the root of the filesystem
as the home directory if this user is misconfigured to have
an empty home directory in /étc/passwd.

o CVE-2009-2948:
If mount.cifs is installed as a setuid program, a user can pass it a
credential or password path to which he or she does not have access and
then use the --verbose option to view the first line of that file.
All known Samba versions are affected.

o CVE-2009-2906:
Specially crafted SMB requests on authenticated SMB connections can
send smbd into a 100% CPU loop, causing a DoS on the Samba server.


投票数:73 平均点:4.25
前
2009-10-01 modsecurityのupdate
カテゴリートップ
Linux09歩
次
2009-10-06 httpd(apache)のupdate