Security advisory: Badlock Bug

Depencies relays on adagios package, and in case of Samba add custom template as @davidep has already presented.

1 Like

As we already know, this is an upstream bug and we are waiting Red Hat fix.

Please, follow the upstream bug: https://bugzilla.redhat.com/show_bug.cgi?id=1326918

Actually this bug affects only WinXP that is considered as dead system.

I had the same problem after updating the system last night, my clients were unable to log this morning.
I did the rollback procedure and everything worked.

yum downgrade samba* tdb-tools libtdb libtevent libtalloc pytalloc libldb

Customers are all Windows 7

Thanks to all and especially to the @maxbet for the downgrade instructions.

Just a few lines to confirm that after the downgrade and 2 days of regular use, everything seems to work normally.
I will follow the development on Bugzilla to be sure when is the time to upgrade again.

2 Likes

[quote=“giacomo, post:22, topic:3141, full:true”]
As we already know, this is an upstream bug and we are waiting Red Hat fix.[/quote]
Am I reading it right that a solution has been found and a fix is being released by Andreas Schneider?

1 Like

Good news, I can’t wait any longer :smile:

We are watching the CentOS-announce mailing list. I hope they’ll release a new RPM soon.

1 Like

Some news about this? I have a new implementation of the Nethserver to do in next week. It is not clear to me if this happens just in current instalations after update or in new instalations. I have solved the problem downgrading the samba packages, thanks for the help. My question is about a new setup. (sorry for the bad english, i am brazilian)

Sadly no good news for now: upstream hasn’t release any fix yet.
But CentOS 6.8 is coming and probably they already have the fix.

You have three alternatives:

  • Install the machine and then downgrade Samba
  • Try the fix suggested by Davide if you don’t have any Windows XP client
  • Try to update samba from CentOS CR repo
1 Like

I’ve uploaded updated samba packages from the upcoming 6.8 release to the testing repository.
To install:
yum --enablerepo=nethserver-testing update samba tdb-tools

I tested the packages in production and they solve the domain trust problem.

If someone could test them and confirm my findings, we will release an official update.

5 Likes

This should be fixed, please test with nethserver-testing repository enabled.
Also problem on winexe install should be fixed.

See:

2 Likes

Tks. I will test with a VM.

1 Like

I did this:

[root@.... ~]# yum --enablerepo=nethserver-testing update samba tdb-tools
Loaded plugins: changelog, fastestmirror, nethserver_events, presto
Setting up Update Process
Loading mirror speeds from cached hostfile
 * centos-base: mirror.imt-systems.com
 * centos-updates: mirror.imt-systems.com
 * nethserver-base: mirror.framassa.org
 * nethserver-updates: mirror.framassa.org
nethserver-testing                                       | 2.9 kB     00:00
nethserver-testing/primary_db                            | 149 kB     00:00
Package(s) samba available, but not installed.
Package(s) tdb-tools available, but not installed.
No Packages marked for Update

And tried to install Monitoring Package after that. No Success. Same issue as before. Do I have to run more than just the command you posted?

Did you install all the new updates from centos released today?
Please show the output of:
rpm -q samba

You simply need this command:

yum --enablerepo=nethserver-testing install @nethserver-monitoring

OK, I did this:

Updated everything by Softwarecenter (did that yesterday).

yum --enablerepo=nethserver-testing update samba tdb-tools

after that I updated everything via Softwarecenter
then I executed this command:

yum --enablerepo=nethserver-testing install @nethserver-monitoring

That was running fine. Samba installed. Nagios/Adagios accessible.

rpm -q samba output (after successful installation!) is:
samba-3.6.23-35.el6_8.x86_64

4 Likes