RHSA-2016:0625-2: Important: samba security update

Red Hat Enterprise Linux: An update for samba is now available for Red Hat Enterprise Linux 4 Extended
Lifecycle Support.

Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

[Updated 14 April 2016]
This advisory previously incorrectly listed the CVE-2016-2112 issue as addressed
by this update. However, this issue did not affect the samba packages on Red Hat
Enterprise Linux 4 Extended Lifecycle Support. The CVE-2016-2115 was also
incorrectly listed as addressed by this update. This issue does affect the samba
packages on Red Hat Enterprise Linux 4 Extended Lifecycle Support. Customers are
advised to use the “client signing = required” configuration option in the
smb.conf file to mitigate CVE-2016-2115. No changes have been made to the
packages.
CVE-2016-2110, CVE-2016-2111, CVE-2016-2118

Leave a Reply