: Log in!

メインメニュー
Google


ウェブ 検索
サイト内検索
トップ  >  Linux13歩  >  2013-08-06 sambaのupdate
20130806 samba-3.6.17にupdateしました


Release Notes for Samba 3.6.17 August 05, 2013

This is a security release in order to address
CVE-2013-4124 (Missing integer wrap protection in EA list reading can cause
server to loop with DOS).

. CVE-2013-4124:
  All current released versions of Samba are vulnerable to a denial of
  service on an authenticated or guest connection. A malformed packet
  can cause the smbd server to loop the CPU performing memory
  allocations and preventing any further service.

  A connection to a file share, or a local account is needed to exploit
  this problem, either authenticated or unauthenticated if guest
  connections are allowed.

  This flaw is not exploitable beyond causing the code to loop
  allocating memory, which may cause the machine to exceed memory
  limits.


Changes since 3.6.16:
---------------------

. Jeremy Allison <jra at samba.org>
  * BUG 10010: CVE-2013-4124: Missing integer wrap protection in EA list
  reading can cause server to loop with DOS.
投票数:34 平均点:4.71
前
2013-08-06 dovecotのupdate
カテゴリートップ
Linux13歩
次
2013-08-07 iptablesのupdate