Security Advisory Moderate: samba security update

Advisory: RHSA-2009:1529-1
Type: Security Advisory
Severity: Moderate
Issued on: 2009-10-27
Last updated on: 2009-10-27
Affected Products: Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.8.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.8.z)
Red Hat Enterprise Linux EUS (v. 5.4.z server)
Red Hat Enterprise Linux WS (v. 4)
OVAL: com.redhat.rhsa-20091529.xml
CVEs (cve.mitre.org): CVE-2009-1888
CVE-2009-2813
CVE-2009-2906
CVE-2009-2948

Details

Updated samba packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Samba is a suite of programs used by machines to share files, printers, and
other information.

A denial of service flaw was found in the Samba smbd daemon. An
authenticated, remote user could send a specially-crafted response that
would cause an smbd child process to enter an infinite loop. An
authenticated, remote user could use this flaw to exhaust system resources
by opening multiple CIFS sessions. (CVE-2009-2906)

An uninitialized data access flaw was discovered in the smbd daemon when
using the non-default "dos filemode" configuration option in "smb.conf". An
authenticated, remote user with write access to a file could possibly use
this flaw to change an access control list for that file, even when such
access should have been denied. (CVE-2009-1888)

A flaw was discovered in the way Samba handled users without a home
directory set in the back-end password database (e.g. "/etc/passwd"). If a
share for the home directory of such a user was created (e.g. using the
automated "[homes]" share), any user able to access that share could see
the whole file system, possibly bypassing intended access restrictions.
(CVE-2009-2813)

The mount.cifs program printed CIFS passwords as part of its debug output
when running in verbose mode. When mount.cifs had the setuid bit set, a
local, unprivileged user could use this flaw to disclose passwords from a
file that would otherwise be inaccessible to that user. Note: mount.cifs
from the samba packages distributed by Red Hat does not have the setuid bit
set. This flaw only affected systems where the setuid bit was manually set
by an administrator. (CVE-2009-2948)

Users of Samba should upgrade to these updated packages, which contain
backported patches to correct these issues. After installing this update,
the smb service will be restarted automatically.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Desktop (v. 4)
SRPMS:
samba-3.0.33-0.18.el4_8.src.rpm     4c5efb25662fc235a59c7c13a492df50
 
IA-32:
samba-3.0.33-0.18.el4_8.i386.rpm     afb15f48dfd7bd918e981825e52d4449
samba-client-3.0.33-0.18.el4_8.i386.rpm     b6ad20d3d3f048c6d3818a7fb121aec3
samba-common-3.0.33-0.18.el4_8.i386.rpm     58912196468c2c169bae09cf81ad3785
samba-swat-3.0.33-0.18.el4_8.i386.rpm     42e762448f274ab9afeabd46dab62437
 
x86_64:
samba-3.0.33-0.18.el4_8.x86_64.rpm     424ba35378e60a9850c3163d11f086fa
samba-client-3.0.33-0.18.el4_8.x86_64.rpm     7ef64e2d2804c051fe47dc824937c766
samba-common-3.0.33-0.18.el4_8.i386.rpm     58912196468c2c169bae09cf81ad3785
samba-common-3.0.33-0.18.el4_8.x86_64.rpm     adb3f460dc0f6eee2c51f5ec596a9e34
samba-swat-3.0.33-0.18.el4_8.x86_64.rpm     0b7e9a3526b51f24a1b1f367987b07a5
 
Red Hat Enterprise Linux (v. 5 server)
SRPMS:
samba-3.0.33-3.15.el5_4.src.rpm     300c0d23e17b81242d19067c8780eea2
 
IA-32:
samba-3.0.33-3.15.el5_4.i386.rpm     1f37fda165e496848df786c27ba59a4d
samba-client-3.0.33-3.15.el5_4.i386.rpm     71f0153150d4bd62c0d5c4108788f2b1
samba-common-3.0.33-3.15.el5_4.i386.rpm     953566c38aa93ce5c9789a1dd98d600f
samba-swat-3.0.33-3.15.el5_4.i386.rpm     707e4bae35bd46655a17e1faf7660c26
 
IA-64:
samba-3.0.33-3.15.el5_4.ia64.rpm     42e7c33b5f41cfc1a4ea155e8c469c95
samba-client-3.0.33-3.15.el5_4.ia64.rpm     31d8a3fd555586e7bee2f3077c090202
samba-common-3.0.33-3.15.el5_4.ia64.rpm     f637a06f968ddf6b859783acd3e6453e
samba-swat-3.0.33-3.15.el5_4.ia64.rpm     735f62be2081988d61ca978842bb708c
 
PPC:
samba-3.0.33-3.15.el5_4.ppc.rpm     b44a32ad692a3a87c03a8fa6f4b9bd18
samba-client-3.0.33-3.15.el5_4.ppc.rpm     d0b3fa4abed30f67cba3f8141e964dc0
samba-common-3.0.33-3.15.el5_4.ppc.rpm     617a9a1358b2f6755f67b9117cd0dac0
samba-common-3.0.33-3.15.el5_4.ppc64.rpm     0223089ef4df0bca7cc0f6491b325ab9
samba-swat-3.0.33-3.15.el5_4.ppc.rpm     ab3ec9a23ef551d376ce312f02ea0385
 
s390x:
samba-3.0.33-3.15.el5_4.s390x.rpm     3044736f263ab1be72cdd4aafcacd4f5
samba-client-3.0.33-3.15.el5_4.s390x.rpm     4c44924c64eb10f0bcfd915d2299d3fa
samba-common-3.0.33-3.15.el5_4.s390.rpm     ba552342eb1169eb279b2862802d5f58
samba-common-3.0.33-3.15.el5_4.s390x.rpm     64fb3d8b41fc64007b5b087266423cc1
samba-swat-3.0.33-3.15.el5_4.s390x.rpm     441ffbab01f319ade71e7f406dc268d9
 
x86_64:
samba-3.0.33-3.15.el5_4.x86_64.rpm     5dd6b1d1b25b0e15168d7a1c36209d35
samba-client-3.0.33-3.15.el5_4.x86_64.rpm     a426589928384ec1e9c5c3bf01fecdcc
samba-common-3.0.33-3.15.el5_4.i386.rpm     953566c38aa93ce5c9789a1dd98d600f
samba-common-3.0.33-3.15.el5_4.x86_64.rpm     0b992e9134f8c6b7b980002599305bdb
samba-swat-3.0.33-3.15.el5_4.x86_64.rpm     54373d387e181d53fe0d88c173647912
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
samba-3.0.33-0.18.el4_8.src.rpm     4c5efb25662fc235a59c7c13a492df50
 
IA-32:
samba-3.0.33-0.18.el4_8.i386.rpm     afb15f48dfd7bd918e981825e52d4449
samba-client-3.0.33-0.18.el4_8.i386.rpm     b6ad20d3d3f048c6d3818a7fb121aec3
samba-common-3.0.33-0.18.el4_8.i386.rpm     58912196468c2c169bae09cf81ad3785
samba-swat-3.0.33-0.18.el4_8.i386.rpm     42e762448f274ab9afeabd46dab62437
 
IA-64:
samba-3.0.33-0.18.el4_8.ia64.rpm     d63daaddae77971e0a4b6b3ad4631ee4
samba-client-3.0.33-0.18.el4_8.ia64.rpm     1dc1ed4f10a1dcc8d7f8be5eaef438b9
samba-common-3.0.33-0.18.el4_8.i386.rpm     58912196468c2c169bae09cf81ad3785
samba-common-3.0.33-0.18.el4_8.ia64.rpm     34a71cdbab2d46efc713b0129c572c2b
samba-swat-3.0.33-0.18.el4_8.ia64.rpm     4c7623dbae63814087b094d062a2c8b3
 
