<div dir="ltr"><div class="gmail_default" style="font-family:georgia,serif">FIXED<br>Many thanks to Tobias Powalowski (tpowa) for the quick turnaround.<br></div><div class="gmail_extra"><div dir="ltr"><span style="font-family:georgia,serif"></span><span style="font-family:georgia,serif"></span></div>


<br><br><div class="gmail_quote">On Fri, Mar 14, 2014 at 12:49 PM, Billy McCann <span dir="ltr"><<a href="mailto:thebillywayne@gmail.com" target="_blank">thebillywayne@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

<div dir="ltr"><div style="font-family:georgia,serif">Bug report: <br><a href="https://bugs.archlinux.org/task/39424" target="_blank">https://bugs.archlinux.org/task/39424</a><br></div></div><div class="gmail_extra"><div class="">


<br clear="all"><div><div dir="ltr"><div><div><span style="font-family:georgia,serif">------------------------------------------</span><span style="font-family:georgia,serif"><span style="font-family:georgia,serif"><span style="font-family:georgia,serif"><font>[00(01|10)11]</font></span></span>-----------------------------------------<br>


<br><font>Billy Wayne McCann, Ph.D.<br><a href="https://plus.google.com/+BillyWayneMcCann" target="_blank">Google+</a><br></font></span></div><span style="font-family:georgia,serif"><font><a href="http://pgp.mit.edu/pks/lookup?op=get&search=0x223A2CAA56146040" target="_blank">PGP Key</a><br>


</font></span></div><div><span style="font-family:georgia,serif"><font>irc://irc.freenode.net:bwayne<br></font></span><span style="font-family:georgia,serif"><font>

</font></span><p style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px"><span style="font-family:georgia,serif">MzM0LTcwMy0wMTIyCg== | base64 -d<br></span></p><span style="font-family:georgia,serif"><font><br>


"A rich man will always desire what his wealth cannot acquire." ~ Faust (Goethe)<br></font></span></div><span style="font-family:georgia,serif"></span><br><span style="font-family:georgia,serif"></span><div><span style="font-family:georgia,serif">------------------------------------------</span><span style="font-family:georgia,serif"><span style="font-family:georgia,serif"><font>[11(10|01)00]-------</font></span>-----------------------------------</span></div>


</div></div>
<br><br></div><div><div class="h5"><div class="gmail_quote">On Fri, Mar 14, 2014 at 12:43 PM, Billy McCann <span dir="ltr"><<a href="mailto:thebillywayne@gmail.com" target="_blank">thebillywayne@gmail.com</a>></span> wrote:<br>

<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr"><div style="font-family:georgia,serif">Samba has been flagged out-of-date since <span><span>2014-03-12.  <br></span></span></div><div style="font-family:georgia,serif">

<span><span>Two CVE's were issued </span></span>2014-03-14.<br><br><div style="font-family:georgia,serif">*Solution*<br></div>Upgrade [extra] samba to 4.1.6. <br><br>
<span><span></span>*Summary*<br></span></div><div style="font-family:georgia,serif"><span>CVE-2013-4496:<br>Samba 3.x before 3.6.23, 4.0.x before 
4.0.16, and 4.1.x before 4.1.6 does not enforce the password-guessing 
protection mechanism for all interfaces, which makes it easier for 
remote attackers to obtain access via brute-force ChangePasswordUser2 
(1) SAMR or (2) RAP attempts.</span><br></div><div style="font-family:georgia,serif"><br>CVE-2013-6442<br>Samba versions 4.0.0 and above have a flaw in the smbcacls command. If
smbcacls is used with the "-C|--chown name" or "-G|--chgrp name"
command options it will remove the existing ACL on the object being
modified, leaving the file or directory unprotected.<br></div><div style="font-family:georgia,serif"><br></div><div style="font-family:georgia,serif">*Links*<br></div><div style="font-family:georgia,serif">

<a href="http://www.samba.org/samba/security/CVE-2013-4496" target="_blank">http://www.samba.org/samba/security/CVE-2013-4496</a><br><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4496" target="_blank">http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4496</a><br>



<a href="http://www.samba.org/samba/security/CVE-2013-6442" target="_blank">http://www.samba.org/samba/security/CVE-2013-6442</a><br><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6442" target="_blank">http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6442</a><br>



<br></div><div style="font-family:georgia,serif"><br></div><div style="font-family:georgia,serif"><br clear="all"></div><div><div dir="ltr"><div><div><span style="font-family:georgia,serif">------------------------------------------</span><span style="font-family:georgia,serif"><span style="font-family:georgia,serif"><span style="font-family:georgia,serif"><font>[00(01|10)11]</font></span></span>-----------------------------------------<br>



<br><font>Billy Wayne McCann, Ph.D.<br><a href="https://plus.google.com/+BillyWayneMcCann" target="_blank">Google+</a><br></font></span></div><span style="font-family:georgia,serif"><font><a href="http://pgp.mit.edu/pks/lookup?op=get&search=0x223A2CAA56146040" target="_blank">PGP Key</a><br>



</font></span></div><div><span style="font-family:georgia,serif"><font>irc://irc.freenode.net:bwayne<br></font></span><span style="font-family:georgia,serif"><font>

</font></span><p style="margin:0px;text-indent:0px"><span style="font-family:georgia,serif">MzM0LTcwMy0wMTIyCg== | base64 -d<br></span></p><span style="font-family:georgia,serif"><font><br>"A rich man will always desire what his wealth cannot acquire." ~ Faust (Goethe)<br>



</font></span></div><span style="font-family:georgia,serif"></span><br><span style="font-family:georgia,serif"></span><div><span style="font-family:georgia,serif">------------------------------------------</span><span style="font-family:georgia,serif"><span style="font-family:georgia,serif"><font>[11(10|01)00]-------</font></span>-----------------------------------</span></div>



</div></div>
</div>
</blockquote></div><br></div></div></div>
</blockquote></div><br></div></div>