AIX Open Source

AIX Open Source

Share your experiences and connect with fellow developers to discover how to build and manage open source software for the AIX operating system

 View Only

  • 1.  SambaCry

    Posted Tue June 20, 2017 05:38 PM

    Originally posted by: Volker Haug


    There is a security exposure, documented under CVE-2017-7494 and also known as SambaCry.

    When will a Samba version beeen published on AIX Open Source Software which is being hardened against SambaCry?

     

    Thanks in advance

    Volker Haug, IBM Germany



  • 2.  Re: SambaCry

    Posted Wed June 21, 2017 03:49 AM

    Originally posted by: sanket


    We are in process of building and publishing Samba 4.6.4 which is official release of Samba with fix of CVE-2017-7494.

    We should be able to publish this within couple of weeks. 

    For time being we have published 4.5.7 with backporting fix of CVE-2017-7494 into 4.5.7

     

    Thanks

    Sanket

     



  • 3.  Re: SambaCry

    Posted Mon June 26, 2017 05:45 AM

    Originally posted by: eichher


    Good to hear that there are new Samba versions arriving!

    But the provided version 4.5.7 is still 32bit, is there a plan for moving to 64bit??? We use a commercial software  for Windows AD Integration, this software provided it's own AIX samba version for a long time. But since last year they provide only a binary called "adproxy" which connects to the "orignal" samba and does the AD Integration. This binary is 64bit compiled and checks the samba binaries for their bit architecture. If both are different, some functionality is missing.



  • 4.  Re: SambaCry

    Posted Fri June 30, 2017 05:30 AM

    Originally posted by: sanket


    Right now we are compiling Samba only in 32bit mode.

    We will look into moving to 64bit in future but as of now we are publishing 32bit.



  • 5.  Re: SambaCry

    Posted Fri July 14, 2017 02:30 AM

    Originally posted by: MagentaHotshot


    We installed the version 4.5.7 on AIX 7.1 , but we have problems with editing MS-Office Documents via Samba.

    When we save e.g. a word-document we get the errormessage, that it is only readonly.

    There is an old workaround (from 2012) available, but in our case it´s not usable, because it opens the directory so much, that other user can open and edit the users document.

    this is the workaround:

    #############################
    # On 3 July 2012 13:11, Daniel Müller 

    <mueller@tropenklinik.de> wrote:
         directory mask=2770
         force directory mode=2770
         create mask = 2770
         force create mode=2770
         force security mode=2770
         force directory security mode=2770
         force group= yourgroup
    # Give the directory the sticky bit for the group

    #################################################

    We did not have the bug with Version 3.6.25.

     

    My Question is:

    Now there is Samba 4.6.4 for AIX available, does anybody know if the above mentioned bug is also in 4.6.4 ?

     

    Thanks a lot

     



Related Content