- Issued:
- 2011-05-19
- Updated:
- 2011-05-19
RHBA-2011:0569 - cifs-utils bug fix update
Synopsis
cifs-utils bug fix update
Type/Severity
Bug Fix Advisory (none)
Topic
An updated cifs-utils package that fixes five bugs is available.
Description
The SMB/CIFS protocol is a standard file sharing protocol widely deployed on Microsoft Windows machines. This package contains tools for mounting shares on Linux using the SMB/CIFS protocol. The tools in this package work in conjunction with support in the kernel to allow one to mount a SMB/CIFS share onto a client and use it as if it were a standard Linux file system.
The cifs-utils package has been updated to the latest upstream version. Bugs fixed in this updated package include:
-
While trying to mount a share (DFS or 'classic') with Kerberos, a "mount error(5): Input/output error" occurred due to a problem with the MIT krb5 libraries. cifs.upcall now sets the GSSAPI checksum properly in SPNEGO blobs. This is necessary for proper interoperability with EMC servers when using krb5 authentication, and allows for a successful mount . (BZ#645127)
-
When mounting a share as root with kerberos, cifs.upcall used the ticket of root (/tmp/krb5cc_0) instead the one of the user specified with 'uid=' or 'user='. This was due to the --legacy-uid command line option for cifs.upcall not properly implementing. This patch ensures that it properly implements, allowing successful mounting of a share as root with kerberos. (BZ#667382)
-
When two CIFS shares were mounted on the same server, each for a different user who had valid krb5 credentials, only the one mounted first could access the data. This was because cifs had a built in design limitation of a single set of credentials per mount. That limitation caused the implementation of a number of hacks to deal with it. With this patch mount.cifs now supports the 'cruid=' mount option, fixing this issue. (BZ#669377)
-
mount.cifs did not handle numeric uid=, gid=, or cuid= options correctly, and would often return an error when they were specified. With this patch, a check is run to see if any error occurred by setting errno to 0 before the conversion. If one did then it will attempt to treat the value as a name, allowing them to be correctly handled. (BZ#696951)
-
In order to update the man pages and include a couple small patches, cifs-utils has been rebased to 4.8.1. (BZ#658981)
All users who are using the cifs file system should update to this new package in order to take advantage of these bug fixes.
Solution
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at This content is not included.https://access.redhat.com/kb/docs/DOC-11259
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Scientific Computing | 6 | x86_64 |
| Red Hat Enterprise Linux for Power, big endian | 6 | ppc64 |
| Red Hat Enterprise Linux for IBM z Systems | 6 | s390x |
| Red Hat Enterprise Linux Workstation | 6 | x86_64 |
| Red Hat Enterprise Linux Workstation | 6 | i386 |
| Red Hat Enterprise Linux Server | 6 | x86_64 |
| Red Hat Enterprise Linux Server | 6 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 6 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) | 6 | s390x |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) | 6 | s390x |
| Red Hat Enterprise Linux Desktop | 6 | x86_64 |
| Red Hat Enterprise Linux Desktop | 6 | i386 |
Updated Packages
- cifs-utils-4.8.1-2.el6.src.rpm
- cifs-utils-debuginfo-4.8.1-2.el6.i686.rpm
- cifs-utils-4.8.1-2.el6.s390x.rpm
- cifs-utils-debuginfo-4.8.1-2.el6.x86_64.rpm
- cifs-utils-4.8.1-2.el6.x86_64.rpm
- cifs-utils-debuginfo-4.8.1-2.el6.ppc64.rpm
- cifs-utils-4.8.1-2.el6.ppc64.rpm
- cifs-utils-4.8.1-2.el6.i686.rpm
- cifs-utils-debuginfo-4.8.1-2.el6.s390x.rpm
Fixes
- This content is not included.BZ - 645127
- This content is not included.BZ - 658981
- This content is not included.BZ - 667382
- This content is not included.BZ - 669377
- This content is not included.BZ - 696951
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.