Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Warning: CVE-2017-7494: Critical Samba Vulnerability
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index News & Announcements
View previous topic :: View next topic  
Author Message
John R. Graham
Administrator
Administrator


Joined: 08 Mar 2005
Posts: 9382
Location: Somewhere over Atlanta, Georgia

PostPosted: Thu May 25, 2017 2:47 am    Post subject: Warning: CVE-2017-7494: Critical Samba Vulnerability Reply with quote

If you use Samba, see https://www.samba.org/samba/security/CVE-2017-7494.html

Testing branch samba-4.5.10 has been patched to address this vulnerability but as of this writing has not been stabilized.

Workaround: Add
Code:
nt pipe support = no
to the [global] section of your /etc/samba/smb.conf file and restart the samba service.

This message will be replaced with the GLSA when it's ready. Gentoo Bugzilla tracker is here.
_________________
I can confirm that I have received between 0 and 499 National Security Letters.
Back to top
View user's profile Send private message
John R. Graham
Administrator
Administrator


Joined: 08 Mar 2005
Posts: 9382
Location: Somewhere over Atlanta, Georgia

PostPosted: Thu Jun 01, 2017 11:15 pm    Post subject: Reply with quote

samba-4.5.10 has been stabilized on all arches except arm. With that exception, all samba users should upgrade now:
Code:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-fs/samba-4.5.10
- John
_________________
I can confirm that I have received between 0 and 499 National Security Letters.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index News & Announcements All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum