[Samba] Patch(es) and task list to resolve CVE-2015-0240 for version 3.6.23 on Solaris

Thomas Schulz schulz at adi.com
Thu Mar 19 11:16:00 MDT 2015


> 
> Good morning.
> 
> I am looking to resolve the above vulnerability on our T-4 Solaris boxes. I have not worked or patch Samba before and not sure of the process.
> 
> When I find and apply the patch will it resolve the issue on the version that we are running or do I need to bring our current version more up to date?
> 
> Any assistance would be greatly appreciated.
> 
> Tks in advance.
> rG
> 
> Database Administrator

Patches are applied to the souece code and are only applicable if you
have built your copy of samba from source. The available patch is ment
to patch Samba 3.6.24 but in fact will work with 3.6.23.

But, Samba 3.6.23 has several other security issues. Upgrading to
Samba 3.6.25 might be the better option.

If you have not built Samba from source and do not want to try doing that
now, you should try to find a pre-built Samba 3.6.25. No configuration
changes should be necessary.

Tom Schulz
Applied Dynamics Intl.
schulz at adi.com


More information about the samba mailing list