Skip to navigation

Security Advisory Low: samba security, bug fix, and enhancement update

Advisory: RHSA-2012:0313-3
Type: Security Advisory
Severity: Low
Issued on: 2012-02-21
Last updated on: 2012-02-21
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2010-0926

Details

Updated samba packages that fix one security issue, one bug, and add one
enhancement are now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having low
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

Samba is an open-source implementation of the Server Message Block (SMB) or
Common Internet File System (CIFS) protocol, which allows PC-compatible
machines to share files, printers, and other information.

The default Samba server configuration enabled both the "wide links" and
"unix extensions" options, allowing Samba clients with write access to a
share to create symbolic links that point to any location on the file
system. Clients connecting with CIFS UNIX extensions disabled could have
such links resolved on the server, allowing them to access and possibly
overwrite files outside of the share. With this update, "wide links" is
set to "no" by default. In addition, the update ensures "wide links" is
disabled for shares that have "unix extensions" enabled. (CVE-2010-0926)

Warning: This update may cause files and directories that are only linked
to Samba shares using symbolic links to become inaccessible to Samba
clients. In deployments where support for CIFS UNIX extensions is not
needed (such as when files are exported to Microsoft Windows clients),
administrators may prefer to set the "unix extensions" option to "no" to
allow the use of symbolic links to access files out of the shared
directories. All existing symbolic links in a share should be reviewed
before re-enabling "wide links".

These updated samba packages also fix the following bug:

* The smbclient tool sometimes failed to return the proper exit status
code. Consequently, using smbclient in a script caused some scripts to
fail. With this update, an upstream patch has been applied and smbclient
now returns the correct exit status. (BZ#768908)

In addition, these updated samba packages provide the following
enhancement:

* With this update, support for Windows Server 2008 R2 domains has been
added. (BZ#736124)

Users are advised to upgrade to these updated samba packages, which correct
these issues and add this enhancement. After installing this update, the
smb service will be restarted automatically.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
samba-3.0.33-3.37.el5.src.rpm
File outdated by:  RHSA-2014:0305
    MD5: 2d54ac057e5113fb0a33db6994bd6cee
SHA-256: 576d4c3735103f6b96d138fe11a863caa1eac256ef4d438bfe8b4b6f5c99c361
 
IA-32:
libsmbclient-devel-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: 31fd8b181cd692d06bec1492fc3d767c
SHA-256: 39cf56ebd22c7056bd38a602c91d12cbb4cf7db43a120eb181fd54e5e4e2649c
samba-debuginfo-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: f632546842b140a5bda583808cd66f1f
SHA-256: 37f8d516afdf72e44f4cc4c3f5d20ef3f3ffae6e2a7265914773d9ac294fb1df
 
x86_64:
libsmbclient-devel-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: 31fd8b181cd692d06bec1492fc3d767c
SHA-256: 39cf56ebd22c7056bd38a602c91d12cbb4cf7db43a120eb181fd54e5e4e2649c
libsmbclient-devel-3.0.33-3.37.el5.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: 74335a7352de3f7424747f28c0e22cad
SHA-256: c3d617f8f6f910ca2b5f335cb4194a46df32f3416658524d85d4510df6911371
samba-debuginfo-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: f632546842b140a5bda583808cd66f1f
SHA-256: 37f8d516afdf72e44f4cc4c3f5d20ef3f3ffae6e2a7265914773d9ac294fb1df
samba-debuginfo-3.0.33-3.37.el5.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: 6b861cfee7d31f40ea76dcab076ca0e3
SHA-256: 6a2c49639816127adcf3ef9041a311a67626388350e3c568783db8f92e435839
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
samba-3.0.33-3.37.el5.src.rpm
File outdated by:  RHSA-2014:0305
    MD5: 2d54ac057e5113fb0a33db6994bd6cee
SHA-256: 576d4c3735103f6b96d138fe11a863caa1eac256ef4d438bfe8b4b6f5c99c361
 
IA-32:
libsmbclient-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: 39be25b57a8e7fa64a9aa21bc2ee127e
SHA-256: 6053b4dfc3b6d8ec83300ac500a9ab4695a3cac4fd43ac6e1001be1303b83f19
libsmbclient-devel-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: 31fd8b181cd692d06bec1492fc3d767c
SHA-256: 39cf56ebd22c7056bd38a602c91d12cbb4cf7db43a120eb181fd54e5e4e2649c
samba-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: 05434473ab98bd74d9d1b0faef41732e
SHA-256: 0df2672cc2055d12630052461f11d0c1b4462676275c2aa0f53d4b5889360b3a
samba-client-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: 8c96bb804de7a362dd54d01f8acf016a
SHA-256: 3c94af50229e68b7813ae52762f1cb08fa6a9e6e191b2992ec35352c3e587864
samba-common-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: 72da046fda8e97afae276fc93efae4df
SHA-256: 913c85574639bdf3a186636aea9f8074fdb741362876591f8f7ba5aa63fadb78
samba-debuginfo-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: f632546842b140a5bda583808cd66f1f
SHA-256: 37f8d516afdf72e44f4cc4c3f5d20ef3f3ffae6e2a7265914773d9ac294fb1df
samba-swat-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: 60e0e2ced9de67b73b8eee403eb2bbf2
SHA-256: 9609958f0c6c0b74bdfe475e1c838319973da00cede6c8ae3aeaa032a08d1f39
 
IA-64:
libsmbclient-3.0.33-3.37.el5.ia64.rpm
File outdated by:  RHSA-2014:0305
    MD5: 15906d6e12e2922924bc0aa9d6fdf961
SHA-256: 3623181ae34d4d3b24b061cb098a104439f0be9ddce7b36f4d7eba6098302935
libsmbclient-devel-3.0.33-3.37.el5.ia64.rpm
File outdated by:  RHSA-2014:0305
    MD5: 09a6ffb5383481730618e9240f195f3e
SHA-256: 60b7466b6cec78e7801692dcd33debae453addd7c2cbf8f7fda7bd4f11773c99
samba-3.0.33-3.37.el5.ia64.rpm
File outdated by:  RHSA-2014:0305
    MD5: 64f34092196e17650c4f7b94a7282e80
SHA-256: fd035e1ea9dc137799153304fca7656fc3e29de5bc623d41b2f4b97d437180a9
samba-client-3.0.33-3.37.el5.ia64.rpm
File outdated by:  RHSA-2014:0305
    MD5: bf0e55b4c51fbc624caa1335f15e7417
SHA-256: cd91db6cc0d09355462b1ee7507bb3235b86ca9a41cc45939f444f08caf0791a
samba-common-3.0.33-3.37.el5.ia64.rpm
File outdated by:  RHSA-2014:0305
    MD5: ede54dce303a6b27c9a8d10fdfaeee0e
SHA-256: 17266de3332443769db2219443ca4bc31c60ebb59d639c37649856ecda2d8b3e
samba-debuginfo-3.0.33-3.37.el5.ia64.rpm
File outdated by:  RHSA-2014:0305
    MD5: f59fd8a77b2d739656c6b143a063e1f2
SHA-256: 83e111697526d491a6d3fbb9783d217037b5684a75dcbf89dfa34d2b7d3810b4
samba-swat-3.0.33-3.37.el5.ia64.rpm
File outdated by:  RHSA-2014:0305
    MD5: 50adb4cf943f28e11856cca17d30bbb6
SHA-256: f8307ef7f90359b367efcc0b581e95ccd751f15cf2768f25192de19049e3ee1f
 
