svn commit: samba-web r1193 - in trunk: . history security
jerry at samba.org
jerry at samba.org
Wed May 28 14:51:45 GMT 2008
Author: jerry
Date: 2008-05-28 14:51:43 +0000 (Wed, 28 May 2008)
New Revision: 1193
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba-web&rev=1193
Log:
Annmouncing 3.0.30
Added:
trunk/history/samba-3.0.30.html
trunk/security/CVE-2008-1105.html
Modified:
trunk/header_columns.html
trunk/history/security.html
trunk/index.html
Changeset:
Modified: trunk/header_columns.html
===================================================================
--- trunk/header_columns.html 2008-05-27 14:33:50 UTC (rev 1192)
+++ trunk/header_columns.html 2008-05-28 14:51:43 UTC (rev 1193)
@@ -130,9 +130,9 @@
<div class="releases">
<h4>Current Stable Release</h4>
<ul>
- <li><a href="/samba/ftp/stable/samba-3.0.29.tar.gz">Samba 3.0.29 (gzipped)</a></li>
- <li><a href="/samba/history/samba-3.0.29.html">Release Notes</a></li>
- <li><a href="/samba/ftp/stable/samba-3.0.29.tar.asc">Signature</a></li>
+ <li><a href="/samba/ftp/stable/samba-3.0.30.tar.gz">Samba 3.0.30 (gzipped)</a></li>
+ <li><a href="/samba/history/samba-3.0.30.html">Release Notes</a></li>
+ <li><a href="/samba/ftp/stable/samba-3.0.30.tar.asc">Signature</a></li>
</ul>
<h4>Historical</h4>
Added: trunk/history/samba-3.0.30.html
===================================================================
--- trunk/history/samba-3.0.30.html 2008-05-27 14:33:50 UTC (rev 1192)
+++ trunk/history/samba-3.0.30.html 2008-05-28 14:51:43 UTC (rev 1193)
@@ -0,0 +1,54 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+<title>Samba - Release Notes Archive</title>
+</head>
+
+<body>
+
+ <H2>Samba 3.0.30 Available for Download</H2>
+
+<p>
+<pre>
+ ===============================
+ Release Notes for Samba 3.0.30
+ May 28, 2008
+ ===============================
+
+This is a security release in order to address CVE-2008-1105 ("Boundary
+failure when parsing SMB responses can result in a buffer overrun").
+
+ o CVE-2008-1105
+ Specifically crafted SMB responses can result in a heap overflow
+ in the Samba client code. Because the server process, smbd, can
+ itself act as a client during operations such as printer notification
+ and domain authentication, this issue affects both Samba client
+ and server installations.
+
+The original security announcement for this and past advisories can
+be found http://www.samba.org/samba/security/
+
+
+######################################################################
+Changes
+#######
+
+Changes since 3.0.29
+--------------------
+
+o Jeremy Allison <jra at samba.org>
+ * Fix for CVE-2008-1105.
+
+
+o Karolin Seeger <kseeger at samba.org>
+ * Remove man pages for ldb tools not included in Samba 3.0.
+</pre>
+
+<p>Please refer to the original <a href="/samba/history/samba-3.0.29.html">Samba
+3.0.29 Release Notes</a> for more details regarding changes i
+previous releases.</p>
+</body>
+</html>
+
Property changes on: trunk/history/samba-3.0.30.html
___________________________________________________________________
Name: svn:executable
+ *
Modified: trunk/history/security.html
===================================================================
--- trunk/history/security.html 2008-05-27 14:33:50 UTC (rev 1192)
+++ trunk/history/security.html 2008-05-28 14:51:43 UTC (rev 1193)
@@ -21,7 +21,17 @@
<td><em>Details</em></td>
</tr>
+
<tr>
+ <td>29 May 2008</td>
+ <td><a href="/samba/ftp/patches/security/samba-3.0.29-CVE-2008-1105.patch">patch for Samba 3.0.29</a></td>
+ <td>Boundary failure when parsing SMB responses</td>
+ <td>Samba 3.0.0 - 3.0.29</td>
+ <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105">CVE-2008-1105</a></td>
+ <td><a href="/samba/security/CVE-2008-1105.html">Announcement</a></td>
+ </tr>
+
+ <tr>
<td>10 Dec 2007</td>
<td><a href="/samba/ftp/patches/security/samba-3.0.27a-CVE-2007-6015.patch">patch for Samba 3.0.27a</a></td>
<td>Remote Code Execution in Samba's nmbd (send_mailslot())</td>
Modified: trunk/index.html
===================================================================
--- trunk/index.html 2008-05-27 14:33:50 UTC (rev 1192)
+++ trunk/index.html 2008-05-28 14:51:43 UTC (rev 1193)
@@ -19,6 +19,23 @@
