Leak in Samba Versions from 3.0.29
Samba versions from 3.0.29 include a security failure. Developers have released an update to fix it.
The Samba advisory indicates that the security leak resulted from a change to GNU Compiler Collection (GCC) version 4 optimization. It seems a cut-and-paste error in the range checking code can allow a malicious client to alter the Server Message Block (SMB) process to pass arbitrary memory requests back to itself.
The Samba team ran into the error during an internal code investigation. The advisory recommends an immediate patch upgrade.
Patches are available for download here. The new Samba versions, 3.2.5 and 3.0.33 already have the patches applied. The team also points to the fact that the Samba 3.2 directories are now located in the /recent directory and are no longer in an experimental state.
Issue 212/Features
Buy this issue as a PDF
News
-
GitLabs Drops Pricing after Microsoft, GitHub Acquisition
GitLabs is creating more incentives for users to switch from GitHub.
-
KDE Plasma 5.13 Is Here
The desktop environment is designed to be more resource efficient.
-
SUSE Forks Red Hat’s Spacewalk Project
SUSE relies heavily on the project for its own SUSE Manager.
-
openSUSE Leap 15 Announced
The release was announced at the openSUSE Conference in Prague, Czech Republic.
-
SoftMaker FreeOffice 2018 for Linux
SoftMaker Software GmbH has announced FreeOffice 2018, a free of cost office suite for Linux.
-
A New CentOS
Latest version of the community Linux based on Red Hat Enterprise Linux 7.5
-
Ubuntu 18.04 Released
“Bionic Beaver” comes with hardware-focused improvements and Gnome as the default shell.
-
Richard Stallman Calls Azure Sphere OS a Positive Step
Stallman is glad that Microsoft will respect user’s freedom.
-
Red Hat Enterprise Linux 7.5 Released
The latest release is focused on hybrid cloud.
-
Microsoft Releases a Linux-Based OS
The company is building a new IoT environment powered by Linux.