A follow up to this original
story about the security holes in Samba (as it is shipped with
Red Hat Linux), here is a new note from Red Hat today:
-----BEGIN PGP SIGNED MESSAGE-----
Following our announcement yesterday about new samba packages being
available for our 5.2 release we have received reports that samba packages
available for older releases of Red Hat Linux might be vulnerable as well.
As a result of this concern we are making available new samba packages for
all supported releases of Red Hat Linux. We apologize for not doing so
yesterday, when we tried to address a specific reported vulnerability.
Once again we express our thanks to Andrew Tridgell and the Samba team for
their assistance in addressing this problem.
All Red Hat linux users should upgrade to the new packages available from
our updates site:
Red Hat Linux 4.2:
==================
alpha:
rpm -Uvh ftp://updates.redhat.com/4.2/alpha/samba-1.9.18p10-0.alpha.rpm
i386:
rpm -Uvh ftp://updates.redhat.com/4.2/i386/samba-1.9.18p10-0.i386.rpm
sparc:
rpm -Uvh ftp://updates.redhat.com/4.2/sparc/samba-1.9.18p10-0.sparc.rpm
Source rpm:
rpm -Uvh ftp://updates.redhat.com/4.2/SRPMS/samba-1.9.18p10-0.src.rpm
Red Hat Linux 5.0, 5.1 and 5.2:
===============================
alpha:
rpm -Uvh ftp://updates.redhat.com/5.2/alpha/samba-1.9.18p10-5.alpha.rpm
i386:
rpm -Uvh ftp://updates.redhat.com/5.2/i386/samba-1.9.18p10-5.i386.rpm
sparc:
rpm -Uvh ftp://updates.redhat.com/5.2/sparc/samba-1.9.18p10-5.sparc.rpm
Source rpm:
rpm -Uvh ftp://updates.redhat.com/5.2/SRPMS/samba-1.9.18p10-5.src.rpm
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBNlHLrvGvxKXU9NkBAQHkNQP/YHDfUptXNXl7iKi+gokoA5FJCLASDntg
6Bx+OI2hPHnDOvHK8xbpnRv1lIiLGh2eDdb29Su+Hx8B1JpvlqAxMdcT6sP2vetm
dmWaEA0+Ppty+gnXNj3Vt6P8GeJnuxWO7P/qMd9bL15uP3Ji4ykdTG3SjW/wNTxv
kjzMeEvALEM=
=QnNe
-----END PGP SIGNATURE-----