The content of this topic has been archived on 2 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.
https://www.samba.org/samba/security/CVE-2017-7494.html
Can someone on the list speak to whether OpenWRT trunk needs a patched / updated SAMBA or not?
The version I have on a router with DD (bleeding edge from a while ago) is 3.6.25-5.
The advisory notes all versions since 3.5.0 are vulnerable.
A workaround is noted:
in smbd.conf:
nt pipe support = no
q: if OpenWRT is vulnerable, does this workaround mitigate the vulnerability until a new patched SAMBA is incorporated?
https://github.com/openwrt/openwrt/comm … ee8f20568d
- trunk does have a fix for this CVE as above
- CC does not, but if you can build the image yourself, check https://github.com/wigyori/openwrt/tree/cc-sec for the fix (among other security updates). Note that this one is not a fully tested branch yet.
Regards,
-w-
Thankyou, wigyori!
The discussion might have continued from here.