-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2010-03-18 15:08:42 UTC
-
Revision ID:
james.westby@ubuntu.com-20100318150842-ky2a686pgt36xdym
Tags: 2:3.2.3-1ubuntu3.8
* SECURITY UPDATE: arbitrary file disclosure via wide links
- debian/patches/security-CVE-2010-0926.patch: disable wide links when
UNIX extensions are enabled in source/param/loadparm.c,
source/smbd/service.c, source/smbd/trans2.c, source/smbd/vfs.c,
docs/htmldocs/manpages/smb.conf.5.html and docs/manpages/smb.conf.5.
- CVE-2010-0926
* WARNING: This changes the default samba behaviour. For security
reasons, it is no longer possible to use wide links and UNIX
extensions at the same time. After applying this security update, wide
links will be disabled automatically as UNIX extensions are turned on
by default. If wide links are required, you may re-enable them by
adding "unix extensions = no" to the [global] section of
the /etc/samba/smb.conf configuration file.