<h2>Current Release</h2>
+ <h4><a name="stable">28 May 2008</a></h4>
+ <p class="headline">Samba 3.0.30 Available for Download</p>
+
+ <p>This is a security release to address CVE-2008-1105. The
+ <a href="/samba/security/CVE-2008-1105.html">original advisory</a>
+ is available online. A <a href="/samba/ftp/patches/security/samba-3.0.29-CVE-2008-1105.patch">patch
+ for Samba 3.0.29</a> is available. This security advisory is applicable to all Samba 3.0.x
+ releases to date. Past security advisories are available on our
+ <a href="/samba/security/">security page</a>.</p>
+
+ <p>The uncompressed tarballs and patch files have been signed
+ using GnuPG (ID 6568B7EA). The source code can be
+ <a href="/samba/ftp/stable/samba-3.0.30.tar.gz">downloaded
+ now</a>. See <a href="/samba/history/samba-3.0.30.html">the
+ release notes for more info</a>.</p>
+
+
<h4><a name="latest">23 May 2008</a></h4>
<p class="headline">Samba 3.2.0rc1 Available for Download</p>
@@ -40,21 +57,6 @@
<a href="/samba/ftp/Binary_Packages/">Binary_Packages download area</a>.</p>
- <h4><a name="stable">21 May 2008</a></h4>
- <p class="headline">Samba 3.0.29 Available for Download</p>
-
- <p>This is the latest bug fix release for Samba 3.0 and is the
- version recommended for all production Samba servers. Among other
- fixes and enhancements, this release address some interoperability
- problems with Windows 2008, interdomain trusts, and SMB/CIFS
- protocol correctness issues.</p>
-
- <p>The uncompressed tarballs and patch files have been signed
- using GnuPG (ID 6568B7EA). The source code can be
- <a href="/samba/ftp/stable/samba-3.0.29.tar.gz">downloaded
- now</a>. See <a href="/samba/history/samba-3.0.29.html">the
- release notes for more info</a>.</p>
-
<h4>15 April 2008</h4>
<p class="headline">Samba 4.0.0alpha3 Available for Download</p>
Added: trunk/security/CVE-2008-1105.html
===================================================================
--- trunk/security/CVE-2008-1105.html 2008-05-27 14:33:50 UTC (rev 1192)
+++ trunk/security/CVE-2008-1105.html 2008-05-28 14:51:43 UTC (rev 1193)
@@ -0,0 +1,78 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+<title>Samba - Security Announcement Archive</title>
+</head>
+
+<body>
+
+ <H2>CVE-2008-1105: Boundary failure when parsing SMB responses can result in a buffer overrun</H2>
+
+<p>
+<pre>
+==========================================================
+== Subject: Boundary failure when parsing SMB responses
+== can result in a buffer overrun
+==
+== CVE ID#: CVE-2008-1105
+==
+== Versions: Samba 3.0.0 - 3.0.29 (inclusive)
+==
+== Summary: Specifically crafted SMB responses can result
+== in a heap overflow in the Samba client code.
+== Because the server process, smbd, can itself
+== act as a client during operations such as
+== printer notification and domain authentication,
+== this issue affects both Samba client and server
+== installations.
+==
+==========================================================
+
+===========
+Description
+===========
+
+Secunia Research reported a vulnerability that allows for
+the execution of arbitrary code in smbd. This defect is
+is a result of an incorrect buffer size when parsing SMB
+replies in the routine receive_smb_raw().
+
+
+==================
+Patch Availability
+==================
+
+A patch addressing this defect has been posted to
+
+ http://www.samba.org/samba/security/
+
+Additionally, Samba 3.0.30 has been issued as a security
+release to correct the defect. Samba administrators are
+advised to upgrade to 3.0.30 or apply the patch as soon
+as possible.
+
+
+=======
+Credits
+=======
+
+This vulnerability was reported to Samba developers by
+Alin Rad Pop, Secunia Research.
+
+The time line is as follows:
+
+* May 15, 2008: Initial report to security at samba.org.
+* May 15, 2008: First response from Samba developers confirming
+ the bug along with a proposed patch.
+* May 28, 2008: Public security advisory made available.
+
+
+==========================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+==========================================================
+</pre>
+</body>
+</html>
More information about the samba-cvs
mailing list