Hi Robert, Solaris patch 119758-33 was released September 2014. I would say it therefore does not fix vulnerability CVE-2015-0240.
Regards, Susie From: pca [mailto:[email protected]] On Behalf Of McGraw, Robert P Sent: Friday, 27 February 2015 4:59 AM To: [email protected] Subject: [pca] Oracle samba patch for samba CVE-2015-0240 https://www.samba.org/samba/security/CVE-2015-0240 shows the following in the header CVE-2015-0240.html: =========================================================== == Subject: Unexpected code execution in smbd. == == CVE ID#: CVE-2015-0240 == == Versions: Samba 3.5.0 to 4.2.0rc4 == == Summary: Unauthenticated code execution attack on == smbd file services. == =========================================================== The latest samba patch is 119758-33, but not sure what version of samba this will be. Pca -r 119758-33 give the following header info. Keywords: security ldap upgrade services samba man pages Synopsis: SunOS 5.10_x86: Samba patch Date: Sep/12/2014 Does anyone know what version number of samba when I install patch 119758-33? Does anyone know if this patch number fixed the above samba problem or is there another patch that needs to be added or is added by another patch ID? Thanks Robert
