[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debian-users:43498] [Translate] [SECURITY] [DSA 701-2] New samba packages fix correct sporadic crash



かねこです。
URL 等は Debian-security-announce メーリングリストの元記事を確認
ください。

------>8------------>8------------>8------------>8------------>8-
- --------------------------------------------------------------------------
Debian Security Advisory DSA 701-2                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
April 21st, 2005                        http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : samba
Vulnerability  : 整数オーバフロー
Problem-Type   : リモート
Debian-specific: いいえ
CVE ID         : CAN-2004-1154
CERT advisory  : VU#226184
Debian Bug     : 302378

最新の Samba のセキュリティアップデートにより、リロード時にデーモンがクラ
ッシュすることが発見されました。Samba は GNU/Linux および Unix 系のシステ
ムで LanManager 相当の機能を提供するファイル・プリンタサーバです。この勧
告はこの問題の修正です。参考までに元の勧告を再掲しておきます。

  Greg MacManus さんにより、Samba の smb デーモンに整数オーバフローが発見
  されました。Samba は GNU/Linux および Unix 系のシステムで LanManager 相
  当の機能を提供するファイル・プリンタサーバです。アクセス制御ディスクリプ
  タをとても大量に要求することによりサーバ上で整数オーバフローを引き起こす
  ことが可能で、この結果 root 権限で任意のコードの実行が可能です。上流の開
  発者によりこれ以外の整数オーバフローの可能性も発見されており、そちらも修
  正されています。

安定版 (stable) ディストリビューション (woody) では、この問題はバージョン
2.2.3a-15 で修正されています。

不安定版 (unstable) ディストリビューション (sid) には、この新たな問題はあ
りません。

直ぐに samba パッケージをアップグレードすることを勧めます。

アップグレード手順
------------------

wget url
	でファイルを取得できます。
dpkg -i file.deb
        で参照されたファイルをインストールできます。

を用いて、apt-get パッケージマネージャに以下記載の sources.list を与えて
次のコマンドを使ってください。

apt-get update
        これは内部データベースを更新します。
apt-get upgrade
        これで修正されたパッケージをインストールします。

本メールのフッタ記載の設定を自ホストの設定に加えることにより、自動更新を
行うこともできます。

Debian GNU/Linux 3.0 愛称 woody
- ------------------------------------

  ソースアーカイブ:

    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15.dsc
      Size/MD5 checksum:      771 a830503053c010eaf927e278aa9bee46
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15.diff.gz
      Size/MD5 checksum:   128578 5019368376bf7e7021d6fac84b4ebb41
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a.orig.tar.gz
      Size/MD5 checksum:  5460531 b6ec2f076af69331535a82b586f55254

  Architecture independent components:

    http://security.debian.org/pool/updates/main/s/samba/samba-doc_2.2.3a-15_all.deb
      Size/MD5 checksum:  2447132 bddbd51cdb1ad5caa110da59fa1befd7

  Alpha architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_alpha.deb
      Size/MD5 checksum:   416810 54cc78e20583f06965d972aa6e0b44d0
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_alpha.deb
      Size/MD5 checksum:   490188 32c9b6bf5bff4bf3af118d1c1a808118
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_alpha.deb
      Size/MD5 checksum:   602016 a2036d9ed3ad444a3e659b64e28f1cd7
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_alpha.deb
      Size/MD5 checksum:  2963274 75fd393711aece6fec0cd8b7d684f515
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_alpha.deb
      Size/MD5 checksum:  1132702 96f4c0d239636931d92c2ce2bbc08a9d
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_alpha.deb
      Size/MD5 checksum:  1159220 de33034038ebc1ed2132ab2d382ede11
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_alpha.deb
      Size/MD5 checksum:   952140 d064f7659969556065a5714672f73ed5
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_alpha.deb
      Size/MD5 checksum:   624636 7e68a5ad923d3ef9b9bc59bbb430fd4d
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_alpha.deb
      Size/MD5 checksum:  1108854 ca33ced414688e61616d8d7c446d7927

  ARM architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_arm.deb
      Size/MD5 checksum:   397722 59a8c97c404bad26b39d31eaadc4e4d5
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_arm.deb
      Size/MD5 checksum:   462276 3614ee47d7fa5c1c647528789f5d67b0
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_arm.deb
      Size/MD5 checksum:   548498 259e4f9bec3d35c1fa9114d62519d3ac
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_arm.deb
      Size/MD5 checksum:  2557616 d5c3bc06031f7e1a8f318f7044c4c065
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_arm.deb
      Size/MD5 checksum:  1024430 707cdd665ed01bd65ab3992de8ec3022
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_arm.deb
      Size/MD5 checksum:  1004790 0f101fceeb6ce6c9d0fbe04b36be629d
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_arm.deb
      Size/MD5 checksum:   833456 89b7d54917cd90ec1960e091e1bff8c6
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_arm.deb
      Size/MD5 checksum:   558620 c8a4da7264d07c97d12163e70c2340f9
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_arm.deb
      Size/MD5 checksum:   976218 86a5de52d3f680adb949606fb0837cbb

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_i386.deb
      Size/MD5 checksum:   389394 f4a558d33c67099e6ed20091b528d952
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_i386.deb
      Size/MD5 checksum:   446602 74ae7a7159f19db07094502644fcab0d
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_i386.deb
      Size/MD5 checksum:   500304 3613b9880b421a26c4ea8ba726f9c85a
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_i386.deb
      Size/MD5 checksum:  2422058 a2d6e27f58b9255ce07640eef5b591df
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_i386.deb
      Size/MD5 checksum:   993734 89419f6b2f17e8aed613c51a5ac8e9f2
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_i386.deb
      Size/MD5 checksum:   955662 52c703be64db22e2b8892477639726f2
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_i386.deb
      Size/MD5 checksum:   794894 68ec0cf3a9261b593488353ea3f18bf6
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_i386.deb
      Size/MD5 checksum:   535942 82462f0c253bbecbc0c3b4c417b66d43
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_i386.deb
      Size/MD5 checksum:   932174 8146d2161b0f204ce41147c315e82455

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_ia64.deb
      Size/MD5 checksum:   462818 69f3f879edd97b08ac8a3e52fbb95090
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_ia64.deb
      Size/MD5 checksum:   554832 730894829cff961725b2e9e1178a5e18
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_ia64.deb
      Size/MD5 checksum:   626344 0faf0298ef66970cb393c49d5b3d508e
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_ia64.deb
      Size/MD5 checksum:  3495368 c71d00d4a4fd108635c1a7010368a6dd
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_ia64.deb
      Size/MD5 checksum:  1250736 800849fa4340dca4c5d559f61857d8b0
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_ia64.deb
      Size/MD5 checksum:  1332712 1462f5a2b3afdc9a30a821ba2b3ed9f0
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_ia64.deb
      Size/MD5 checksum:  1100548 7a51e38509ddb3c2094fc0b2f4e52f30
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_ia64.deb
      Size/MD5 checksum:   696404 d2d4325e344ab644e157632b0b454345
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_ia64.deb
      Size/MD5 checksum:  1284038 5062f707960e5397cdac4f68fec8c19b

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_hppa.deb
      Size/MD5 checksum:   420670 3ebfd5f13e140892d0eee6fe2134aed2
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_hppa.deb
      Size/MD5 checksum:   491982 91a01975668c77fbf69b60ed482be911
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_hppa.deb
      Size/MD5 checksum:   590680 2b860b9aad275d8ec5861df32c54df61
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_hppa.deb
      Size/MD5 checksum:  2797958 eb8bcb58cc62d9ed95c540a32033c089
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_hppa.deb
      Size/MD5 checksum:  1082496 8446865cbb609e233211bcf717fe43c0
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_hppa.deb
      Size/MD5 checksum:  1087288 9a44929178cb8b8406690ab5220600c3
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_hppa.deb
      Size/MD5 checksum:   903440 10995cadf8ea6671d93f3ab9bdee1b23
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_hppa.deb
      Size/MD5 checksum:   590876 85832604872b8eb84f1d72e60ca69de0
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_hppa.deb
      Size/MD5 checksum:  1062142 08523479c0cd91d5f137bea51f754dd1

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_m68k.deb
      Size/MD5 checksum:   399818 6882d30a2f2ee2b99afbb32abff0020c
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_m68k.deb
      Size/MD5 checksum:   461100 db0510c04055a133dc1d5a08e738bb39
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_m68k.deb
      Size/MD5 checksum:   506028 cb718fb5103d31715445150d6272f270
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_m68k.deb
      Size/MD5 checksum:  2367368 301b09319baa600ad2e9a8ed83255471
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_m68k.deb
      Size/MD5 checksum:   983910 db09d234e5b469b859adc2f7432df9a7
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_m68k.deb
      Size/MD5 checksum:   939778 7d19988ca24410a27c7a708a61b5fe5e
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_m68k.deb
      Size/MD5 checksum:   791812 18d0a57c6ba5e717a6cc43e16af99c3e
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_m68k.deb
      Size/MD5 checksum:   525824 061bbd514f5508e9251fad7e41c7a867
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_m68k.deb
      Size/MD5 checksum:   933982 88265eacabf3d96b1aa118b7c8736db4

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_mips.deb
      Size/MD5 checksum:   396830 b5fd5ba93dd8b7c5cbf8b4708ee7ab28
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_mips.deb
      Size/MD5 checksum:   460228 1ec3f80b54e5d4aefc2e0113ebdd1711
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_mips.deb
      Size/MD5 checksum:   570762 34e0b588c7ae9c1f0f90cad60cf3f43f
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_mips.deb
      Size/MD5 checksum:  2808522 53157303f42e7b1f2de9b99912246b8b
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_mips.deb
      Size/MD5 checksum:  1080134 43ea434c339d52f4eef4e32c83b3f41d
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_mips.deb
      Size/MD5 checksum:  1090032 2a88b66106a14d31fb5887a450a1de9d
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_mips.deb
      Size/MD5 checksum:   912250 6574d75406e22c416a76ce077c31832a
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_mips.deb
      Size/MD5 checksum:   582084 67830ce3df32cfae30eb2efe7ad87a19
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_mips.deb
      Size/MD5 checksum:  1030444 60bbff9a824aa36ddbd988ee01063069

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_mipsel.deb
      Size/MD5 checksum:   392914 bc405a78273176b7efefd06170d23f46
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_mipsel.deb
      Size/MD5 checksum:   454712 a8e3b095dfd4d2f6298a16f09a506ef0
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_mipsel.deb
      Size/MD5 checksum:   563936 c555c075ec8440c9c78281f326d21e80
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_mipsel.deb
      Size/MD5 checksum:  2771190 2bfca4bb39861f5595bbaf96d79cd993
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_mipsel.deb
      Size/MD5 checksum:  1073628 b1fd732c6119078cdc0e8066657a9916
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_mipsel.deb
      Size/MD5 checksum:  1078578 ca9622d56909bb4a5ecf28f29c90637f
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_mipsel.deb
      Size/MD5 checksum:   899538 0f97803e96189613e32eb877e6ccc92f
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_mipsel.deb
      Size/MD5 checksum:   577818 e187bfb77c374b568978fc225ab953b4
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_mipsel.deb
      Size/MD5 checksum:  1017490 2f237a6102ce15885d208fa904aa1657

