Is unRAID affected by this vulnerability

kultax

By kultax
in General Support (V5 and Older)

Recommended Posts

WeeboTech Veteran

WeeboTech

Posted
Posted

A patch addressing this defect has been posted to http://www.samba.org/samba/security/ Additionally, Samba 4.2.0rc5, 4.1.17, 4.0.25 and 3.6.25 have been issued as security releases to correct the defect. Patches against older Samba versions are available at http://samba.org/samba/patches/. Samba vendors and administrators running affected versions are advised to upgrade or apply the patch as soon as possible.

 

 

==========

Workaround

==========

On Samba versions 4.0.0 and above, add the line:

 

rpc_server:netlogon=disabled

 

to the [global] section of your smb.conf. For Samba versions 3.6.x and

earlier, this workaround is not available.

 

 

Looks like unRAID 5.0.6 is. 

root@unRAID:~# cat /etc/unraid-version ; smbd --version
version=5.0.6
Version 3.6.21

 

I'm not running unRAID 6-beta 13 or 14 so someone else will need to provide the version number there.

Link to comment
StevenD Community Regular

StevenD

Posted
Posted

A patch addressing this defect has been posted to http://www.samba.org/samba/security/ Additionally, Samba 4.2.0rc5, 4.1.17, 4.0.25 and 3.6.25 have been issued as security releases to correct the defect. Patches against older Samba versions are available at http://samba.org/samba/patches/. Samba vendors and administrators running affected versions are advised to upgrade or apply the patch as soon as possible.

 

 

==========

Workaround

==========

On Samba versions 4.0.0 and above, add the line:

 

rpc_server:netlogon=disabled

 

to the [global] section of your smb.conf. For Samba versions 3.6.x and

earlier, this workaround is not available.

 

 

Looks like unRAID 5.0.6 is. 

root@unRAID:~# cat /etc/unraid-version ; smbd --version
version=5.0.6
Version 3.6.21

 

I'm not running unRAID 6-beta 13 or 14 so someone else will need to provide the version number there.

 

root@nas:~# cat /etc/unraid-version ; smbd --version
version="6.0-beta14"
Version 4.1.16

Link to comment
NAS Experienced

NAS

Posted
Posted

At first when I seen this I assumed we must be running our own compiled version of samba as there has been no upstream Slackware announcements on this.

 

However this turns out not to be true as Slackware is @ "samba-4.1.16-x86_64-1.txz"

 

I worry that we have a double delay here with Slackware and then us picking it up.

 

Nice post though I would have missed it.

 

 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing