Hi Rowland,
Thanks for the update.
The setup we have is unaltered from long time. Now we are asked to install the
patch for CVE-2017-7494, since we are not running the affected version its fine
for now.
But can you please let me know what are vulnerabilities in 3.0.28 and any
patches available for it. I will try to update it to the latest version on our
dev servers first.
Moreover we have the below version running, not sure if we still have the latest
version available from the pware.
pware.samba-3.0.28.rte 3.0.28.0 COMMITTED Samba 3.0.28
Regards,
Krishna
-----Original Message-----
From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of Rowland Penny
via samba
Sent: Tuesday, June 06, 2017 7:42 PM
To: samba at lists.samba.org
Subject: Re: [Samba] CVE-2017-7494 patches
On Tue, 6 Jun 2017 19:15:18 +0530
"Chunduru, Krishnachaithanya via samba" <samba at
lists.samba.org<mailto:samba at lists.samba.org>> wrote:
> Hi All,
>
> Can someone please confirm if Samba 3.0.28 is vulnerable to
> CVE-2017-7494. If yes, please let me know where I can get the patches
> for this.
>
I can confirm two things here:
1) only Samba from 3.5.0 was vulnerable
2) you really shouldn't be still using 3.0.28, the 3.0 series went EOL
8 years ago.
Rowland
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
This message and any attachments are intended only for the use of the addressee
and may contain information that is privileged and confidential. If the reader
of the message is not the intended recipient or an authorized representative of
the intended recipient, you are hereby notified that any dissemination of this
communication is strictly prohibited. If you have received this communication in
error, please notify us immediately by e-mail and delete the message and any
attachments from your system.