Login

bitsnpcs · 05-25-2017, 10:51 PM

The vulnerability - CVE-2017-7494 - affects versions 3.5 (released March 1, 2010) and onwards of Samba, the defacto standard for providing Windows-based file and print services on Unix and Linux systems.

1. Make sure to run Menu, Favorites, Install Updates.

2. Open a terminal:

Code:
apt policy samba

should show the patched version for Series 3.x:

Code:
apt policy samba

samba:

  Installed: 2:4.3.11+dfsg-0ubuntu0.16.04.7

  Candidate: 2:4.3.11+dfsg-0ubuntu0.16.04.7

should show the patched version for Series 2.x:

Code:
apt policy samba

samba:

  Installed: 2:4.3.11+dfsg-0ubuntu0.14.04.8

  Candidate: 2:4.3.11+dfsg-0ubuntu0.14.04.8

Sources:

https://people.canonical.com/~ubuntu-sec...-7494.html

https://community.rapid7.com/community/i...le-of-life

Ottawagrant · 05-25-2017, 11:24 PM

Read about this the other day. Very, very important that you check what (samba) processes are running as root on your computer:

https://arstechnica.com/security/2017/05...patch-now/
https://community.rapid7.com/community/i...le-of-life

bitsnpcs · 05-26-2017, 12:30 AM

I posted about this a few weeks ago on the forum, same port, same method.
One other member, [member=5287]paul1149[/member] ( I think) who replied had noticed the same and also fixed his.

Although I knew no technical info about it until I received the news from Google to the phone today one of which was the Reuters article published today.
So as it was more accurate and contained useful info that was easier to understand than my post was, I thought it would be useful to post the link and let people decide what to do, or read more on.

Also [member=5803]Ottawagrant[/member] in the hope people like yourself add useful links so we can to learn more info. Smile

***Valtam*** · 05-26-2017, 06:04 AM

People should already have this patched version:

Code:
Installed: 2:4.3.11+dfsg-0ubuntu0.16.04.7

  Candidate: 2:4.3.11+dfsg-0ubuntu0.16.04.7

Code:
apt policy samba

https://people.canonical.com/~ubuntu-sec...-7494.html

amigo · 05-26-2017, 01:53 PM

Jerry,
When you say "should" does that mean I "should" install something myself or it "should" already be installed, possibly through updates.
I'm not that savvy so I if it's I need to do something myself I may need some guidance. Like step by step.
Thx
Morris

***Valtam*** · 05-26-2017, 02:29 PM

Run the above command. If it returns the above version, you're OK, nothing to do. If not, run that command once a day until it shows the above version. Make sure you run sudo apt-get update first each time.

Sent from my Mobile phone using Tapatalk

bitsnpcs · 05-26-2017, 03:48 PM

Thank You Jerry.
I have the patched version you specified, it must have been in the Install Updates, of Samba.

amigo · 05-26-2017, 07:40 PM

Sorry guys, when I said step by step I meant it. I'll be 72 this year so lend a hand to the old guy.
I ran sudo apt-get update and got this

Hit:1 http://us.archive.ubuntu.com/ubuntu xenial InRelease
Get:2 http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB]
Hit:3 http://ppa.launchpad.net/nemh/systemback/ubuntu xenial InRelease
Get:4 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]
Hit:5 http://ppa.launchpad.net/otto-kesselgulasch/gimp/ubuntu xenial InRelease
Hit:6 http://ppa.launchpad.net/ubuntu-wine/ppa/ubuntu xenial InRelease
Get:7 http://us.archive.ubuntu.com/ubuntu xenial-backports InRelease [102 kB]
Get:8 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages [544 kB]
Get:9 http://us.archive.ubuntu.com/ubuntu xenial-updates/main i386 Packages [528 kB]
Get:10 http://us.archive.ubuntu.com/ubuntu xenial-updates/universe amd64 Packages [469 kB]
Get:11 http://us.archive.ubuntu.com/ubuntu xenial-updates/universe i386 Packages [454 kB]
Get:12 http://us.archive.ubuntu.com/ubuntu xenial-backports/universe Sources [4,036 B]
Get:13 http://us.archive.ubuntu.com/ubuntu xenial-backports/universe amd64 Packages [5,616 B]
Get:14 http://us.archive.ubuntu.com/ubuntu xenial-backports/universe i386 Packages [5,620 B]
Get:15 http://us.archive.ubuntu.com/ubuntu xenial-backports/universe Translation-en [2,872 B]
Hit:16 http://repo.linuxliteos.com/linuxlite citrine InRelease
Hit:17 http://archive.canonical.com xenial InRelease
Fetched 2,320 kB in 5s (424 kB/s)
Reading package lists... Done

Amigo (Morris)

bitsnpcs · (This post was last modified: 05-26-2017, 09:49 PM by bitsnpcs.)

Hello amigo,

first run

Code:
sudo apt-get update

enter your password when prompted.

When it completes to the prompt again, (at the end of the results), then enter this

Code:
apt policy samba

Your results should read -

(05-26-2017, 06:04 AM)Jerry link Wrote: People should already have this patched version:

Code:
Installed: 2:4.3.11+dfsg-0ubuntu0.16.04.7 Candidate: 2:4.3.11+dfsg-0ubuntu0.16.04.7

If so it is patched, it is done.

If not and it has version numbers below those on the lines from Jerry at Installed, and Candidate.
After the next Install Updates is run , Menu>Favourites>Install Updates.

Repeat the above from the beginning and see if the Installed and Candidate are now updated to how Jerry stated.
If yes it is done.
If no repeat the next day after Install updates.

amigo · 05-27-2017, 12:49 AM

thx btsnpcs

Here's the result....

Installed: 2:4.3.11+dfsg-0ubuntu0.16.04.6
Candidate: 2:4.3.11+dfsg-0ubuntu0.16.04.7

Looks like I'll need to run again tommorow.

Again, thx.

Login
Username:
Password:	Lost Password?
	Remember me

LINUX LITE 7.2 FINAL RELEASED - SEE RELEASE ANNOUNCEMENTS SECTION FOR DETAILS