Your message dated Sat, 17 Feb 2007 12:10:09 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#310982: fixed in kernel-image-2.4.27-sparc 2.4.27-9sarge5
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: smbfs
Version: 3.0.14a-1
Severity: serious
Justification: break security on upgrade
Hello Debian samba maintainers,
smbmount does not honour the uid and gid option with the sarge 2.4
kernel when the server has 'unix extensions' enabled.
The security problem is that 'unix extension' are not enabled with woody samba
server but are enabled by the upgrade to sarge (since this is the
default). At this point the bug in smbmount on the samba client allow
users on the client to access the samba share with the same permission
they would have on the server disregarding the uid/gid option passed to
smbmount.
Cheers,
--
Bill. <[EMAIL PROTECTED]>
Imagine a large red swirl here.
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.4.27-2-386
Locale: LANG=fr_FR, LC_CTYPE=fr_FR (charmap=ISO-8859-1)
--- End Message ---
--- Begin Message ---
Source: kernel-image-2.4.27-sparc
Source-Version: 2.4.27-9sarge5
We believe that the bug you reported is fixed in the latest version of
kernel-image-2.4.27-sparc, which is due to be installed in the Debian FTP
archive:
kernel-build-2.4.27-3_2.4.27-9sarge5_sparc.deb
to
pool/main/k/kernel-image-2.4.27-sparc/kernel-build-2.4.27-3_2.4.27-9sarge5_sparc.deb
kernel-headers-2.4.27-3-sparc32-smp_2.4.27-9sarge5_sparc.deb
to
pool/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3-sparc32-smp_2.4.27-9sarge5_sparc.deb
kernel-headers-2.4.27-3-sparc32_2.4.27-9sarge5_sparc.deb
to
pool/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3-sparc32_2.4.27-9sarge5_sparc.deb
kernel-headers-2.4.27-3-sparc64-smp_2.4.27-9sarge5_sparc.deb
to
pool/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3-sparc64-smp_2.4.27-9sarge5_sparc.deb
kernel-headers-2.4.27-3-sparc64_2.4.27-9sarge5_sparc.deb
to
pool/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3-sparc64_2.4.27-9sarge5_sparc.deb
kernel-headers-2.4.27-3_2.4.27-9sarge5_sparc.deb
to
pool/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3_2.4.27-9sarge5_sparc.deb
kernel-image-2.4.27-3-sparc32-smp_2.4.27-9sarge5_sparc.deb
to
pool/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-3-sparc32-smp_2.4.27-9sarge5_sparc.deb
kernel-image-2.4.27-3-sparc32_2.4.27-9sarge5_sparc.deb
to
pool/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-3-sparc32_2.4.27-9sarge5_sparc.deb
kernel-image-2.4.27-3-sparc64-smp_2.4.27-9sarge5_sparc.deb
to
pool/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-3-sparc64-smp_2.4.27-9sarge5_sparc.deb
kernel-image-2.4.27-3-sparc64_2.4.27-9sarge5_sparc.deb
to
pool/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-3-sparc64_2.4.27-9sarge5_sparc.deb
kernel-image-2.4.27-sparc_2.4.27-9sarge5.dsc
to
pool/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-sparc_2.4.27-9sarge5.dsc
kernel-image-2.4.27-sparc_2.4.27-9sarge5.tar.gz
to
pool/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-sparc_2.4.27-9sarge5.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
dann frazier <[EMAIL PROTECTED]> (supplier of updated kernel-image-2.4.27-sparc
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 5 Dec 2006 02:23:47 -0700
Source: kernel-image-2.4.27-sparc
Binary: kernel-image-2.4.27-3-sparc64 kernel-image-2.4.27-3-sparc64-smp
kernel-headers-2.4.27-3-sparc32 kernel-headers-2.4.27-3
kernel-headers-2.4.27-3-sparc32-smp kernel-build-2.4.27-3
kernel-image-2.4.27-3-sparc32-smp kernel-image-2.4.27-3-sparc32
kernel-headers-2.4.27-3-sparc64 kernel-headers-2.4.27-3-sparc64-smp
Architecture: source sparc
Version: 2.4.27-9sarge5
Distribution: stable-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: dann frazier <[EMAIL PROTECTED]>
Description:
kernel-build-2.4.27-3 - Headers for building modules for Linux 2.4.27
kernel-headers-2.4.27-3 - Header files related to Linux kernel version 2.4.27
kernel-headers-2.4.27-3-sparc32 - Header files for Linux kernel 2.4.27 on
uniprocessor 32-bit SPARC
kernel-headers-2.4.27-3-sparc32-smp - Header files for Linux kernel 2.4.27 on
multiprocessor 32-bit SPA
kernel-headers-2.4.27-3-sparc64 - Header files for Linux kernel 2.4.27 on
uniprocessor 64-bit SPARC
kernel-headers-2.4.27-3-sparc64-smp - Header files for Linux kernel 2.4.27 on
multiprocessor 64-bit SPA
kernel-image-2.4.27-3-sparc32 - Linux kernel binary image for sun4c, sun4m and
sun4d
kernel-image-2.4.27-3-sparc32-smp - Linux kernel binary image for SMP sun4m
and sun4d
kernel-image-2.4.27-3-sparc64 - Linux kernel binary image for UltraSPARC
(sparc64) systems
kernel-image-2.4.27-3-sparc64-smp - Linux kernel binary image for SMP
UltraSPARC (sparc64) systems
Closes: 310982
Changes:
kernel-image-2.4.27-sparc (2.4.27-9sarge5) stable-security; urgency=high
.