PPC:
libsmbclient-3.0.33-3.37.el5.ppc.rpm
File outdated by:  RHSA-2014:0305
    MD5: 9b2be6e3a91414c286b9d21db1d6f17b
SHA-256: 792d57101e25ddf421d165c84d73d9301127a2459df6bd0c3c978aa862851e8f
libsmbclient-3.0.33-3.37.el5.ppc64.rpm
File outdated by:  RHSA-2014:0305
    MD5: b52a0b9bb9fc514f10f5d67996685806
SHA-256: 80793d52ecf3113ce2144ec28e356d445d74c34fd3c1f66ce97e05deef242461
libsmbclient-devel-3.0.33-3.37.el5.ppc.rpm
File outdated by:  RHSA-2014:0305
    MD5: dbc7d70a4e57e60917bc957cce63f2a9
SHA-256: 5de8b6b4f5f45c3263b5b84299e956aeb2863c585557536b7e26c9cdee2fad7e
libsmbclient-devel-3.0.33-3.37.el5.ppc64.rpm
File outdated by:  RHSA-2014:0305
    MD5: 2912cd3b6717ada92380cad40d8c44cb
SHA-256: 0e41678a855bc4059fc0b83ae8ed1d3966d0b87c9d1efe104a01799937e6d9a9
samba-3.0.33-3.37.el5.ppc.rpm
File outdated by:  RHSA-2014:0305
    MD5: 6ed75d2d9e2d06123177b1a746fdc0aa
SHA-256: c4e9bbb6737e966ed7d5637f1080b80514c4895194a02bf99ed171df512fcba9
samba-client-3.0.33-3.37.el5.ppc.rpm
File outdated by:  RHSA-2014:0305
    MD5: f8061d7e9095eabe0db40fe63964db58
SHA-256: 64733411a1df3acf1cf19b9cf9d4e76d780e1c68413ae5f5bcfd663832d46d4d
samba-common-3.0.33-3.37.el5.ppc.rpm
File outdated by:  RHSA-2014:0305
    MD5: 44c7b18e19dec0a0e063112ce284f705
SHA-256: fb61f28febf272d2ff5dc1a5d1e38c3e00b46d035487714295d21a1ee808a3df
samba-common-3.0.33-3.37.el5.ppc64.rpm
File outdated by:  RHSA-2014:0305
    MD5: 0e5ae4577ce209512026671df43af0dc
SHA-256: e65232a7ab839e9a327035e26c4117bbd88ee6b3ff2f33e40bab798937b1f468
samba-debuginfo-3.0.33-3.37.el5.ppc.rpm
File outdated by:  RHSA-2014:0305
    MD5: cc227556199c6625f9a94ad1dd01b890
SHA-256: afb18b693d73b1c397e9de91ce25aef368161da507b77458a65f6da0258d7bc5
samba-debuginfo-3.0.33-3.37.el5.ppc64.rpm
File outdated by:  RHSA-2014:0305
    MD5: ca9c299fc1ad944371e3cbf66c593659
SHA-256: 7cf71847e69aa6457163fabdeb236500b9b6ea18bbc1fb4eaca23ffa087a861d
samba-swat-3.0.33-3.37.el5.ppc.rpm
File outdated by:  RHSA-2014:0305
    MD5: 361a35e0d2781a609826a3838ec23787
SHA-256: 86b59c3633206b7f628159c180bbfca50dfe105773bb286b34d269a85bd4b694
 
