[Samba] Patch(es) and task list to resolve CVE-2015-0240 for version 3.6.23 on Solaris
Golden, Rick (DTMB)
GoldenR at michigan.gov
Thu Mar 19 11:59:04 MDT 2015
Tom,
Thank you for your quick response .. I have downloaded version 3.6.25 .. and looking into (reading) the instlall process.
Tks
rG
-----Original Message-----
From: Thomas Schulz [mailto:schulz at adi.com]
Sent: Thursday, March 19, 2015 1:16 PM
To: Golden, Rick (DTMB); samba at lists.samba.org
Subject: [Samba] Patch(es) and task list to resolve CVE-2015-0240 for version 3.6.23 on Solaris
>
> Good morning.
>
> I am looking to resolve the above vulnerability on our T-4 Solaris boxes. I have not worked or patch Samba before and not sure of the process.
>
> When I find and apply the patch will it resolve the issue on the version that we are running or do I need to bring our current version more up to date?
>
> Any assistance would be greatly appreciated.
>
> Tks in advance.
> rG
>
> Database Administrator
Patches are applied to the souece code and are only applicable if you have built your copy of samba from source. The available patch is ment to patch Samba 3.6.24 but in fact will work with 3.6.23.
But, Samba 3.6.23 has several other security issues. Upgrading to Samba 3.6.25 might be the better option.
If you have not built Samba from source and do not want to try doing that now, you should try to find a pre-built Samba 3.6.25. No configuration changes should be necessary.
Tom Schulz
Applied Dynamics Intl.
schulz at adi.com
More information about the samba
mailing list