Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 323785 (CVE-2010-2063)

Summary: <net-fs/samba-3.3.13: Samba Memory Corruption Vulnerability (CVE-2010-2063)
Product: Gentoo Security Reporter: Matthias Geerdsen (RETIRED) <vorlon>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: andreis.vinogradovs, jer, patrick, samba
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.samba.org/samba/security/CVE-2010-2063
Whiteboard: B1 [glsa]
Package list:
Runtime testing required: ---
Bug Depends on: 290633, 331943, 332063    
Bug Blocks:    
Attachments:
Description Flags
Patch for 3.0
none
patch for 3.3 none

Description Matthias Geerdsen (RETIRED) gentoo-dev 2010-06-13 14:59:08 UTC
** Please note that this issue is confidential at the moment and no information
should be disclosed until it is made public **

The upcoming Version of Samba (scheduled June 16) will fix a vulnerability in function chain_reply() in source\smbd\process.c.

3.4.X and upwards are not affected
Comment 1 Matthias Geerdsen (RETIRED) gentoo-dev 2010-06-13 15:02:12 UTC
Created attachment 235183 [details, diff]
Patch for 3.0
Comment 2 Matthias Geerdsen (RETIRED) gentoo-dev 2010-06-13 15:02:33 UTC
Created attachment 235185 [details, diff]
patch for 3.3
Comment 3 Matthias Geerdsen (RETIRED) gentoo-dev 2010-06-13 15:05:23 UTC
Patrick, please prepare ebuilds using the patches and attach them to the bug for testing, but do not commit anything to the tree yet.

** Please note that this issue is confidential at the moment and no information
should be disclosed until it is made public **
Comment 4 Matthias Geerdsen (RETIRED) gentoo-dev 2010-06-16 20:35:04 UTC
Opening this bug, since it went public today, see $URL.

Samba team, there is still 3.0.37 in the tree, which is vulnerable and the only stable version for some arches.
Please provide an ebuild with the patches or update to the newer version.
Comment 5 Matthias Geerdsen (RETIRED) gentoo-dev 2010-06-16 20:35:31 UTC
*** Bug 324271 has been marked as a duplicate of this bug. ***
Comment 6 Víctor Ostorga (RETIRED) gentoo-dev 2010-06-18 21:07:15 UTC
I'll take a look at those patches. Actually autoconf is failing miserably with samba 3.2.15
Comment 7 Víctor Ostorga (RETIRED) gentoo-dev 2010-06-23 17:12:33 UTC
This have been fixed in samba-3.2.15-r1 and samba-3.0.37-r1
@security : please proceed
Comment 8 Tobias Heinlein (RETIRED) gentoo-dev 2010-08-02 10:57:07 UTC
Thanks, Victor. What stabilization guidelines do you use here? Do you want arches that have 3.4.x stable to stabilize the older, fixed versions as well? Please call for arches the way you want. :)
Comment 9 Christian Faulhammer (RETIRED) gentoo-dev 2010-08-04 07:28:39 UTC
(In reply to comment #8)
> Thanks, Victor. What stabilization guidelines do you use here? Do you want
> arches that have 3.4.x stable to stabilize the older, fixed versions as well?
> Please call for arches the way you want. :)

 For x86 I would like it with both versions stabilised.
Comment 10 Christian Faulhammer (RETIRED) gentoo-dev 2010-08-04 07:31:59 UTC
(In reply to comment #9)
> (In reply to comment #8)
> > Thanks, Victor. What stabilization guidelines do you use here? Do you want
> > arches that have 3.4.x stable to stabilize the older, fixed versions as well?
> > Please call for arches the way you want. :)
> 
>  For x86 I would like it with both versions stabilised.

 Correction (sorry for the bugspam): Only for the 3.0 series, as we have no 3.2 version stable.
Comment 11 Christian Faulhammer (RETIRED) gentoo-dev 2010-08-05 07:45:06 UTC
x86 stable
Comment 12 Markos Chandras (RETIRED) gentoo-dev 2010-08-06 18:08:28 UTC
amd64 done but I don't quite see the point here since 3.4.6 is already stabled
Comment 13 Raúl Porcel (RETIRED) gentoo-dev 2010-08-07 16:02:08 UTC
alpha/arm/ia64/s390/sh/sparc stable
Comment 14 Jeroen Roovers (RETIRED) gentoo-dev 2010-08-09 17:58:45 UTC
@Maintainers, security:

Please spare us arch devs from having to deduce what to do from all the clues spread through several comments, finding out what comments are actually authoritative and finally surmising what amounts to something like this:

Arch teams, please test and mark stable:
=net-fs/samba-3.0.37-r1
Target KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"
=net-fs/samba-3.2.15-r1
Target KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"
Comment 15 Víctor Ostorga (RETIRED) gentoo-dev 2010-08-09 20:13:58 UTC
(In reply to comment #14)
> @Maintainers, security:
> 
> Please spare us arch devs from having to deduce what to do from all the clues
> spread through several comments, finding out what comments are actually
> authoritative and finally surmising what amounts to something like this:
> 
> Arch teams, please test and mark stable:
> =net-fs/samba-3.0.37-r1
> Target KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"
> =net-fs/samba-3.2.15-r1
> Target KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"
> 

Sorry for being late guys, the history is as follows:

samba-3.0.37-r1 needs to be stabilized, because there is a previously stable and vulnerable ebuild for samba-3.0.37 .

samba-3.2.15-r1 does not need to be stabilized, because samba-3.2.15 is not stable.

I'm looking forward to stabilize samba-3.5.x series, but a bit of work needs to be done before that, and of course, that is another history and another bug.

In simple words, what is needed to be done for THIS bug is:
=net-fs/samba-3.0.37-r1
Target KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"
Comment 16 Brent Baude (RETIRED) gentoo-dev 2010-08-10 18:08:50 UTC
ppc64 done
Comment 17 Joe Jezak (RETIRED) gentoo-dev 2010-08-12 01:28:48 UTC
A newer version (3.4.6) was marked stable for ppc, so removing us. If we still need to do something, please let us know.
Comment 18 Alex Legler (RETIRED) archtester gentoo-dev Security 2010-08-12 20:43:29 UTC
HPPA, please go on with stabilizing 3.4.8 in bug 332063.
Comment 19 GLSAMaker/CVETool Bot gentoo-dev 2012-06-24 13:05:06 UTC
This issue was resolved and addressed in
 GLSA 201206-22 at http://security.gentoo.org/glsa/glsa-201206-22.xml
by GLSA coordinator Sean Amoss (ackle).