s390x:
libsmbclient-3.0.33-3.37.el5.s390.rpm
File outdated by:  RHSA-2014:0305
    MD5: 2fe24e68ccc6223c8b7578c048def387
SHA-256: 14a1131a233cdac5efc5616efaadbb289593fb9f05cab59a505a4eced9ab5931
libsmbclient-3.0.33-3.37.el5.s390x.rpm
File outdated by:  RHSA-2014:0305
    MD5: 543531aacdecba115e1f585b9d56fdd1
SHA-256: 9c2aa59dc492bf0447c5fc2107f040611c542afa442a255968f410e1e0d07225
libsmbclient-devel-3.0.33-3.37.el5.s390.rpm
File outdated by:  RHSA-2014:0305
    MD5: 91850f16dc7a4e877eaf84bee0086c85
SHA-256: 025f85fb44f9b5570aa0134a013b4714a84820d7ce764160be90d8607ab66507
libsmbclient-devel-3.0.33-3.37.el5.s390x.rpm
File outdated by:  RHSA-2014:0305
    MD5: 297a4950cb892384525922e6510e60b4
SHA-256: c34264fc27f878adc1f7aee1ca32293dc2e013648d061e437b1fefff053a541e
samba-3.0.33-3.37.el5.s390x.rpm
File outdated by:  RHSA-2014:0305
    MD5: 7af2edfbd6a392ada2ca7bd1908d9a7d
SHA-256: c7ba8706c511a257c30bc17d1444909e8cc445a9c69744c50304990c407bc76d
samba-client-3.0.33-3.37.el5.s390x.rpm
File outdated by:  RHSA-2014:0305
    MD5: f991a4489d108ab2fd4b81d41b6f8ed4
SHA-256: 232fcf53ebfdee74521467d53775cfd0dc0f581c561dc439e79468d00f93c9a5
samba-common-3.0.33-3.37.el5.s390.rpm
File outdated by:  RHSA-2014:0305
    MD5: 6f2ec76e6a5a15f32fb3d64e27b797d8
SHA-256: f96955207f7614ff30dc1ef2346c97319f289b8c0baff8fcd5e9edf3022aeb8c
samba-common-3.0.33-3.37.el5.s390x.rpm
File outdated by:  RHSA-2014:0305
    MD5: 3b7c0dd9950c829aa399def8fc1cae74
SHA-256: afd277a3c0408637e95d5ffb987df59e0f924503419e5ae41687bd09ab4a8184
samba-debuginfo-3.0.33-3.37.el5.s390.rpm
File outdated by:  RHSA-2014:0305
    MD5: d1691b99e996cd0c2f5d7893144c349f
SHA-256: 6c764556d4a7b6c4f0d1d52771ceb8889ab4b2f74bf25e06eb5370ce65ed3ccd
samba-debuginfo-3.0.33-3.37.el5.s390x.rpm
File outdated by:  RHSA-2014:0305
    MD5: 6d8241eda487ae5091ef9a5138ac48f8
SHA-256: e52608310b9f73363b9674330cb2aab410810d6bd7498a2f6181e241be07d0da
samba-swat-3.0.33-3.37.el5.s390x.rpm
File outdated by:  RHSA-2014:0305
    MD5: b70ab5d4c77cb07bf591b5767f501809
SHA-256: 99c380bcd9f8aa158a594f39af31c5b3a9f83ef149c3c55176cf468ebf1f521f
 
x86_64:
libsmbclient-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: 39be25b57a8e7fa64a9aa21bc2ee127e
SHA-256: 6053b4dfc3b6d8ec83300ac500a9ab4695a3cac4fd43ac6e1001be1303b83f19
libsmbclient-3.0.33-3.37.el5.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: 2c53fa6e3c33bbd340eb5afd370dc48b
SHA-256: adb775ae4d00d03c63c65ce34f80ee58419ea670440c4d740a5522046a0a6a8a
libsmbclient-devel-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: 31fd8b181cd692d06bec1492fc3d767c
SHA-256: 39cf56ebd22c7056bd38a602c91d12cbb4cf7db43a120eb181fd54e5e4e2649c
libsmbclient-devel-3.0.33-3.37.el5.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: 74335a7352de3f7424747f28c0e22cad
SHA-256: c3d617f8f6f910ca2b5f335cb4194a46df32f3416658524d85d4510df6911371
samba-3.0.33-3.37.el5.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: ee5c52113c4bc185dfb894f841114192
SHA-256: 0003f9a30df2c7fcb6c4f9ca28d82ddbdb875c8d1b47b0b4ed77d925ef2cacd3
samba-client-3.0.33-3.37.el5.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: f26ef2ff15a43b18a116bd72e58eb8f5
SHA-256: 6b9bc0000a57faca5f0ea114260f78d75a5dac4b2ce35cc872c84443fb99b7e1
samba-common-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: 72da046fda8e97afae276fc93efae4df
SHA-256: 913c85574639bdf3a186636aea9f8074fdb741362876591f8f7ba5aa63fadb78
samba-common-3.0.33-3.37.el5.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: d55b5c0950ec1c0252a3276ea61cafae
SHA-256: d19e19641203fc2b7514e054f699b5194ed4532f40310fd2c1a381c78871134d
samba-debuginfo-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: f632546842b140a5bda583808cd66f1f
SHA-256: 37f8d516afdf72e44f4cc4c3f5d20ef3f3ffae6e2a7265914773d9ac294fb1df
samba-debuginfo-3.0.33-3.37.el5.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: 6b861cfee7d31f40ea76dcab076ca0e3
SHA-256: 6a2c49639816127adcf3ef9041a311a67626388350e3c568783db8f92e435839
samba-swat-3.0.33-3.37.el5.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: eb990e04a3b87f6c21e97a5170497bee
SHA-256: b3646d422f9c499dd5af21baa2ec52d8cadd49cd3764a9e85ddadedb2e758a57
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
samba-3.0.33-3.37.el5.src.rpm
File outdated by:  RHSA-2014:0305
    MD5: 2d54ac057e5113fb0a33db6994bd6cee
SHA-256: 576d4c3735103f6b96d138fe11a863caa1eac256ef4d438bfe8b4b6f5c99c361
 
