I am supporting SLES 9 from an Audit & Compliance perspective. The Samba release in use (3.0.26a-0.19) is not documented as being applicable for SLES 9 on the Novell CVE site. (http://support.novell.com/security/cve/CVE-2010-1635.html).
However, if I reference mitre.org or cve details sites, Samba releases of 3.0.26a are vulnerable to this issue. Does Novell simply not document such things in all cases for unsupported releases of the OS? I know this isn’t always the case but in this instance I am unable to state or provide any evidence to Data Security whether or not this issue resulting from an internal scan can be closed. Anyone with idea’s on the subject?
Hi
Have you looked at the changelog eiter via YaST sotware management or
via the rpm command from the command line.
–
Cheers Malcolm °¿° (Linux Counter #276890)
openSUSE 12.3 (x86_64) Kernel 3.7.10-1.11-desktop
up 2 days 0:37, 3 users, load average: 0.20, 0.10, 0.06
CPU AMD Athlon™ II P360@2.30GHz | GPU Mobility Radeon HD 4200