* Build against kernel-tree-2.4.27-10sarge5:
* 233_ia64-sparc-cross-region-mappings.diff
[SECURITY] Prevent cross-region mappings on ia64 and sparc which
could be used in a local DoS attack (system crash)
See CVE-2006-4538
* 234_atm-clip-freed-skb-deref.diff
[SECURITY] Avoid dereferencing an already freed skb, preventing a
potential remote DoS (system crash) vector
See CVE-2006-4997
* 235_ppc-alignment-exception-table-check.diff
[SECURITY][ppc] Avoid potential DoS which can be triggered by some
futex ops
See CVE-2006-5649
* 236_s390-uaccess-memleak.diff
[SECURITY][s390] Fix memory leak in copy_from_user by clearing the
remaining bytes of the kernel buffer after a fault on the userspace
address in copy_from_user()
See CVE-2006-5174
* 237_smbfs-honor-mount-opts.diff
Honor uid, gid and mode mount options for smbfs even when unix extensions
are enabled (closes: #310982)
See CVE-2006-5871
* 238_ppc-hid0-dos.diff
[SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on
PPC970 at boot time
See CVE-2006-4093
Files:
14ac1e3ce17cbf64bfd7a61f520cf494 3605072 base optional
kernel-image-2.4.27-3-sparc32_2.4.27-9sarge5_sparc.deb
164dc9869ea386fd3169864645d89a98 10550 devel optional
kernel-build-2.4.27-3_2.4.27-9sarge5_sparc.deb
18adb86c0d3ce5b6424b277ce2e39794 164532 devel optional
kernel-headers-2.4.27-3-sparc32_2.4.27-9sarge5_sparc.deb
cf00f7439b32b998ac35cf9bc0ba17ce 1074 devel optional
kernel-image-2.4.27-sparc_2.4.27-9sarge5.dsc
38ef858c0ff9158cf44590782f5664e0 3792788 base optional
kernel-image-2.4.27-3-sparc32-smp_2.4.27-9sarge5_sparc.deb
547fb57dd64584ee765c427d2c0554fd 204266 devel optional
kernel-headers-2.4.27-3-sparc64-smp_2.4.27-9sarge5_sparc.deb
5dfaf6a6a6e5a809a38458ef79661d3b 6385736 base optional
kernel-image-2.4.27-3-sparc64_2.4.27-9sarge5_sparc.deb
97b6ef3ce231c448687bf357daae4faf 6550182 base optional
kernel-image-2.4.27-3-sparc64-smp_2.4.27-9sarge5_sparc.deb
bb76d31c4e97594546a1ce46205627be 24784 devel optional
kernel-image-2.4.27-sparc_2.4.27-9sarge5.tar.gz
c036f26f3bb2c1a7f1acc7588b54c389 2025304 devel optional
kernel-headers-2.4.27-3_2.4.27-9sarge5_sparc.deb
c03ec973495d21f03df3f156c3dc033b 202940 devel optional
kernel-headers-2.4.27-3-sparc64_2.4.27-9sarge5_sparc.deb
d3fa63eab9ddab3f6b5db8f385ffe458 166318 devel optional
kernel-headers-2.4.27-3-sparc32-smp_2.4.27-9sarge5_sparc.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFeEiChuANDBmkLRkRAt3nAJ0a6ivJlL6hgijoQqlpgrcd5CL7fgCdGing
t8K9v2M3QpKBaH+Es53zUsc=
=hV4N
-----END PGP SIGNATURE-----
--- End Message ---