-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 ID: FINK-2004-07-24 Reported: 2004-07-13 Updated: 2004-07-24 Package: samba, samba-ldap Affected: <= 2.2.9 Maintainer: Matt Stephenson Tree(s): 10.3/stable, 10.3/unstable Mac OS X version: 10.3 Fix: upstream Updated by: forced update (dmalloc@users.sourceforge.net) Description: Buffer overrun in hash mangling method when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors. References: BUGTRAQ Ref-URL: http://marc.theaimsgroup.com/?l=bugtraq&m=109052891507263&w=2 Ref-URL: http://marc.theaimsgroup.com/?l=bugtraq&m=109051340810458&w=2 References: REDHAT Ref-URL: http://www.redhat.com/support/errata/RHSA-2004-259.html References: CVE Ref-URL: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0686 To verify the authenticity please visit http://fink.sourceforge.net/doc/security/notification.php?phpLang=en#who -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (Darwin) iD8DBQFBAvn2PMoaMn4kKR4RA9AlAJ4oYT8DdEXbnQw/6DyZ96NlYob6jACdFVZh 9DhJtiK0rIi2xziaqI+67wA= =vtEO -----END PGP SIGNATURE----- ------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ Fink-announce mailing list Fink-announce@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fink-announce --- end forwarded text -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'