PPC:
samba-3.0.33-0.18.el4_8.ppc.rpm     efdc1b89592bd86bd2c967a47660cc2f
samba-client-3.0.33-0.18.el4_8.ppc.rpm     0eb2247ba9e8616d34653d6e771948d5
samba-common-3.0.33-0.18.el4_8.ppc.rpm     dc861025646954e835ff07ae3efd0496
samba-common-3.0.33-0.18.el4_8.ppc64.rpm     aa22570fa1325098e8f909bb895fe1ea
samba-swat-3.0.33-0.18.el4_8.ppc.rpm     6c0daa3d5a2528eb945d4121a00ef676
 
s390:
samba-3.0.33-0.18.el4_8.s390.rpm     a34adefc58ff42999ee23a9d5d40aec0
samba-client-3.0.33-0.18.el4_8.s390.rpm     1640f73f5375bbc5397f38bf4f2bf377
samba-common-3.0.33-0.18.el4_8.s390.rpm     1f1e8f96c45529b0b09d0f53aa90e3a8
samba-swat-3.0.33-0.18.el4_8.s390.rpm     36cc67693d3388df3694158c20417962
 
s390x:
samba-3.0.33-0.18.el4_8.s390x.rpm     52ba25294d0d0a99318e18af11bf7c96
samba-client-3.0.33-0.18.el4_8.s390x.rpm     08a54fdc4e579eb18fb9bf04ea896806
samba-common-3.0.33-0.18.el4_8.s390.rpm     1f1e8f96c45529b0b09d0f53aa90e3a8
samba-common-3.0.33-0.18.el4_8.s390x.rpm     700cec19049fa2e4afbdbfe4b94a8e8f
samba-swat-3.0.33-0.18.el4_8.s390x.rpm     e2abfc4c27383a89ab15dee03bdd14ad
 
x86_64:
samba-3.0.33-0.18.el4_8.x86_64.rpm     424ba35378e60a9850c3163d11f086fa
samba-client-3.0.33-0.18.el4_8.x86_64.rpm     7ef64e2d2804c051fe47dc824937c766
samba-common-3.0.33-0.18.el4_8.i386.rpm     58912196468c2c169bae09cf81ad3785
samba-common-3.0.33-0.18.el4_8.x86_64.rpm     adb3f460dc0f6eee2c51f5ec596a9e34
samba-swat-3.0.33-0.18.el4_8.x86_64.rpm     0b7e9a3526b51f24a1b1f367987b07a5
 
Red Hat Enterprise Linux AS (v. 4.8.z)
SRPMS:
samba-3.0.33-0.18.el4_8.src.rpm     4c5efb25662fc235a59c7c13a492df50
 
IA-32:
samba-3.0.33-0.18.el4_8.i386.rpm     afb15f48dfd7bd918e981825e52d4449
samba-client-3.0.33-0.18.el4_8.i386.rpm     b6ad20d3d3f048c6d3818a7fb121aec3
samba-common-3.0.33-0.18.el4_8.i386.rpm     58912196468c2c169bae09cf81ad3785
samba-swat-3.0.33-0.18.el4_8.i386.rpm     42e762448f274ab9afeabd46dab62437
 
IA-64:
samba-3.0.33-0.18.el4_8.ia64.rpm     d63daaddae77971e0a4b6b3ad4631ee4
samba-client-3.0.33-0.18.el4_8.ia64.rpm     1dc1ed4f10a1dcc8d7f8be5eaef438b9
samba-common-3.0.33-0.18.el4_8.i386.rpm     58912196468c2c169bae09cf81ad3785
samba-common-3.0.33-0.18.el4_8.ia64.rpm     34a71cdbab2d46efc713b0129c572c2b
samba-swat-3.0.33-0.18.el4_8.ia64.rpm     4c7623dbae63814087b094d062a2c8b3
 
PPC:
samba-3.0.33-0.18.el4_8.ppc.rpm     efdc1b89592bd86bd2c967a47660cc2f
samba-client-3.0.33-0.18.el4_8.ppc.rpm     0eb2247ba9e8616d34653d6e771948d5
samba-common-3.0.33-0.18.el4_8.ppc.rpm     dc861025646954e835ff07ae3efd0496
samba-common-3.0.33-0.18.el4_8.ppc64.rpm     aa22570fa1325098e8f909bb895fe1ea
samba-swat-3.0.33-0.18.el4_8.ppc.rpm     6c0daa3d5a2528eb945d4121a00ef676
 
