[SECURITY] Fedora 16 Update: samba-3.6.12-1.fc16

updates at fedoraproject.org updates at fedoraproject.org
Tue Feb 12 05:03:06 UTC 2013


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-1716
2013-02-01 15:49:01
--------------------------------------------------------------------------------

Name        : samba
Product     : Fedora 16
Version     : 3.6.12
Release     : 1.fc16
URL         : http://www.samba.org/
Summary     : Server and Client software to interoperate with Windows machines
Description :

Samba is the suite of programs by which a lot of PC-related machines
share files, printers, and other information (such as lists of
available files and printers). The Windows NT, OS/2, and Linux
operating systems support this natively, and add-on packages can
enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS,
and more. This package provides an SMB/CIFS server that can be used to
provide network services to SMB/CIFS clients.
Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT
need the NetBEUI (Microsoft Raw NetBIOS frame) protocol.

--------------------------------------------------------------------------------
Update Information:

Update to 3.6.12 which fixes CVE-2013-0213 and CVE-2013-0214.
Update to 3.6.10.
Fix printing upgrade code.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 31 2013 - Andreas Schneider <asn at redhat.com> - 2:3.6.12-1
- Update to 3.6.12
- Fixes CVE-2013-0213 and CVE-2013-0214.
- resolves: #905700
- resolves: #906002
- resolves: #905704
* Mon Dec 10 2012 Guenther Deschner <gdeschner at redhat.com> - 2:3.6.10-94
- Update to 3.6.10
* Fri Nov  9 2012 Guenther Deschner <gdeschner at redhat.com> - 2:3.6.9-93
- Update to 3.6.9
* Fri Oct 26 2012 - Andreas Schneider <asn at redhat.com> -2:3.6.8-92
- Fix pam_winbind segfault in pam_sm_authenticate().
- resolves: #870493
* Mon Sep 17 2012 Guenther Deschner <gdeschner at redhat.com> - 2:3.6.8-91
- Update to 3.6.8
* Mon Aug 20 2012 Guenther Deschner <gdeschner at redhat.com> - 2:3.6.7-90
- Update to 3.6.7
* Thu Jul 19 2012 Guenther Deschner <gdeschner at redhat.com> - 2:3.6.6-89
- Fix printing tdb upgrade for 3.6.6
- resolves: #841609
* Tue Jun 26 2012 Guenther Deschner <gdeschner at redhat.com> - 2:3.6.6-88
- Update to 3.6.6
* Tue May 15 2012 Andreas Schneider <asn at redhat.com> - 1:3.6.5-87
- Move tmpfiles.d config to common package as it is needed for smbd and
  winbind.
- Make sure tmpfiles get created after installation.
* Wed May  9 2012 Guenther Deschner <gdeschner at redhat.com> - 1:3.6.5-86
- Correctly use system iniparser library
* Mon Apr 30 2012 Guenther Deschner <gdeschner at redhat.com> - 1:3.6.5-85
- Security Release, fixes CVE-2012-2111
- resolves: #817551
* Mon Apr 23 2012 Andreas Schneider <asn at redhat.com> - 1:3.6.4-84
- Fix creation of /var/run/samba.
- resolves: #751625
* Fri Apr 20 2012 Guenther Deschner <gdeschner at redhat.com> - 1:3.6.4-83
- Avoid private krb5_locate_kdc usage
- resolves: #754783
* Thu Apr 12 2012 Jon Ciesla <limburgher at gmail.com> - 1:3.6.4-82
- Update to 3.6.4
- Fixes CVE-2012-1182
* Mon Mar 19 2012 Andreas Schneider <asn at redhat.com> - 1:3.6.3-81
- Fix provides for of libwclient-devel for samba-winbind-devel.
* Thu Feb 23 2012 Andreas Schneider <asn at redhat.com> - 1:3.6.3-80
- Add commented out 'max protocol' to the default config.
* Mon Feb 13 2012 Andreas Schneider <asn at redhat.com> - 1:3.6.3-79
- Create a libwbclient package.
- Replace winbind-devel with libwbclient-devel package.
* Mon Jan 30 2012 Andreas Schneider <asn at redhat.com> - 1:3.6.3-78
- Update to 3.6.3
- Fixes CVE-2012-0817
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1:3.6.1-77.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Mon Dec  5 2011 Andreas Schneider <asn at redhat.com> - 1:3.6.1-77
- Fix winbind cache upgrade.
- resolves: #760137
* Fri Nov 18 2011 Andreas Schneider <asn at redhat.com> - 1:3.6.1-76
- Fix piddir to match with systemd files.
- Fix crash bug in the debug system.
- resolves: #754525
* Fri Nov  4 2011 Andreas Schneider <asn at redhat.com> - 1:3.6.1-75
- Fix systemd dependencies
- resolves: #751397
* Wed Oct 26 2011 Andreas Schneider <asn at redhat.com> - 1:3.6.1-74
- Update to 3.6.1
* Tue Oct  4 2011 Guenther Deschner <gdeschner at redhat.com> - 1:3.6.0-73
- Fix nmbd startup
- resolves: #741630
* Tue Sep 20 2011 Tom Callaway <spot at fedoraproject.org> - 1:3.6.0-72
- convert to systemd
- restore epoch from f15
* Sat Aug 13 2011 Guenther Deschner <gdeschner at redhat.com> - 3.6.0-71
- Update to 3.6.0 final
* Sun Jul 31 2011 Guenther Deschner <gdeschner at redhat.com> - 3.6.0rc3-70
- Update to 3.6.0rc3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #905700 - CVE-2013-0213 samba: clickjacking vulnerability in SWAT
        https://bugzilla.redhat.com/show_bug.cgi?id=905700
  [ 2 ] Bug #905704 - CVE-2013-0214 samba: cross-site request forgery vulnerability in SWAT
        https://bugzilla.redhat.com/show_bug.cgi?id=905704
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update samba' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list