Re: [SECURITY] [DSA 1409-2] New samba packages fix several vulnerabilities
In message <[EMAIL PROTECTED]>, Steve Kemp writes: >Package: samba >Vulnerability : several >Problem type : remote >Debian-specific: no >CVE Id(s) : CVE-2007-4572, CVE-2007-5398 >[...] >For the stable distribution (etch), these problems have been fixed in >version 3.0.24-6etch7. There doesn't appear to be a i386 package for Samba version 3.0.24-6etch7 on any of the security.debian.org servers. Only a 3.0.24-6etch6 package. AMD64 and most other architectures seem to have 3.0.24-6etch7 and not 3.0.24-6etch6 packages. According to the change log this means that one regression is missing in the i386 packages (6etch6): -=- cut here -=- samba (3.0.24-6etch7) stable-security; urgency=low * Fix for one final regression related to the fix for CVE-2007-4572, pulled from upstream. Thanks to Santiago Garcia Mantinan <[EMAIL PROTECTED]> for catching this. -- Steve Langasek <[EMAIL PROTECTED]> Sat, 24 Nov 2007 02:17:06 -0800 -=- cut here -=- For example: -=- cut here -=- ftp> cd debian-security/pool/updates/main/s/samba/ 250 Directory successfully changed. ftp> ls samba-common*etch*i386* 227 Entering Passive Mode (128,31,0,36,95,228) 150 Here comes the directory listing. -rw-rw-r--1 1176 1176 2381022 May 30 10:30 samba-common_3.0.24-6etch4_i386.deb -rw-rw-r--1 1176 1176 2381196 Nov 15 22:35 samba-common_3.0.24-6etch5_i386.deb -rw-rw-r--1 1176 1176 2381264 Nov 23 13:25 samba-common_3.0.24-6etch6_i386.deb 226 Directory send OK. ftp> ls samba-common*etch*amd64* 227 Entering Passive Mode (128,31,0,36,172,122) 150 Here comes the directory listing. -rw-rw-r--1 1176 1176 2596688 Jun 01 07:00 samba-common_3.0.24-6etch4_amd64.deb -rw-rw-r--1 1176 1176 2595582 Nov 22 20:45 samba-common_3.0.24-6etch5_amd64.deb -rw-rw-r--1 1176 1176 2597004 Nov 24 11:05 samba-common_3.0.24-6etch7_amd64.deb 226 Directory send OK. ftp> -=- cut here -=- (But the same thing seems to be true for the entire samba suite.) Will new i386 packages be built? Or does that regression not affect i386? Ewen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Permission changes with rsync
In article <[EMAIL PROTECTED]> you wrote: > I used "rsync -av" from source to target. (O.k., I missed to > add --numeric-ids, which resulted in getting some files with numeric owners), > But other files on the target got wrong owners or groups ! So, this should > not happen, IMO ! 1. are you root? 2. what is the numeric uid on source and target? (use "ls -n") 3. on some? are those all belong to one user or dot files or existing/non existing= 4. can you manually change the ownership? (what is the filesystem type, does it allow userids?) Gruss Bernd -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [SECURITY] [DSA 1400-1] New perl packages fix arbitrary code execution
Florian Weimer escribió: > > Debian Security Advisory DSA-1400-1 [EMAIL PROTECTED] > http://www.debian.org/security/ Florian Weimer > November 6th, 2007http://www.debian.org/security/faq > > > Package: perl > Vulnerability : heap overflow > Problem type : local (remote) > Debian-specific: no > CVE Id(s) : CVE-2007-5116 > Ahora si está aplicados en todos los equipos, y en Kayumari que era el mas comprometido... -- Operaciones. DECIDIR Argentina Movil: 1568583603 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Permission changes with rsync
Dear security team, I just discovered, that rsync to an encrypted filesystem seem to change owners and groups on some files. I used "rsync -av" from source to target. (O.k., I missed to add --numeric-ids, which resulted in getting some files with numeric owners), But other files on the target got wrong owners or groups ! So, this should not happen, IMO ! I still have the source available on another host. Is there a way, to correct all owners ansd groups at the target without changing the files ? I tried "rsync -rog --existing --ignore-existing" with no sucess. Tahbk you very much for your help ! Regards Hans -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]