s390:
samba-3.0.33-0.18.el4_8.s390.rpm     a34adefc58ff42999ee23a9d5d40aec0
samba-client-3.0.33-0.18.el4_8.s390.rpm     1640f73f5375bbc5397f38bf4f2bf377
samba-common-3.0.33-0.18.el4_8.s390.rpm     1f1e8f96c45529b0b09d0f53aa90e3a8
samba-swat-3.0.33-0.18.el4_8.s390.rpm     36cc67693d3388df3694158c20417962
 
s390x:
samba-3.0.33-0.18.el4_8.s390x.rpm     52ba25294d0d0a99318e18af11bf7c96
samba-client-3.0.33-0.18.el4_8.s390x.rpm     08a54fdc4e579eb18fb9bf04ea896806
samba-common-3.0.33-0.18.el4_8.s390.rpm     1f1e8f96c45529b0b09d0f53aa90e3a8
samba-common-3.0.33-0.18.el4_8.s390x.rpm     700cec19049fa2e4afbdbfe4b94a8e8f
samba-swat-3.0.33-0.18.el4_8.s390x.rpm     e2abfc4c27383a89ab15dee03bdd14ad
 
x86_64:
samba-3.0.33-0.18.el4_8.x86_64.rpm     424ba35378e60a9850c3163d11f086fa
samba-client-3.0.33-0.18.el4_8.x86_64.rpm     7ef64e2d2804c051fe47dc824937c766
samba-common-3.0.33-0.18.el4_8.i386.rpm     58912196468c2c169bae09cf81ad3785
samba-common-3.0.33-0.18.el4_8.x86_64.rpm     adb3f460dc0f6eee2c51f5ec596a9e34
samba-swat-3.0.33-0.18.el4_8.x86_64.rpm     0b7e9a3526b51f24a1b1f367987b07a5
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
samba-3.0.33-3.15.el5_4.src.rpm     300c0d23e17b81242d19067c8780eea2
 
IA-32:
samba-3.0.33-3.15.el5_4.i386.rpm     1f37fda165e496848df786c27ba59a4d
samba-client-3.0.33-3.15.el5_4.i386.rpm     71f0153150d4bd62c0d5c4108788f2b1
samba-common-3.0.33-3.15.el5_4.i386.rpm     953566c38aa93ce5c9789a1dd98d600f
samba-swat-3.0.33-3.15.el5_4.i386.rpm     707e4bae35bd46655a17e1faf7660c26
 
x86_64:
samba-3.0.33-3.15.el5_4.x86_64.rpm     5dd6b1d1b25b0e15168d7a1c36209d35
samba-client-3.0.33-3.15.el5_4.x86_64.rpm     a426589928384ec1e9c5c3bf01fecdcc
samba-common-3.0.33-3.15.el5_4.i386.rpm     953566c38aa93ce5c9789a1dd98d600f
samba-common-3.0.33-3.15.el5_4.x86_64.rpm     0b992e9134f8c6b7b980002599305bdb
samba-swat-3.0.33-3.15.el5_4.x86_64.rpm     54373d387e181d53fe0d88c173647912
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
samba-3.0.33-0.18.el4_8.src.rpm     4c5efb25662fc235a59c7c13a492df50
 
IA-32:
samba-3.0.33-0.18.el4_8.i386.rpm     afb15f48dfd7bd918e981825e52d4449
samba-client-3.0.33-0.18.el4_8.i386.rpm     b6ad20d3d3f048c6d3818a7fb121aec3
samba-common-3.0.33-0.18.el4_8.i386.rpm     58912196468c2c169bae09cf81ad3785
samba-swat-3.0.33-0.18.el4_8.i386.rpm     42e762448f274ab9afeabd46dab62437
 
