This update was a security update, with the following behavior change:
* SECURITY UPDATE: arbitrary file disclosure via wide links
- debian/patches/security-CVE-2010-0926.patch: disable wide links when
UNIX extensions are enabled in source3/include/proto.h,
source3/param/loadparm.c, source3/smbd/service.c,
source3/smbd/trans2.c, source3/smbd/vfs.c,
docs/htmldocs/manpages/smb.conf.5.html and docs/manpages/smb.conf.5.
- CVE-2010-0926
* WARNING: This changes the default samba behaviour. For security
reasons, it is no longer possible to use wide links and UNIX
extensions at the same time. After applying this security update, wide
links will be disabled automatically as UNIX extensions are turned on
by default. If wide links are required, you may re-enable them by
adding "unix extensions = no" to the [global] section of
the /etc/samba/smb.conf configuration file.
** CVE added: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2010-0926
** Changed in: samba (Ubuntu)
Status: New => Invalid
--
samba symbol link folder access denied
https://bugs.launchpad.net/bugs/551356
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in ubuntu.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
