[Samba] ctdb, raw sockets and CVE-2015-8543
Amitay Isaacs
amitay at gmail.com
Tue Feb 2 02:45:25 UTC 2016
On Tue, Feb 2, 2016 at 3:14 AM, Adi Kriegisch <adi at cg.tuwien.ac.at> wrote:
> Hi!
>
> > Removing htons() from both calls seems to fix the issue for us. Is
> it
> > possible that the call to htons is just wrong and should be removed?
> [...]
> > Thanks for reporting the issue. Yes, htons() in socket() call is
> wrong
> > and should be removed.
> >
> > Can you create a bug report on [3]bugzilla.samba.org against CTDB?
> Done. See https://bugzilla.samba.org/show_bug.cgi?id=11705
>
>
Thanks. I will make sure the fixes go in to various ctdb releases. 4.4.x,
4.3.x and 4.2.x.
Are you still using CTDB 2.5.x? There will not be any more development for
2.5.x and I recommend you switch to latest 4.3.x samba/ctdb releases.
Amitay.
More information about the samba
mailing list