IA-64:
samba-3.0.33-0.18.el4_8.ia64.rpm     d63daaddae77971e0a4b6b3ad4631ee4
samba-client-3.0.33-0.18.el4_8.ia64.rpm     1dc1ed4f10a1dcc8d7f8be5eaef438b9
samba-common-3.0.33-0.18.el4_8.i386.rpm     58912196468c2c169bae09cf81ad3785
samba-common-3.0.33-0.18.el4_8.ia64.rpm     34a71cdbab2d46efc713b0129c572c2b
samba-swat-3.0.33-0.18.el4_8.ia64.rpm     4c7623dbae63814087b094d062a2c8b3
 
x86_64:
samba-3.0.33-0.18.el4_8.x86_64.rpm     424ba35378e60a9850c3163d11f086fa
samba-client-3.0.33-0.18.el4_8.x86_64.rpm     7ef64e2d2804c051fe47dc824937c766
samba-common-3.0.33-0.18.el4_8.i386.rpm     58912196468c2c169bae09cf81ad3785
samba-common-3.0.33-0.18.el4_8.x86_64.rpm     adb3f460dc0f6eee2c51f5ec596a9e34
samba-swat-3.0.33-0.18.el4_8.x86_64.rpm     0b7e9a3526b51f24a1b1f367987b07a5
 
Red Hat Enterprise Linux ES (v. 4.8.z)
SRPMS:
samba-3.0.33-0.18.el4_8.src.rpm     4c5efb25662fc235a59c7c13a492df50
 
IA-32:
samba-3.0.33-0.18.el4_8.i386.rpm     afb15f48dfd7bd918e981825e52d4449
samba-client-3.0.33-0.18.el4_8.i386.rpm     b6ad20d3d3f048c6d3818a7fb121aec3
samba-common-3.0.33-0.18.el4_8.i386.rpm     58912196468c2c169bae09cf81ad3785
samba-swat-3.0.33-0.18.el4_8.i386.rpm     42e762448f274ab9afeabd46dab62437
 
IA-64:
samba-3.0.33-0.18.el4_8.ia64.rpm     d63daaddae77971e0a4b6b3ad4631ee4
samba-client-3.0.33-0.18.el4_8.ia64.rpm     1dc1ed4f10a1dcc8d7f8be5eaef438b9
samba-common-3.0.33-0.18.el4_8.i386.rpm     58912196468c2c169bae09cf81ad3785
samba-common-3.0.33-0.18.el4_8.ia64.rpm     34a71cdbab2d46efc713b0129c572c2b
samba-swat-3.0.33-0.18.el4_8.ia64.rpm     4c7623dbae63814087b094d062a2c8b3
 
x86_64:
samba-3.0.33-0.18.el4_8.x86_64.rpm     424ba35378e60a9850c3163d11f086fa
samba-client-3.0.33-0.18.el4_8.x86_64.rpm     7ef64e2d2804c051fe47dc824937c766
samba-common-3.0.33-0.18.el4_8.i386.rpm     58912196468c2c169bae09cf81ad3785
samba-common-3.0.33-0.18.el4_8.x86_64.rpm     adb3f460dc0f6eee2c51f5ec596a9e34
samba-swat-3.0.33-0.18.el4_8.x86_64.rpm     0b7e9a3526b51f24a1b1f367987b07a5
 
Red Hat Enterprise Linux EUS (v. 5.4.z server)
SRPMS:
samba-3.0.33-3.15.el5_4.src.rpm     300c0d23e17b81242d19067c8780eea2
 
IA-32:
samba-3.0.33-3.15.el5_4.i386.rpm     1f37fda165e496848df786c27ba59a4d
samba-client-3.0.33-3.15.el5_4.i386.rpm     71f0153150d4bd62c0d5c4108788f2b1
samba-common-3.0.33-3.15.el5_4.i386.rpm     953566c38aa93ce5c9789a1dd98d600f
samba-swat-3.0.33-3.15.el5_4.i386.rpm     707e4bae35bd46655a17e1faf7660c26
 
IA-64:
samba-3.0.33-3.15.el5_4.ia64.rpm     42e7c33b5f41cfc1a4ea155e8c469c95
samba-client-3.0.33-3.15.el5_4.ia64.rpm     31d8a3fd555586e7bee2f3077c090202
samba-common-3.0.33-3.15.el5_4.ia64.rpm     f637a06f968ddf6b859783acd3e6453e
samba-swat-3.0.33-3.15.el5_4.ia64.rpm     735f62be2081988d61ca978842bb708c
 
