[Bug 978458] Re: CVE-2012-1182: "root" credential remote code execution
** Changed in: samba (Debian) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/978458 Title: CVE-2012-1182: "root" credential remote code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978458] Re: CVE-2012-1182: "root" credential remote code execution
This bug was fixed in the package samba - 2:3.6.3-2ubuntu2 --- samba (2:3.6.3-2ubuntu2) precise-proposed; urgency=low * SECURITY UPDATE: Unauthenticated remote code execution via RPC calls (LP: #978458) - debian/patches/CVE-2012-1182-1.patch: Fix PIDL compiler to generate code that uses the same value for array allocation and array length checks. Based on upstream patch. - debian/patches/CVE-2012-1182-2.patch: Regenerate PIDL generated files with the patched PIDL compiler - CVE-2012-1182 -- Tyler HicksThu, 12 Apr 2012 05:28:44 -0500 ** Changed in: samba (Ubuntu Precise) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/978458 Title: CVE-2012-1182: "root" credential remote code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978458] Re: CVE-2012-1182: "root" credential remote code execution
** Branch linked: lp:ubuntu/lucid-security/samba ** Branch linked: lp:ubuntu/oneiric-security/samba ** Branch linked: lp:ubuntu/natty-security/samba ** Branch linked: lp:ubuntu/hardy-security/samba -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/978458 Title: CVE-2012-1182: "root" credential remote code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978458] Re: CVE-2012-1182: "root" credential remote code execution
This bug was fixed in the package samba - 3.0.28a-1ubuntu4.18 --- samba (3.0.28a-1ubuntu4.18) hardy-security; urgency=low [ Steve Beattie ] * SECURITY UPDATE: unauthenticated remote code execution via RPC calls (LP: #978458) - debian/patches/security-CVE-2012-1182.patch: make variable length check be consistent with memory allocation size computation. - CVE-2012-1182 -- Tyler HicksThu, 12 Apr 2012 05:28:44 -0500 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/978458 Title: CVE-2012-1182: "root" credential remote code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978458] Re: CVE-2012-1182: "root" credential remote code execution
This bug was fixed in the package samba - 2:3.4.7~dfsg-1ubuntu3.9 --- samba (2:3.4.7~dfsg-1ubuntu3.9) lucid-security; urgency=low * SECURITY UPDATE: Unauthenticated remote code execution via RPC calls (LP: #978458) - debian/patches/CVE-2012-1182-1.patch: Fix PIDL compiler to generate code that uses the same value for array allocation and array length checks. Based on upstream patch. - debian/patches/CVE-2012-1182-2.patch: Regenerate PIDL generated files with the patched PIDL compiler - CVE-2012-1182 -- Tyler HicksThu, 12 Apr 2012 05:28:44 -0500 ** Changed in: samba (Ubuntu Hardy) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/978458 Title: CVE-2012-1182: "root" credential remote code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978458] Re: CVE-2012-1182: "root" credential remote code execution
This bug was fixed in the package samba - 2:3.5.8~dfsg-1ubuntu2.4 --- samba (2:3.5.8~dfsg-1ubuntu2.4) natty-security; urgency=low * SECURITY UPDATE: Unauthenticated remote code execution via RPC calls (LP: #978458) - debian/patches/CVE-2012-1182-1.patch: Fix PIDL compiler to generate code that uses the same value for array allocation and array length checks. Based on upstream patch. - debian/patches/CVE-2012-1182-2.patch: Regenerate PIDL generated files with the patched PIDL compiler - CVE-2012-1182 -- Tyler HicksThu, 12 Apr 2012 05:28:44 -0500 ** Changed in: samba (Ubuntu Lucid) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/978458 Title: CVE-2012-1182: "root" credential remote code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978458] Re: CVE-2012-1182: "root" credential remote code execution
This bug was fixed in the package samba - 2:3.5.11~dfsg-1ubuntu2.2 --- samba (2:3.5.11~dfsg-1ubuntu2.2) oneiric-security; urgency=low * SECURITY UPDATE: Unauthenticated remote code execution via RPC calls (LP: #978458) - debian/patches/CVE-2012-1182-1.patch: Fix PIDL compiler to generate code that uses the same value for array allocation and array length checks. Based on upstream patch. - debian/patches/CVE-2012-1182-2.patch: Regenerate PIDL generated files with the patched PIDL compiler - CVE-2012-1182 -- Tyler HicksThu, 12 Apr 2012 05:28:44 -0500 ** Changed in: samba (Ubuntu Oneiric) Status: In Progress => Fix Released ** Changed in: samba (Ubuntu Natty) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/978458 Title: CVE-2012-1182: "root" credential remote code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978458] Re: CVE-2012-1182: "root" credential remote code execution
** Branch linked: lp:ubuntu/precise-proposed/samba -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/978458 Title: CVE-2012-1182: "root" credential remote code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978458] Re: CVE-2012-1182: "root" credential remote code execution
The attachment "samba_3.6.3-2ubuntu2.debdiff" of this bug report has been identified as being a patch in the form of a debdiff. The ubuntu- sponsors team has been subscribed to the bug report so that they can review and hopefully sponsor the debdiff. In the event that this is in fact not a patch you can resolve this situation by removing the tag 'patch' from the bug report and editing the attachment so that it is not flagged as a patch. Additionally, if you are member of the ubuntu- sponsors team please also unsubscribe the team from this bug report. [This is an automated message performed by a Launchpad user owned by Brian Murray. Please contact him regarding any issues with the action taken in this bug report.] ** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/978458 Title: CVE-2012-1182: "root" credential remote code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978458] Re: CVE-2012-1182: "root" credential remote code execution
