HP CIFS Server 3.0b Release Note version A.02.01.01
HP CIFS Server Release Note
Fixes in the HP CIFS Server A.02.01.01
Chapter 1 5
Fixes in the HP CIFS Server A.02.01.01
The HP CIFS Server A.02.01.01 provides the following fixes:
• Potential Integer Overflow Vulnerability SSRT4885
(CR JAGaf50678)
A security vulnerability, CAN-2004-1154, has been found in the MS
RPC unmarshalling code of HP CIFS Server. This problem could
potentially be exploited to gain root access remotely. HP has made
the recommended fixes, according to Samba 3.0.
• Wrong Depot Size (CR JAGaf02001)
HP CIFS Server will now only provide Samba source code files in a
single compressed gz file, /opt/samba_src/samba/source.tar.gz,
rather than many uncompressed files as in previous releases. Only
the root user can gunzip/untar the file to uncompress this file. The
source code files remain accessible only to root.
• Samba_setup Script (CR JAGaf50212)
A fix has been implemented for a samba_setup case where NT
member server setup failed to set the PDC name in the password
server list of smb.conf.
• HA README.txt (CR JAGaf50462)
This updates HA README.txt instructions for setting up parameters
related to security files due to changes in smb.conf.
• /sbin/init.d/samba Script (CR JAGaf51410)
Provides a fix in the /sbin/init.d/samba script so that a correct
parameter is passed to stopsmb for stopping winbindd.
• Core Dump on Smbcacls, Smbtree, Smbcquotas
(CR JAGaf51600)
This fix corrects a problem to avoid freeing static unallocated
memory for system standard files that are used in these utilities,
smbcacls, smbtree and smbcquotas. This fix prevents the program
aborts.
• Utility Profiles Fail (CR JAGaf51602)