PPC:
samba-3.0.33-3.15.el5_4.ppc.rpm     b44a32ad692a3a87c03a8fa6f4b9bd18
samba-client-3.0.33-3.15.el5_4.ppc.rpm     d0b3fa4abed30f67cba3f8141e964dc0
samba-common-3.0.33-3.15.el5_4.ppc.rpm     617a9a1358b2f6755f67b9117cd0dac0
samba-common-3.0.33-3.15.el5_4.ppc64.rpm     0223089ef4df0bca7cc0f6491b325ab9
samba-swat-3.0.33-3.15.el5_4.ppc.rpm     ab3ec9a23ef551d376ce312f02ea0385
 
s390x:
samba-3.0.33-3.15.el5_4.s390x.rpm     3044736f263ab1be72cdd4aafcacd4f5
samba-client-3.0.33-3.15.el5_4.s390x.rpm     4c44924c64eb10f0bcfd915d2299d3fa
samba-common-3.0.33-3.15.el5_4.s390.rpm     ba552342eb1169eb279b2862802d5f58
samba-common-3.0.33-3.15.el5_4.s390x.rpm     64fb3d8b41fc64007b5b087266423cc1
samba-swat-3.0.33-3.15.el5_4.s390x.rpm     441ffbab01f319ade71e7f406dc268d9
 
x86_64:
samba-3.0.33-3.15.el5_4.x86_64.rpm     5dd6b1d1b25b0e15168d7a1c36209d35
samba-client-3.0.33-3.15.el5_4.x86_64.rpm     a426589928384ec1e9c5c3bf01fecdcc
samba-common-3.0.33-3.15.el5_4.i386.rpm     953566c38aa93ce5c9789a1dd98d600f
samba-common-3.0.33-3.15.el5_4.x86_64.rpm     0b992e9134f8c6b7b980002599305bdb
samba-swat-3.0.33-3.15.el5_4.x86_64.rpm     54373d387e181d53fe0d88c173647912
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
samba-3.0.33-0.18.el4_8.src.rpm     4c5efb25662fc235a59c7c13a492df50
 
IA-32:
samba-3.0.33-0.18.el4_8.i386.rpm     afb15f48dfd7bd918e981825e52d4449
samba-client-3.0.33-0.18.el4_8.i386.rpm     b6ad20d3d3f048c6d3818a7fb121aec3
samba-common-3.0.33-0.18.el4_8.i386.rpm     58912196468c2c169bae09cf81ad3785
samba-swat-3.0.33-0.18.el4_8.i386.rpm     42e762448f274ab9afeabd46dab62437
 
IA-64:
samba-3.0.33-0.18.el4_8.ia64.rpm     d63daaddae77971e0a4b6b3ad4631ee4
samba-client-3.0.33-0.18.el4_8.ia64.rpm     1dc1ed4f10a1dcc8d7f8be5eaef438b9
samba-common-3.0.33-0.18.el4_8.i386.rpm     58912196468c2c169bae09cf81ad3785
samba-common-3.0.33-0.18.el4_8.ia64.rpm     34a71cdbab2d46efc713b0129c572c2b
samba-swat-3.0.33-0.18.el4_8.ia64.rpm     4c7623dbae63814087b094d062a2c8b3
 
x86_64:
samba-3.0.33-0.18.el4_8.x86_64.rpm     424ba35378e60a9850c3163d11f086fa
samba-client-3.0.33-0.18.el4_8.x86_64.rpm     7ef64e2d2804c051fe47dc824937c766
samba-common-3.0.33-0.18.el4_8.i386.rpm     58912196468c2c169bae09cf81ad3785
samba-common-3.0.33-0.18.el4_8.x86_64.rpm     adb3f460dc0f6eee2c51f5ec596a9e34
samba-swat-3.0.33-0.18.el4_8.x86_64.rpm     0b7e9a3526b51f24a1b1f367987b07a5
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

506996 - CVE-2009-1888 Samba improper file access
523752 - CVE-2009-2813 Samba: Share restriction bypass via home-less directory user account(s)
526074 - CVE-2009-2948 samba: information disclosure in suid mount.cifs
526645 - CVE-2009-2906 samba: infinite loop flaw in smbd on unexpected oplock break notification reply


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948
http://www.redhat.com/security/updates/classification/#moderate

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/