[pca] Oracle samba patch for samba CVE-2015-0240

McGraw, Robert P rmcgraw at purdue.edu
Thu Mar 5 15:01:39 CET 2015


FYIW

I talked to oracle support and was told that oracle was working on a patch for this problem. No information as to when it will be released.

Robert

-----------

https://www.samba.org/samba/security/CVE-2015-0240 shows the following in the header


CVE-2015-0240.html:

===========================================================
== Subject:     Unexpected code execution in smbd.
==
== CVE ID#:     CVE-2015-0240
==
== Versions:    Samba 3.5.0 to 4.2.0rc4
==
== Summary:     Unauthenticated code execution attack on
==              smbd file services.
==
===========================================================


The latest samba patch is 119758-33, but not sure what version of samba this will be.

Pca –r 119758-33 give the following header info.


Keywords: security ldap upgrade services samba man pages

Synopsis: SunOS 5.10_x86: Samba patch

Date: Sep/12/2014


Does anyone know what version number of samba when I install patch 119758-33?


Does anyone know if this patch number fixed the above samba problem or is there another patch that needs to be added or is added by another patch ID?


Thanks


Robert







-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.univie.ac.at/pipermail/pca/attachments/20150305/6d3d81b9/attachment.html>


More information about the pca mailing list