IA-32:
libsmbclient-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: 39be25b57a8e7fa64a9aa21bc2ee127e
SHA-256: 6053b4dfc3b6d8ec83300ac500a9ab4695a3cac4fd43ac6e1001be1303b83f19
samba-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: 05434473ab98bd74d9d1b0faef41732e
SHA-256: 0df2672cc2055d12630052461f11d0c1b4462676275c2aa0f53d4b5889360b3a
samba-client-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: 8c96bb804de7a362dd54d01f8acf016a
SHA-256: 3c94af50229e68b7813ae52762f1cb08fa6a9e6e191b2992ec35352c3e587864
samba-common-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: 72da046fda8e97afae276fc93efae4df
SHA-256: 913c85574639bdf3a186636aea9f8074fdb741362876591f8f7ba5aa63fadb78
samba-debuginfo-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: f632546842b140a5bda583808cd66f1f
SHA-256: 37f8d516afdf72e44f4cc4c3f5d20ef3f3ffae6e2a7265914773d9ac294fb1df
samba-swat-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: 60e0e2ced9de67b73b8eee403eb2bbf2
SHA-256: 9609958f0c6c0b74bdfe475e1c838319973da00cede6c8ae3aeaa032a08d1f39
 
x86_64:
libsmbclient-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: 39be25b57a8e7fa64a9aa21bc2ee127e
SHA-256: 6053b4dfc3b6d8ec83300ac500a9ab4695a3cac4fd43ac6e1001be1303b83f19
libsmbclient-3.0.33-3.37.el5.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: 2c53fa6e3c33bbd340eb5afd370dc48b
SHA-256: adb775ae4d00d03c63c65ce34f80ee58419ea670440c4d740a5522046a0a6a8a
samba-3.0.33-3.37.el5.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: ee5c52113c4bc185dfb894f841114192
SHA-256: 0003f9a30df2c7fcb6c4f9ca28d82ddbdb875c8d1b47b0b4ed77d925ef2cacd3
samba-client-3.0.33-3.37.el5.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: f26ef2ff15a43b18a116bd72e58eb8f5
SHA-256: 6b9bc0000a57faca5f0ea114260f78d75a5dac4b2ce35cc872c84443fb99b7e1
samba-common-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: 72da046fda8e97afae276fc93efae4df
SHA-256: 913c85574639bdf3a186636aea9f8074fdb741362876591f8f7ba5aa63fadb78
samba-common-3.0.33-3.37.el5.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: d55b5c0950ec1c0252a3276ea61cafae
SHA-256: d19e19641203fc2b7514e054f699b5194ed4532f40310fd2c1a381c78871134d
samba-debuginfo-3.0.33-3.37.el5.i386.rpm
File outdated by:  RHSA-2014:0305
    MD5: f632546842b140a5bda583808cd66f1f
SHA-256: 37f8d516afdf72e44f4cc4c3f5d20ef3f3ffae6e2a7265914773d9ac294fb1df
samba-debuginfo-3.0.33-3.37.el5.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: 6b861cfee7d31f40ea76dcab076ca0e3
SHA-256: 6a2c49639816127adcf3ef9041a311a67626388350e3c568783db8f92e435839
samba-swat-3.0.33-3.37.el5.x86_64.rpm
File outdated by:  RHSA-2014:0305
    MD5: eb990e04a3b87f6c21e97a5170497bee
SHA-256: b3646d422f9c499dd5af21baa2ec52d8cadd49cd3764a9e85ddadedb2e758a57
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

562568 - CVE-2010-0926 samba: insecure "wide links" default


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/