[Samba] ctdb, raw sockets and CVE-2015-8543

Amitay Isaacs amitay at gmail.com
Tue Feb 2 02:45:25 UTC 2016

On Tue, Feb 2, 2016 at 3:14 AM, Adi Kriegisch <adi at cg.tuwien.ac.at> wrote:

> Hi!
> >      Removing htons() from both calls seems to fix the issue for us. Is
> it
> >      possible that the call to htons is just wrong and should be removed?
> [...]
> >    Thanks for reporting the issue.  Yes, htons() in socket() call is
> wrong
> >    and should be removed.
> >
> >    Can you create a bug report on [3]bugzilla.samba.org against CTDB?
> Done. See https://bugzilla.samba.org/show_bug.cgi?id=11705
Thanks.  I will make sure the fixes go in to various ctdb releases. 4.4.x,
4.3.x and 4.2.x.

Are you still using CTDB 2.5.x?  There will not be any more development for
2.5.x and I recommend you switch to latest 4.3.x samba/ctdb releases.


More information about the samba mailing list