Site Navigation:
security samba-4.1.3-2.fc20 critical path security update
Status:stable
Release: Fedora 20
Update ID: FEDORA-2013-23177
Builds: samba-4.1.3-2.fc20 (logs)
Pushed: True
Date Submitted: 2013-12-10 17:54:44
Date Released: 2013-12-11 16:30:05
Submitter: gd
Karma: 3
Stable karma: 3
Unstable karma: -3
Details

Fix NULL pointer derreference in winbind debug message. Update to version 4.1.3 which fixes two security bugs.

Bugs Fixed
1019469 - Losing network connection causes segfault in winbindd
1039454 - CVE-2013-4408: samba: Heap-based buffer overflow due to incorrect DCE-RPC fragment length field check [fedora-all]
1039500 - CVE-2012-6150: samba: pam_winbind fails open when non-existent group specified to require_membership_of [fedora-all]
Test Cases
Feedback
bodhi - 2013-12-10 17:55:18
This update has been submitted for testing by gd.
autoqa - 2013-12-10 18:06:36
AutoQA: depcheck test PASSED on i386. Result log: http://autoqa.fedoraproject.org/report/1acjl (results are informative only)
autoqa - 2013-12-10 18:19:51
AutoQA: depcheck test PASSED on x86_64. Result log: http://autoqa.fedoraproject.org/report/1ack6 (results are informative only)
bodhi - 2013-12-11 15:36:36
This update is currently being pushed to the Fedora 20 testing updates repository.
bodhi - 2013-12-11 16:46:19
This update has been pushed to testing
hreindl - 2013-12-18 00:48:42
works for me
ignatenkobrain - 2013-12-18 10:20:28
sambe works here
bodhi - 2013-12-18 10:20:30
Critical path update approved
nonamedotc - 2013-12-22 17:51:48
looks good here
bodhi - 2013-12-22 17:51:53
This update has reached the stable karma threshold and will be pushed to the stable updates repository
autoqa - 2013-12-22 18:14:16
AutoQA: upgradepath test FAILED on noarch. Result log: http://autoqa.fedoraproject.org/report/1b0i9 (results are informative only)
bodhi - 2013-12-23 18:23:15
This update is currently being pushed to the Fedora 20 stable updates repository.
bodhi - 2013-12-24 03:39:32
This update has been pushed to stable

Add a comment

Tip: Login to impact how quickly this update gets pushed or unpushed.
obfuscated letters