Novell is now a part of Micro Focus

Security update for novell-ncp

Knowledgebase

(Last modified: 13SEP2006)


solutions Security update for novell-ncp SuSE Linux Maintenance Web (497119202335ac4d89324e8bf57510f1)

Applies to

Package: novell-ncp
novell-ncpserv
Product(s): Open Enterprise Server
Patch: patch-11208
Release: 20060913
Obsoletes: none

Indications

Everyone using novell-ncp should install this update.

Contraindications

None.

Description

This patch fixes a buffer overflow with large TCP packet and also in packet traces (CVE-2006-4177).
It also contains the following fixes:
  • Subdirectory deletion error (bug 194482)
  • File deletion error (bug 193770)
  • Deadlock detection / correction
  • Support for NCP 23:243
  • Support for volumes with $ in the name for ZEN
  • Fix for buffer overflow error with large tcp packets (bug 195508)
  • Fix for buffer overflow error in packet traces (bug 197711)
  • Optional sync trustees from NCP to NSS on volume mount
  • Incorrect error code on write with User Space Restrictions (bug 198336)
  • Switch from _ADMIN to xattr call for volume statistics (bug 196826)
  • Added volume full broadcast alerts.
  • Fixed NCP 21:12 change connection broadcast settings (bug 201283)
  • Fixed an error in a trustee database parsing error message.
  • Added volume gone broadcast alert.
  • Fix for Novell Storage Manager alloc dir handle problem.
  • Fix for disappearing trustees when invalid DN with [Public]
  • Fix for disappearing trustees when can't map the DN to an ID (not -601)
  • Fix for concurrent searches on different volumes error (bug 202536)
  • Fix for "Invalid Signal -1" error undoes Deletor ID fix.

Installation notes

This update is provided as an RPM package that can easily be installed onto a running system by using this command:
rpm -Fvh novell-ncp.rpm novell-ncpserv.rpm

links to download packages

Download Source Packages

Download the source code of the patches for maintained products.


Disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.

Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.

© Micro Focus