Ok, now I see that the 3.6 upstream branch places the samba3-idl target underneath 'make all', so I assume that they are now relying on the code generation to happen at build time. Can you confirm this, Jelmer? If that's the case, then we probably do want to follow that convention in our 3.6.x and later packages (currently only found in Precise). The reason is that if we don't do it at build time, but upstream does, one of their patches that we cherry-pick could theoritically need to be ran through PIDL to make proper changes. I _think_ that's the case, but I'm still not quite knowldgeable on the PIDL compiler to know for sure. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/978458 Title: CVE-2012-1182: "root" credential remote code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978458] Re: CVE-2012-1182: "root" credential remote code execution
Thanks Jelmer! You've probably already noticed, but jdstrand has sponsored it. I was wondering if we could generate the PIDL generated code at build time, but I decided against it for sake of making cherry-picking from upstream stable branches easy in the future. Upstream has reran the PIDL compiler and committed that as a change, so any new security backports that they do will be based upon the regenerated code. It seems like it would be in our best interest to follow what upstream did. Any thoughts? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/978458 Title: CVE-2012-1182: "root" credential remote code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978458] Re: CVE-2012-1182: "root" credential remote code execution
Hi Tyler, +1 on the diff, that looks good. Note that an alternative to shipping the second patch is to update the generated files from the package itself, so the diff isn't massive; this would require adding "make -C source3 samba3-idl" as part of the build step and adding libparse-yapp-perl to the build dependencies. I should be able to sponsor, though it's well past my EOD, so it might be better if somebody else could. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/978458 Title: CVE-2012-1182: "root" credential remote code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978458] Re: CVE-2012-1182: "root" credential remote code execution
Here is my proposed debdiff for Precise. I'll need a sponsor for this to make it into the release. I've built a package locally with this debdiff. I sanity checked it using the 'umt compare-log', 'umt compare-bin', and 'umt check' tools. I tested it with the reproducers from ZDI, as well as test-samba.py in the qa-regression-testing project. The reproducers were mitigated with the update and tset-samba.py passed successfully. ** Patch added: "samba_3.6.3-2ubuntu2.debdiff" https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+attachment/3054702/+files/samba_3.6.3-2ubuntu2.debdiff -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/978458 Title: CVE-2012-1182: "root" credential remote code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978458] Re: CVE-2012-1182: "root" credential remote code execution
** Also affects: samba (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: samba (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: samba (Ubuntu Natty) Importance: Undecided Status: New ** Also affects: samba (Ubuntu Oneiric) Importance: Undecided Status: New ** Changed in: samba (Ubuntu Lucid) Status: New => In Progress ** Changed in: samba (Ubuntu Lucid) Importance: Undecided => High ** Changed in: samba (Ubuntu Lucid) Assignee: (unassigned) => Tyler Hicks (tyhicks) ** Changed in: samba (Ubuntu Natty) Status: New => In Progress ** Changed in: samba (Ubuntu Natty) Importance: Undecided => High ** Changed in: samba (Ubuntu Natty) Assignee: (unassigned) => Tyler Hicks (tyhicks) ** Changed in: samba (Ubuntu Oneiric) Status: New => In Progress ** Changed in: samba (Ubuntu Oneiric) Importance: Undecided => High ** Changed in: samba (Ubuntu Oneiric) Assignee: (unassigned) => Tyler Hicks (tyhicks) ** Changed in: samba (Ubuntu Hardy) Status: New => In Progress ** Changed in: samba (Ubuntu Hardy) Importance: Undecided => High ** Changed in: samba (Ubuntu Hardy) Assignee: (unassigned) => Tyler Hicks (tyhicks) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/978458 Title: CVE-2012-1182: "root" credential remote code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978458] Re: CVE-2012-1182: "root" credential remote code execution
** Also affects: samba (Ubuntu Precise) Importance: High Assignee: Tyler Hicks (tyhicks) Status: Confirmed ** Changed in: samba (Ubuntu Precise) Milestone: None => ubuntu-12.04 ** Changed in: samba (Ubuntu Precise) Status: Confirmed => In Progress ** Tags added: rls-p-tracking -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/978458 Title: CVE-2012-1182: "root" credential remote code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978458] Re: CVE-2012-1182: "root" credential remote code execution
** Bug watch added: Red Hat Bugzilla #804093 https://bugzilla.redhat.com/show_bug.cgi?id=804093 ** Also affects: samba (CentOS) via https://bugzilla.redhat.com/show_bug.cgi?id=804093 Importance: Unknown Status: Unknown ** Bug watch added: Red Hat Bugzilla #811392 https://bugzilla.redhat.com/show_bug.cgi?id=811392 ** Also affects: samba (Fedora) via https://bugzilla.redhat.com/show_bug.cgi?id=811392 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/978458 Title: CVE-2012-1182: "root" credential remote code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978458] Re: CVE-2012-1182: "root" credential remote code execution
** Changed in: samba (Debian) Status: Unknown => New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/978458 Title: CVE-2012-1182: "root" credential remote code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978458] Re: CVE-2012-1182: "root" credential remote code execution
Thanks, Ryan! We are aware of the issue and we are currently working on an update. ** Changed in: samba (Ubuntu) Status: New => Confirmed ** Changed in: samba (Ubuntu) Assignee: (unassigned) => Tyler Hicks (tyhicks) ** Changed in: samba (Ubuntu) Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/978458 Title: CVE-2012-1182: "root" credential remote code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs