[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debian-users:41609] [Translate] [SECURITY] [DSA 600-1] New samba packages fix arbitrary file access



かねこです。
URL 等は元記事を確認ください。

#番号は多分 560 の間違い。

------>8------------>8------------>8------------>8------------>8
- --------------------------------------------------------------------------
Debian Security Advisory DSA 600-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
October 7th, 2004                       http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : samba
Vulnerability  : 任意ファイルのアクセス
Problem-Type   : リモート
Debian-specific: いいえ
CVE ID         : CAN-2004-0815

広く使われている Unix 向け LanManager 類似のファイル/プリンタサーバ Samba
に欠陥が発見されました。リモートの攻撃者が共有で定義されたパス外に存在す
るファイルに対してアクセスすることが可能です。但し、このファイルは接続に
用いたアカウントから読める必要があります。

安定版 (stable) ディストリビューション (woody) では、この問題はバージョン
2.2.3a-14.1 で修正されています。

不安定版 (unstable) ディストリビューション (sid) には、この問題は存在しま
せん。

直ぐに samba パッケージをアップグレードすることを勧めます。

アップグレード手順
------------------

wget url
	でファイルを取得できます。
dpkg -i file.deb
        で参照されたファイルをインストールできます。

を用いて、apt-get パッケージマネージャに以下記載の sources.list を与えて
次のコマンドを使ってください。

apt-get update
        これは内部データベースを更新します。
apt-get upgrade
        これで修正されたパッケージをインストールします。

本メールのフッタ記載の設定を自ホストの設定に加えることにより、自動更新を
行うこともできます。

Debian GNU/Linux 3.0 愛称 woody
- ------------------------------------

  ソースアーカイブ:

    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1.dsc
      Size/MD5 checksum:      775 a2af736313501d6f44be6cef7cc88cbf
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1.diff.gz
      Size/MD5 checksum:   107344 bdb474462e3e9bd35625afabd07807c1
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a.orig.tar.gz
      Size/MD5 checksum:  5460531 b6ec2f076af69331535a82b586f55254

  Architecture independent components:

    http://security.debian.org/pool/updates/main/s/samba/samba-doc_2.2.3a-14.1_all.deb
      Size/MD5 checksum:  2446936 257688d1dfb6f99506cbd8a4c24cabbd

  Alpha architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_alpha.deb
      Size/MD5 checksum:   415690 b3dbf67a532d141f790a5d5219185c97
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_alpha.deb
      Size/MD5 checksum:   489684 9dcc13fa5fa2a7d7743b7983cb1469d6
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_alpha.deb
      Size/MD5 checksum:   600496 8a4794fb364f974dc3de1c8ab739ac4f
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_alpha.deb
      Size/MD5 checksum:  2956046 046da9998b8fa36ff224863c9cdf9e75
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_alpha.deb
      Size/MD5 checksum:  1131434 5ba458f4aff340332586291da917b87e
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_alpha.deb
      Size/MD5 checksum:  1156050 7da311c482e43a342cd5317cdab62d6b
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_alpha.deb
      Size/MD5 checksum:   949844 c67ce1367894b077c76239f8a84e3734
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_alpha.deb
      Size/MD5 checksum:   623068 1968db82b56c174964b4b74b50dfbd2d
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_alpha.deb
      Size/MD5 checksum:  1106942 1b0f6f783f8085cc66c2952c71ebc7ac

  ARM architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_arm.deb
      Size/MD5 checksum:   397050 1f6cdc9091bf0bcc0e71ec62135d14b5
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_arm.deb
      Size/MD5 checksum:   461594 4d4617f3583947a6dca094c65ab5af38
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_arm.deb
      Size/MD5 checksum:   547222 d387f6b71718b986a64b93a2a0917165
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_arm.deb
      Size/MD5 checksum:  2553028 9d26784f9f2ffc5ed666f2587afe611b
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_arm.deb
      Size/MD5 checksum:  1023076 da95af57afd726ed8da76b6d2e825f2e
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_arm.deb
      Size/MD5 checksum:  1002748 f96a8323c3479cafed063c310f34e4ad
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_arm.deb
      Size/MD5 checksum:   831732 38fe5c590e10af901099813254798a6b
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_arm.deb
      Size/MD5 checksum:   557864 c33197f9f9c486ee5a0fb91daa37208d
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_arm.deb
      Size/MD5 checksum:   974580 ba96e7d882ffdee927f047dc3ba92065

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_i386.deb
      Size/MD5 checksum:   388902 906276eea039d4054dd7b1b523800f78
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_i386.deb
      Size/MD5 checksum:   446362 1e09eaf629f560708ec79eec84724c05
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_i386.deb
      Size/MD5 checksum:   500072 e9c0ecdcb56cfc099f9d4120f6f57055
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_i386.deb
      Size/MD5 checksum:  2417402 540addf76a43c2750e7ffa50fef80c30
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_i386.deb
      Size/MD5 checksum:   993390 af0e79cb8541b5b4d4fdbf9719d85b02
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_i386.deb
      Size/MD5 checksum:   954172 29597c7e90f2494598b901dfabdf3b5f
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_i386.deb
      Size/MD5 checksum:   793548 3ed212184d0955c5746df428d009ce66
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_i386.deb
      Size/MD5 checksum:   535486 4dfed7deebfa5b194c6faf06dfc69c23
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_i386.deb
      Size/MD5 checksum:   930504 6fff5fe9036ef173bd203463ac1b989d

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_ia64.deb
      Size/MD5 checksum:   461722 475b5d8eb28f074377511560fe486f5c
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_ia64.deb
      Size/MD5 checksum:   553746 a75f6c475b65df643e44a040fe7e711f
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_ia64.deb
      Size/MD5 checksum:   624886 868c87d3a7d547f5b1bd5a3b59fb5b1b
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_ia64.deb
      Size/MD5 checksum:  3487698 1f5b87f988b0e6180945f5857b20f8ca
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_ia64.deb
      Size/MD5 checksum:  1248644 8bbafb3289123e119844273ad0ad2c3d
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_ia64.deb
      Size/MD5 checksum:  1328518 093f6ce6a584077e9ac22f7477a66e5b
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_ia64.deb
      Size/MD5 checksum:  1097776 b3027b1fb9ac978708992983f4aaf290
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_ia64.deb
      Size/MD5 checksum:   695522 837c034971efe3a8993471e985e6281f
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_ia64.deb
      Size/MD5 checksum:  1281666 7bcd03f536b8227da0082e18f6af130f

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_hppa.deb
      Size/MD5 checksum:   419704 b4ab9379f16d68c6d159a3729c786b91
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_hppa.deb
      Size/MD5 checksum:   491168 d2f2e84bb69a74ee4b18de1aacf69bb4
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_hppa.deb
      Size/MD5 checksum:   589502 cee18a24bec4f6b478631dcc1239570f
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_hppa.deb
      Size/MD5 checksum:  2791176 d9fba426a9a203d57b544d11e1077ee5
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_hppa.deb
      Size/MD5 checksum:  1081648 95e20e8918b294d826994e6c46da7e1b
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_hppa.deb
      Size/MD5 checksum:  1085052 dbde6a318373ef1c9af8d3880fc64369
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_hppa.deb
      Size/MD5 checksum:   901402 8485c014bc31c33b7920f019c723c7f3
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_hppa.deb
      Size/MD5 checksum:   589990 d16a1fbb42d65379fd3da176a101681e
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_hppa.deb
      Size/MD5 checksum:  1060066 25649416cb5bd76c1c13830ae8edcd3b

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_m68k.deb
      Size/MD5 checksum:   398770 d78c6f2e700781d54f9ecda6eb238526
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_m68k.deb
      Size/MD5 checksum:   459864 34dd7b9aa8208dd11eb19b8933c545f6
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_m68k.deb
      Size/MD5 checksum:   504522 2c4aa69979372d832b29d0e5827d497a
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_m68k.deb
      Size/MD5 checksum:  2355244 b94ee6ddff1475c77dd4b86dbe5c7700
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_m68k.deb
      Size/MD5 checksum:   982122 dc728b631e3a850664fd9673a3207773
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_m68k.deb
      Size/MD5 checksum:   936080 bd30699cb76f232b04a394b19e69bb48
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_m68k.deb
      Size/MD5 checksum:   788524 7f6226024eb65e088bcedec669773fda
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_m68k.deb
      Size/MD5 checksum:   524182 cb378ef731154c0b7ca083ba8498e350
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_m68k.deb
      Size/MD5 checksum:   930170 9c890313b5464e84ea94c7139e4a97da

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_mips.deb
      Size/MD5 checksum:   396162 19edb24a089ac6e83afa6a8f10a72f32
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_mips.deb
      Size/MD5 checksum:   459410 bf32361476e1532c939e3a8ad564ee91
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_mips.deb
      Size/MD5 checksum:   569610 84f1ef40e4f77b3860797bbfd4598bf5
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_mips.deb
      Size/MD5 checksum:  2803536 72f070e84bdb57ad3c5d06265342c1f2
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_mips.deb
      Size/MD5 checksum:  1078344 e7d8ab8e476d21041102c81523d05df5
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_mips.deb
      Size/MD5 checksum:  1088376 025c89d9df75d98d5d618c6989d6d71c
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_mips.deb
      Size/MD5 checksum:   910504 ad6825b95aa8c43613c7029ff7bd7540
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_mips.deb
      Size/MD5 checksum:   581202 cd464144a77cfab1735eb6e196d5529a
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_mips.deb
      Size/MD5 checksum:  1027882 f4495e4d24ee836702ca1fb302f40782

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_mipsel.deb
      Size/MD5 checksum:   392240 9dff38afb6e7c7e02b1261a52de65baa
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_mipsel.deb
      Size/MD5 checksum:   453984 7abcc75b570fdd0b20d5eb2f39423845
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_mipsel.deb
      Size/MD5 checksum:   562514 d557482aa96c5a8ecfc71017997ba025
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_mipsel.deb
      Size/MD5 checksum:  2763974 1203017d0285886c0aa77f82f6ffe070
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_mipsel.deb
      Size/MD5 checksum:  1071496 9e3b73ac5224413d88d245197a03c37b
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_mipsel.deb
      Size/MD5 checksum:  1075858 7579097440fcdf9db5e4ebbf977aa964
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_mipsel.deb
      Size/MD5 checksum:   897104 09661520c88567906c735dbea2d4bcd9
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_mipsel.deb
      Size/MD5 checksum:   576680 0ae70f3114073659582ad0f0fee9e756
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_mipsel.deb
      Size/MD5 checksum:  1015166 679691391af10ae66a6b49e30dad383d

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_powerpc.deb
      Size/MD5 checksum:   408898 80fd1077e68d809732b4a9cbed09e330
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_powerpc.deb
      Size/MD5 checksum:   475756 d77bfe732ac15518f0c1b401f790328a
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_powerpc.deb
      Size/MD5 checksum:   546358 e1b192f4269192c370e9da96b6b38388
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_powerpc.deb
      Size/MD5 checksum:  2607540 be1ca9d87728d44d5ce6080cd10a57e4
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_powerpc.deb
      Size/MD5 checksum:  1036772 a38fefa9ce598ce4270334737c158107
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_powerpc.deb
      Size/MD5 checksum:  1021596 43e0b626d06badd64d8cb901d6581ceb
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_powerpc.deb
      Size/MD5 checksum:   852636 746e13c82c1b29bf25f3c22ffd278cb3
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_powerpc.deb
      Size/MD5 checksum:   561004 ea2ded10c59a8e6dcb1c7a2888e3a941
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_powerpc.deb
      Size/MD5 checksum:  1001804 7d683d7359587cce2ae19d64494934d7

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_s390.deb
      Size/MD5 checksum:   403274 ad2001b54eaadb2a7259c36b2e2a0d75
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_s390.deb
      Size/MD5 checksum:   470064 bfccfe495177f91125c7385b74ab5f93
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_s390.deb
      Size/MD5 checksum:   526738 26190e2be1b643431d98165ac06e2c63
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_s390.deb
      Size/MD5 checksum:  2496222 51a182dc51d5a0752f995188716ee163
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_s390.deb
      Size/MD5 checksum:  1008300 43c82f3ea0952decd6798d9a59c36c3f
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_s390.deb
      Size/MD5 checksum:   982812 f7fae37ce569a2588dab37056fae6644
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_s390.deb
      Size/MD5 checksum:   833368 610ed462aa4b1d30d513b1015ef99b79
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_s390.deb
      Size/MD5 checksum:   537872 88905dabb2531bf8fdd6087715ad2b75
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_s390.deb
      Size/MD5 checksum:   965790 e5fa1a609806e9725db2f6b3b8fb0df8

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-14.1_sparc.deb
      Size/MD5 checksum:   400606 71e121da43b0929b596c4b12668c67c8
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-14.1_sparc.deb
      Size/MD5 checksum:   461986 1ff6cf7a85de91d60b7323d282cabe92
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-14.1_sparc.deb
      Size/MD5 checksum:   523958 ff18c36c4b095cd42adc5895f0301e6c
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-14.1_sparc.deb
      Size/MD5 checksum:  2513630 66e293e366625e121718521fd989647b
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-14.1_sparc.deb
      Size/MD5 checksum:  1011418 e9308d07b2cb7f0d9cb4f73de3a4dad9
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-14.1_sparc.deb
      Size/MD5 checksum:   985474 fa7b07fd1a8320123b09b25aebd6fa7c
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-14.1_sparc.deb
      Size/MD5 checksum:   829604 e27e3024f72fec8d5bc17466849a0c2d
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-14.1_sparc.deb
      Size/MD5 checksum:   543734 18c8d40673cde04dd6c38f3ee592d3fd
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-14.1_sparc.deb
      Size/MD5 checksum:   964528 88816d5c74bdc056857a57ccb3d58fde

  これらのファイルは次の版の安定版リリース時そちらに移されます。

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
------>8------------>8------------>8------------>8------------>8
-- 
Seiji Kaneko                         skaneko@xxxxxxxxxxxx
---------------------------------------------------------