Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

4.279. samba

Updated samba packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6; Red Hat Enterprise Linux 5.3 Long Life; and Red Hat Enterprise Linux 5.6, 6.0 and 6.1 Extended Update Support.
The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) associated with each description below.
Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information.

Security Fix

CVE-2012-1182
A flaw in the Samba suite's Perl-based DCE/RPC IDL (PIDL) compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon (smbd) to crash or, possibly, execute arbitrary code with the privileges of the root user.
Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing this update, the smb service will be restarted automatically.
Updated samba3x and samba packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6 respectively.
The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link(s) associated with each description below.
Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information.

Security Fix

CVE-2012-2111
A flaw was found in the way Samba handled certain Local Security Authority (LSA) Remote Procedure Calls (RPC). An authenticated user could use this flaw to issue an RPC call that would modify the privileges database on the Samba server, allowing them to steal the ownership of files and directories that are being shared by the Samba server, and create, delete, and modify user accounts, as well as other Samba server administration tasks.
Red Hat would like to thank the Samba project for reporting this issue. Upstream acknowledges Ivano Cristofolini as the original reporter.
Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing this update, the smb service will be restarted automatically.
Updated samba packages that fix multiple bugs are now available for Red Hat Enterprise Linux 6.
Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information (such as lists of available files and printers).
BZ#713570
Previously, Samba did not correctly create user principal names for trusted domain users. As a result, joining Samba to a Windows domain using an account from a trusted domain did not work. With this update, composing the user principal name for Kerberos authentication has been fixed so that the bug no longer occurs.
BZ#709617
Previously, printers controlled by the Common Unix Printing System (CUPS) and shared by a Samba server did not display the information on "location", which was controlled by the CUPS server, on Windows clients. With this update, the bug has been fixed so that the information on "location" is now correctly displayed on Windows clients.
BZ#719355
Previously, Samba did not correctly support clients with plain text passwords. As a result, Windows clients were unable to connect to Samba with plain text passwords. With this update, Samba support for plain text passwords has been fixed.
BZ#703393
Previously, when a paper format on a Samba shared printer was selected from a Windows client, this selection was not saved properly on the Samba server. As a result, changing printer properties had no effect. With this update, the bug has been fixed so that the printer properties are now saved, as expected.
BZ#725281
Previously, in certain environments with many users, the pam_winbind module stopped operating. As a result, there were failures encountered if users attempted to log in. With this update, the bug has been fixed so that pam_winbind now works, as expected.
BZ#741934
Previously, Winbind did not recover from network connection failures after an unsuccessful user authentication. As a result, Winbind had to be restarted for users to be able to retry the authentication process. With this update, the bug has been fixed so that users are now able to retry the authentication process without restarting Winbind.
BZ#709070
Previously, there were performance problems with print servers that served a large number of printers. As a result, clients had to wait a long time to be able to use printers shared on a Samba server. With this update, the performance problems with print servers have been fixed.
BZ#740832
If Linux clients used the Common Internet File System (CIFS) client in the kernel to mount a Samba share, the force create mode parameter was not honored properly. As a result, files created on a mounted Samba share did not properly follow the umask parameter, and files with undesired permissions were created. With this update, the bug has been fixed and no longer occurs.
BZ#743892
Previously, Windows Internet Explorer 9 running on Microsoft Windows 7 was unable to download files onto a Samba share. With this update, the bug has been fixed and no longer occurs
BZ#709641
Previously, Winbind was not able to correctly retrieve user and group information from a Windows server. As a result, Winbind was unable to expose users and groups on the local system. This bug has been fixed in this update.
BZ#705123
Previously, if Winbind was used to provide MS-CHAPv2 authentication for FreeRadius, an invalid session key was used. As a result, users with MS-CHAPv2 authentication were unable to authenticate. With this update, this bug has been fixed so that MS-CHAPv2 authentication for FreeRadius now works as expected.
BZ#739186
Previously, certain Samba components logged a large number of unimportant internal messages to the system log. This bug has been fixed in this update by increasing the log level for the log messages.
BZ#737810
Previously, the net(8) man page did not document Kerberos authentication. This bug has been fixed by adding the missing documentation to the man page.
BZ#693136
If a printer driver was installed on a Samba server, there was a failure encountered on the Windows client. As a result, driver settings were not properly initialized and the printer did not work properly. With this update, the bug has been fixed so that the printer driver installation now works as expected.
BZ#737808
Previously, the net utility used for joining the Windows domains did not use the existing Kerberos credential cache. As a result, users were unable to reuse their existing tickets to join the Windows domains with Kerberos. With this update, the net utility has been fixed so that it now uses existing tickets from the default credential cache.
BZ#691423
When registering the Domain Name System (DNS) names, certain Samba utilities aborted the DNS registration if Samba tried to contact a disconnected DNS name server. With this update, Samba has been fixed so that it skips those DNS name servers that are not available on the network.
BZ#652609
Previously, the man pages for certain Samba components did not document that if the Windows Services for UNIX (SFU) are enabled, or if the standard RFC 2307 LDAP attributes in the Active Directory (AD) are used, primary group membership is not calculated based on the gidNumber LDAP attribute. Instead, Winbind uses the primaryGroupID LDAP attribute. As a result, setting the gidNumber attribute in AD has no effect for accounts if Winbind is used. With this update, the man pages have been updated accordingly to reflect the aforementioned limitation.
BZ#748325
Previously, extracting files from a ZIP archive failed on the Distributed File System (DFS) shares if the follow symlinks = yes parameter was not set. This bug has been fixed in this update so that extracting files from the ZIP archive now works as expected.
All users of samba should upgrade to these updated packages, which fix these bugs.