[SECURITY] Fedora 16 Update: samba4-4.0.0-39.alpha16.fc16

updates at fedoraproject.org updates at fedoraproject.org
Tue Feb 5 03:11:28 UTC 2013


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-0935
2013-01-18 19:33:42
--------------------------------------------------------------------------------

Name        : samba4
Product     : Fedora 16
Version     : 4.0.0
Release     : 39.alpha16.fc16
URL         : http://www.samba.org/
Summary     : The Samba4 CIFS and AD client and server suite
Description :

Samba 4 is the ambitious next version of the Samba suite that is being
developed in parallel to the stable 3.0 series. The main emphasis in
this branch is support for the Active Directory logon protocols used
by Windows 2000 and above.

--------------------------------------------------------------------------------
Update Information:

Security update for CVE-2013-0172.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 16 2013 - Andreas Schneider <asn at redhat.com> - 4.0.0-39.alpha16
- Fixes CVE-2013-0172.
* Fri Apr 13 2012 Andreas Schneider <asn at redhat.com> - 4.0.0-38.alpha16
- Fixes CVE-2012-1182.
- Fix build with new talloc in F16.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #895631 - CVE-2013-0172 samba4: may provide authenticated users with write access to LDAP directory objects when used as an AD DC
        https://bugzilla.redhat.com/show_bug.cgi?id=895631
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update samba4' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list