Amazon Linux 1 Security Advisory: ALAS-2016-674
Advisory Release Date: 2016-03-29 15:30 Pacific
Advisory Updated Date: 2016-03-29 15:30 Pacific
A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL.
Affected Packages:
samba
Issue Correction:
Run yum update samba to update your system.
i686:
samba-test-4.2.3-12.31.amzn1.i686
samba-test-libs-4.2.3-12.31.amzn1.i686
samba-test-devel-4.2.3-12.31.amzn1.i686
samba-common-libs-4.2.3-12.31.amzn1.i686
samba-winbind-4.2.3-12.31.amzn1.i686
samba-libs-4.2.3-12.31.amzn1.i686
samba-devel-4.2.3-12.31.amzn1.i686
ctdb-devel-4.2.3-12.31.amzn1.i686
ctdb-tests-4.2.3-12.31.amzn1.i686
libsmbclient-4.2.3-12.31.amzn1.i686
samba-winbind-clients-4.2.3-12.31.amzn1.i686
samba-winbind-modules-4.2.3-12.31.amzn1.i686
samba-python-4.2.3-12.31.amzn1.i686
samba-client-libs-4.2.3-12.31.amzn1.i686
samba-4.2.3-12.31.amzn1.i686
samba-debuginfo-4.2.3-12.31.amzn1.i686
libwbclient-4.2.3-12.31.amzn1.i686
samba-client-4.2.3-12.31.amzn1.i686
samba-winbind-krb5-locator-4.2.3-12.31.amzn1.i686
samba-common-tools-4.2.3-12.31.amzn1.i686
libwbclient-devel-4.2.3-12.31.amzn1.i686
ctdb-4.2.3-12.31.amzn1.i686
libsmbclient-devel-4.2.3-12.31.amzn1.i686
noarch:
samba-pidl-4.2.3-12.31.amzn1.noarch
samba-common-4.2.3-12.31.amzn1.noarch
src:
samba-4.2.3-12.31.amzn1.src
x86_64:
samba-libs-4.2.3-12.31.amzn1.x86_64
samba-winbind-modules-4.2.3-12.31.amzn1.x86_64
samba-winbind-4.2.3-12.31.amzn1.x86_64
samba-winbind-krb5-locator-4.2.3-12.31.amzn1.x86_64
libwbclient-4.2.3-12.31.amzn1.x86_64
samba-devel-4.2.3-12.31.amzn1.x86_64
libwbclient-devel-4.2.3-12.31.amzn1.x86_64
ctdb-4.2.3-12.31.amzn1.x86_64
libsmbclient-devel-4.2.3-12.31.amzn1.x86_64
samba-winbind-clients-4.2.3-12.31.amzn1.x86_64
samba-python-4.2.3-12.31.amzn1.x86_64
ctdb-tests-4.2.3-12.31.amzn1.x86_64
libsmbclient-4.2.3-12.31.amzn1.x86_64
samba-test-4.2.3-12.31.amzn1.x86_64
samba-common-libs-4.2.3-12.31.amzn1.x86_64
samba-test-devel-4.2.3-12.31.amzn1.x86_64
ctdb-devel-4.2.3-12.31.amzn1.x86_64
samba-4.2.3-12.31.amzn1.x86_64
samba-client-libs-4.2.3-12.31.amzn1.x86_64
samba-common-tools-4.2.3-12.31.amzn1.x86_64
samba-client-4.2.3-12.31.amzn1.x86_64
samba-test-libs-4.2.3-12.31.amzn1.x86_64
samba-debuginfo-4.2.3-12.31.amzn1.x86_64