Home > FreeNAS Releases > FreeNAS-8.0.4-RELEASE-p1 Released to Include New Version of Samba with Security Fixes.

FreeNAS-8.0.4-RELEASE-p1 Released to Include New Version of Samba with Security Fixes.

April 12th, 2012

A new version of Samaba, the open source implementation of the SMB/CIFS networking protocol that enables file and print sharing between FreeNAS and Windows, has been released to fix a nine year old security vulnerability that allows remote code execution as the “root” user from an anonymous connection.

FreeNAS-8.0.4-RELEASE-p1 has been released with Samba 3.6.4 to addresses this critical security flaw.

Bugfixes

  1. Samba has been upgraded to 3.6.4 to address CVE-2012-1182 which is a critical vulnerability. All FreeNAS users who are using CIFS are urged to upgrade.
  2. Create the ldap and nss secret files when LDAP integration is enabled.
  3. Ensure the configuration database is not world readable.
  4. Remove failsafe from the PAM group file, this prevents a situation where the wheel group being empty allowed any user to su to root.

8.0.4-RELEASE-p1 also contains a GUI enhancement where  selecting reboot now causes the screen to turn red during the confirmation dialog, adding emphasis to the fact that this operation will affect availability.

FreeNAS-8.0.4-RELEASE-p1 is now available for immediate download from: https://sourceforge.net/projects/freenas/files/FreeNAS-8.0.4/

This update is critical for anyone using FreeNAS with CIFS.

Categories: FreeNAS Releases Tags:
Comments are closed.

Twitter links powered by Tweet This v1.8.3, a WordPress plugin for Twitter.