Your message dated Sat, 17 Feb 2007 12:10:11 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#310982: fixed in kernel-source-2.4.27 2.4.27-10sarge5
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: smbfs
Version: 3.0.14a-1
Severity: serious
Justification: break security on upgrade
Hello Debian samba maintainers,
smbmount does not honour the uid and gid option with the sarge 2.4
kernel when the server has 'unix extensions' enabled.
The security problem is that 'unix extension' are not enabled with woody samba
server but are enabled by the upgrade to sarge (since this is the
default). At this point the bug in smbmount on the samba client allow
users on the client to access the samba share with the same permission
they would have on the server disregarding the uid/gid option passed to
smbmount.
Cheers,
--
Bill. <[EMAIL PROTECTED]>
Imagine a large red swirl here.
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.4.27-2-386
Locale: LANG=fr_FR, LC_CTYPE=fr_FR (charmap=ISO-8859-1)
--- End Message ---
--- Begin Message ---
Source: kernel-source-2.4.27
Source-Version: 2.4.27-10sarge5
We believe that the bug you reported is fixed in the latest version of
kernel-source-2.4.27, which is due to be installed in the Debian FTP archive:
kernel-doc-2.4.27_2.4.27-10sarge5_all.deb
to pool/main/k/kernel-source-2.4.27/kernel-doc-2.4.27_2.4.27-10sarge5_all.deb
kernel-patch-debian-2.4.27_2.4.27-10sarge5_all.deb
to
pool/main/k/kernel-source-2.4.27/kernel-patch-debian-2.4.27_2.4.27-10sarge5_all.deb
kernel-source-2.4.27_2.4.27-10sarge5.diff.gz
to
pool/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge5.diff.gz
kernel-source-2.4.27_2.4.27-10sarge5.dsc
to pool/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge5.dsc
kernel-source-2.4.27_2.4.27-10sarge5_all.deb
to
pool/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge5_all.deb
kernel-tree-2.4.27_2.4.27-10sarge5_all.deb
to pool/main/k/kernel-source-2.4.27/kernel-tree-2.4.27_2.4.27-10sarge5_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
dann frazier <[EMAIL PROTECTED]> (supplier of updated kernel-source-2.4.27
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 12 Nov 2006 22:17:21 -0700
Source: kernel-source-2.4.27
Binary: kernel-tree-2.4.27 kernel-source-2.4.27 kernel-patch-debian-2.4.27
kernel-doc-2.4.27
Architecture: source all
Version: 2.4.27-10sarge5
Distribution: stable-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: dann frazier <[EMAIL PROTECTED]>
Description:
kernel-doc-2.4.27 - Linux kernel specific documentation for version 2.4.27
kernel-patch-debian-2.4.27 - Debian patches to Linux 2.4.27
kernel-source-2.4.27 - Linux kernel source for version 2.4.27 with Debian
patches
kernel-tree-2.4.27 - Linux kernel source tree for building Debian kernel images
Closes: 310982
Changes:
kernel-source-2.4.27 (2.4.27-10sarge5) stable-security; urgency=high
.
* 233_ia64-sparc-cross-region-mappings.diff
[SECURITY] Prevent cross-region mappings on ia64 and sparc which
could be used in a local DoS attack (system crash)
See CVE-2006-4538
* 234_atm-clip-freed-skb-deref.diff
[SECURITY] Avoid dereferencing an already freed skb, preventing a
potential remote DoS (system crash) vector
See CVE-2006-4997
* 235_ppc-alignment-exception-table-check.diff
[SECURITY][ppc] Avoid potential DoS which can be triggered by some
futex ops
See CVE-2006-5649
* 236_s390-uaccess-memleak.diff
[SECURITY][s390] Fix memory leak in copy_from_user by clearing the
remaining bytes of the kernel buffer after a fault on the userspace
address in copy_from_user()
See CVE-2006-5174
* 237_smbfs-honor-mount-opts.diff
Honor uid, gid and mode mount options for smbfs even when unix extensions
are enabled (closes: #310982)
See CVE-2006-5871
* 238_ppc-hid0-dos.diff
[SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on
PPC970 at boot time
See CVE-2006-4093
Files:
6b7eaed1211e79eeb7822c470588dc10 900 devel optional
kernel-source-2.4.27_2.4.27-10sarge5.dsc
437a36887a3730d49c6681e163085c91 755526 devel optional
kernel-source-2.4.27_2.4.27-10sarge5.diff.gz
9535988810d9c8f3f4019720bd49a30b 710724 devel optional
kernel-patch-debian-2.4.27_2.4.27-10sarge5_all.deb
e1bbfffc57dbdfd0b9cd2d0a66a7744b 3581076 doc optional
kernel-doc-2.4.27_2.4.27-10sarge5_all.deb
28894dd804436675aedfc296a8ee4d63 31034148 devel optional
kernel-source-2.4.27_2.4.27-10sarge5_all.deb
90eb280799013da95a3c1188e8b84d50 27696 devel optional
kernel-tree-2.4.27_2.4.27-10sarge5_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFeD5OhuANDBmkLRkRAuXSAJ9WpqBz+IkV31M/p0ymE/5Yyz576ACfRLIZ
zetEQICNHfQahVr16C40gv4=
=37rX
-----END PGP SIGNATURE-----
--- End Message ---
