You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa cifs-utils

Sigurnosni nedostatak programskog paketa cifs-utils

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2014-05-06 20:43:37

Name : cifs-utils
Product : Fedora 20
Version : 6.3
Release : 2.fc20
Summary : Utilities for mounting and managing CIFS mounts
Description :
The SMB/CIFS protocol is a standard file sharing protocol widely deployed
on Microsoft Windows machines. This package contains tools for mounting
shares on Linux using the SMB/CIFS protocol. The tools in this package
work in conjunction with support in the kernel to allow one to mount a
SMB/CIFS share onto a client and use it as if it were a standard Linux
file system.

Update Information:

Update to the latest available sources upstream. The included bug fixes fix a stack overflow issue in pam_cifscreds and also add better error handling to functions used by pam_cifscreds.

* Tue May 6 2014 Sachin Prabhu <> 6.3-2
– autoconf: allow PAM security install directory to be configurable
– cifs: use krb5_kt_default() to determine default keytab location
– cifskey: better use snprintf()
– cifscreds: better error handling when key_search fails
– cifscreds: better error handling for key_add
* Thu Jan 9 2014 Jeff Layton <> 6.3-1
– update to 6.3 release
* Fri Dec 13 2013 Jeff Layton <> 6.2-5
– fix linking of wbclient
– add pam_cifscreds module and manpage

[ 1 ] Bug #1086226 – cifs-utils: stack-based buffer overflow flaw in pam_cifscreds [fedora-all]

This update can be installed with the “yum” update program. Use
su -c ‘yum update cifs-utils’ at the command line.
For more information, refer to “Managing Software with yum”,
available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list

AutorMarko Stanec
Cert idNCERT-REF-2014-05-0017-ADV
More in Preporuke
Ranjivost programskog paketa openssl

Otkrivena je ranjivost u programskom paketu openssl za FreeBSD. Ranjivost je posljedica dereferenciranja NULL pokazivača u funkciji so_ssl3_write(), što napadaču...