From owner-freebsd-security@freebsd.org  Mon May 29 21:47:49 2017
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9046DD8237F
 for <freebsd-security@mailman.ysv.freebsd.org>;
 Mon, 29 May 2017 21:47:49 +0000 (UTC) (envelope-from dim@FreeBSD.org)
Received: from tensor.andric.com (tensor.andric.com [IPv6:2001:470:7a58:1::1])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
 bits)) (Client CN "tensor.andric.com",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 5B6FC64CCE
 for <freebsd-security@freebsd.org>; Mon, 29 May 2017 21:47:49 +0000 (UTC)
 (envelope-from dim@FreeBSD.org)
Received: from [IPv6:2001:470:7a58::45c2:9084:d3c3:ab6f] (unknown
 [IPv6:2001:470:7a58:0:45c2:9084:d3c3:ab6f])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by tensor.andric.com (Postfix) with ESMTPSA id 0D7B819011;
 Mon, 29 May 2017 23:47:47 +0200 (CEST)
From: Dimitry Andric <dim@FreeBSD.org>
Message-Id: <F875D26C-F8DA-438F-AE40-8E7B2F5CDC29@FreeBSD.org>
Content-Type: multipart/signed;
 boundary="Apple-Mail=_7A9285D8-D43B-4898-869C-26C8F1765331";
 protocol="application/pgp-signature"; micalg=pgp-sha1
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Subject: Re: Samba CVE-2017-7494 on 3.6.25
Date: Mon, 29 May 2017 23:47:46 +0200
In-Reply-To: <CAGYSLOcqeqyYgw3BFyoRKO5RcJkmiYFMPT7qps1j-+obL2x==g@mail.gmail.com>
Cc: freebsd-security@freebsd.org
To: Darko Gavrilovic <d.gavrilovic@gmail.com>
References: <CAGYSLOcqeqyYgw3BFyoRKO5RcJkmiYFMPT7qps1j-+obL2x==g@mail.gmail.com>
X-Mailer: Apple Mail (2.3273)
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 29 May 2017 21:47:49 -0000


--Apple-Mail=_7A9285D8-D43B-4898-869C-26C8F1765331
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	charset=us-ascii

On 29 May 2017, at 18:53, Darko Gavrilovic <d.gavrilovic@gmail.com> wrote:
> 
> Hello, does anyone know or able to confirm if Samba CVE-2017-7494
> affects Samba 3.6.25 on Freebsd 9.x?
> 
> https://lists.samba.org/archive/samba-announce/2017/000406.html

The advisory very clearly says "all versions of Samba from 3.5.0
onwards", so yes.  In addition, the 3.x series is dead, and completely
unsupported.  It is probably wise to upgrade, for example to 4.6.4.

-Dimitry


--Apple-Mail=_7A9285D8-D43B-4898-869C-26C8F1765331
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename=signature.asc
Content-Type: application/pgp-signature;
	name=signature.asc
Content-Description: Message signed with OpenPGP

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.30

iEYEARECAAYFAlkslwIACgkQsF6jCi4glqM1tQCgjDk3Qxx3s0O19fs5ByXSQiz8
gBQAniv1PXymZTR839nEJneTEgPt5SJ6
=dZ6j
-----END PGP SIGNATURE-----

--Apple-Mail=_7A9285D8-D43B-4898-869C-26C8F1765331--