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_powerpc.deb
      Size/MD5 checksum:   409454 e726893d5ff7d9063fb6d2226c837bfe
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_powerpc.deb
      Size/MD5 checksum:   476696 e00e166d95f682573f10c92412dc3d3a
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_powerpc.deb
      Size/MD5 checksum:   547600 30e23d427b5b35c1f5592a92c5d77113
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_powerpc.deb
      Size/MD5 checksum:  2611044 6915f515a4643eb35fefc9d9f5370927
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_powerpc.deb
      Size/MD5 checksum:  1038358 26c7983705ed0865e3bf28fb672a8d82
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_powerpc.deb
      Size/MD5 checksum:  1023690 24cd6ad298d918caa735b0200a71a6ba
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_powerpc.deb
      Size/MD5 checksum:   853686 bb8301e5e74c4e4344ce5acb98dbd24d
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_powerpc.deb
      Size/MD5 checksum:   561654 723b8207864e0b08c296b84eea855528
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_powerpc.deb
      Size/MD5 checksum:  1003568 213b0f0b3d65b7a718eda96789b0393c

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_s390.deb
      Size/MD5 checksum:   404176 39adf5289a4ac6812cbed5205fb5b2ae
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_s390.deb
      Size/MD5 checksum:   471088 be9980bc9c633eb2c322e62034261e57
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_s390.deb
      Size/MD5 checksum:   527906 5c13cdac05e43d8985bb1487ed1668f5
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_s390.deb
      Size/MD5 checksum:  2501820 f69cee114720831c767bf134fbc28f80
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_s390.deb
      Size/MD5 checksum:  1008810 71e18ad0686d9b3fe419392066678bac
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_s390.deb
      Size/MD5 checksum:   985000 d3a2f39e1cfb19bc1370a72b7ebd4bfe
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_s390.deb
      Size/MD5 checksum:   835452 22775fa123dec008ff0203164181a28f
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_s390.deb
      Size/MD5 checksum:   538802 b5303f335182d5d84aa63bc06ee24f41
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_s390.deb
      Size/MD5 checksum:   967516 24c28a95bcbcf95fc18d39bda1fb4bff

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_2.2.3a-15_sparc.deb
      Size/MD5 checksum:   401406 9dd6197a246b2465b2cb7efe99e41285
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient_2.2.3a-15_sparc.deb
      Size/MD5 checksum:   462310 7a1ad3778872cba2f53f6c23257c09da
    http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_2.2.3a-15_sparc.deb
      Size/MD5 checksum:   525272 55b1545f1abe0f3e98d0794a8b44fb51
    http://security.debian.org/pool/updates/main/s/samba/samba_2.2.3a-15_sparc.deb
      Size/MD5 checksum:  2517506 8f53c843aa7376885ddfa084a24014f4
    http://security.debian.org/pool/updates/main/s/samba/samba-common_2.2.3a-15_sparc.deb
      Size/MD5 checksum:  1012950 244bac12471bf063b70cc6ed7dbcdf1e
    http://security.debian.org/pool/updates/main/s/samba/smbclient_2.2.3a-15_sparc.deb
      Size/MD5 checksum:   987134 af61a6e73388d03702cf016e513b93a7
    http://security.debian.org/pool/updates/main/s/samba/smbfs_2.2.3a-15_sparc.deb
      Size/MD5 checksum:   830998 17bbf913464d5a8499eb7983212cc23a
    http://security.debian.org/pool/updates/main/s/samba/swat_2.2.3a-15_sparc.deb
      Size/MD5 checksum:   544798 7b58d5da25b735a084ee851223ec2357
    http://security.debian.org/pool/updates/main/s/samba/winbind_2.2.3a-15_sparc.deb
      Size/MD5 checksum:   967886 e12469a586cf25650a09abda6e0f3df5


  これらのファイルは次の版の安定版リリース時そちらに移されます。

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
------>8------------>8------------>8------------>8------------>8
-- 
Seiji Kaneko                         skaneko@xxxxxxxxxxxx
---------------------------------------------------------