similar to: [Announce] Samba 3.0.35 Security Release Available for Download

Displaying 20 results from an estimated 30000 matches similar to: "[Announce] Samba 3.0.35 Security Release Available for Download"

2009 Jun 23
1
[Announce] Samba 3.3.6 Security Release Available for Download
Release Announcements ===================== This is a security release in order to address CVE-2009-1888. o CVE-2009-1888: In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data value can potentially affect access control when "dos filemode" is set to "yes". ###################################################################### Changes
2009 Jun 23
1
[Announce] Samba 3.3.6 Security Release Available for Download
Release Announcements ===================== This is a security release in order to address CVE-2009-1888. o CVE-2009-1888: In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data value can potentially affect access control when "dos filemode" is set to "yes". ###################################################################### Changes
2009 Jun 23
1
[Announce] Samba 3.2.13 Security Release Available for Download
Release Announcements ===================== This is a security release in order to address CVE-2009-1886 and CVE-2009-1888. o CVE-2009-1886: In Samba 3.2.0 to 3.2.12 (inclusive), the smbclient commands dealing with file names treat user input as a format string to asprintf. With a maliciously crafted file name smbclient can be made to execute code triggered by the server.
2009 Jun 23
1
[Announce] Samba 3.2.13 Security Release Available for Download
Release Announcements ===================== This is a security release in order to address CVE-2009-1886 and CVE-2009-1888. o CVE-2009-1886: In Samba 3.2.0 to 3.2.12 (inclusive), the smbclient commands dealing with file names treat user input as a format string to asprintf. With a maliciously crafted file name smbclient can be made to execute code triggered by the server.
2013 Jan 15
1
Samba 4.0.1 Security Release Available for Download
Release Announcements --------------------- This is a security release in order to address CVE-2013-0172. o CVE-2013-0172: Samba 4.0.0 as an AD DC may provide authenticated users with write access to LDAP directory objects. In AD, Access Control Entries can be assigned based on the objectClass of the object. If a user or a group the user is a member of has any access based on
2013 Jan 15
1
Samba 4.0.1 Security Release Available for Download
Release Announcements --------------------- This is a security release in order to address CVE-2013-0172. o CVE-2013-0172: Samba 4.0.0 as an AD DC may provide authenticated users with write access to LDAP directory objects. In AD, Access Control Entries can be assigned based on the objectClass of the object. If a user or a group the user is a member of has any access based on
2008 Nov 27
2
[Announce] Samba 3.2.5 Available for Download
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Release Announcements ===================== This is a security release in order to address CVE-2008-4314 ("Potential leak of arbitrary memory contents"). o CVE-2008-4314 Samba 3.0.29 to 3.2.4 can potentially leak arbitrary memory contents to malicious clients. The original security announcement for this and past
2008 Nov 27
2
[Announce] Samba 3.2.5 Available for Download
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Release Announcements ===================== This is a security release in order to address CVE-2008-4314 ("Potential leak of arbitrary memory contents"). o CVE-2008-4314 Samba 3.0.29 to 3.2.4 can potentially leak arbitrary memory contents to malicious clients. The original security announcement for this and past
2008 Nov 27
1
[Announce] Samba 3.0.33 Available for Download
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Release Announcements ===================== This is a security release in order to address CVE-2008-4314 ("Potential leak of arbitrary memory contents"). o CVE-2008-4314 Samba 3.0.29 to 3.2.4 can potentially leak arbitrary memory contents to malicious clients. The original security announcement for this and past
2008 Nov 27
1
[Announce] Samba 3.0.33 Available for Download
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Release Announcements ===================== This is a security release in order to address CVE-2008-4314 ("Potential leak of arbitrary memory contents"). o CVE-2008-4314 Samba 3.0.29 to 3.2.4 can potentially leak arbitrary memory contents to malicious clients. The original security announcement for this and past
2009 Jan 05
1
[ANNOUNCE] Samba 3.2.7 Available for Download
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Release Announcements ===================== This is a security release in order to address CVE-2009-0022. o CVE-2009-0022 In Samba 3.2.0 to 3.2.6, in setups with registry shares enabled, access to the root filesystem ("/") is granted when connecting to a share called "" (empty string) using old versions of
2009 Jan 05
1
[ANNOUNCE] Samba 3.2.7 Available for Download
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Release Announcements ===================== This is a security release in order to address CVE-2009-0022. o CVE-2009-0022 In Samba 3.2.0 to 3.2.6, in setups with registry shares enabled, access to the root filesystem ("/") is granted when connecting to a share called "" (empty string) using old versions of
2009 Oct 01
1
[Announce] Samba 3.3.8 Security Release Available
Release Announcements ===================== This is a security release in order to address CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906. o CVE-2009-2813: In all versions of Samba later than 3.0.11, connecting to the home share of a user will use the root of the filesystem as the home directory if this user is misconfigured to have an empty home directory in /etc/passwd.
2009 Oct 01
1
[Announce] Samba 3.2.15 Security Release Available
Release Announcements ===================== This is a security release in order to address CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906. o CVE-2009-2813: In all versions of Samba later than 3.0.11, connecting to the home share of a user will use the root of the filesystem as the home directory if this user is misconfigured to have an empty home directory in /etc/passwd.
2009 Oct 01
1
[Announce] Samba 3.0.37 Security Release Available
Release Announcements ===================== This is a security release in order to address CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906. o CVE-2009-2813: In all versions of Samba later than 3.0.11, connecting to the home share of a user will use the root of the filesystem as the home directory if this user is misconfigured to have an empty home directory in /etc/passwd.
2009 Oct 01
1
[Announce] Samba 3.3.8 Security Release Available
Release Announcements ===================== This is a security release in order to address CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906. o CVE-2009-2813: In all versions of Samba later than 3.0.11, connecting to the home share of a user will use the root of the filesystem as the home directory if this user is misconfigured to have an empty home directory in /etc/passwd.
2009 Oct 01
1
[Announce] Samba 3.2.15 Security Release Available
Release Announcements ===================== This is a security release in order to address CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906. o CVE-2009-2813: In all versions of Samba later than 3.0.11, connecting to the home share of a user will use the root of the filesystem as the home directory if this user is misconfigured to have an empty home directory in /etc/passwd.
2009 Oct 01
1
[Announce] Samba 3.0.37 Security Release Available
Release Announcements ===================== This is a security release in order to address CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906. o CVE-2009-2813: In all versions of Samba later than 3.0.11, connecting to the home share of a user will use the root of the filesystem as the home directory if this user is misconfigured to have an empty home directory in /etc/passwd.
2012 Apr 10
3
[Announce] Samba 3.6.4, 3.5.14 and 3.4.16 Security Releases Available
Release Announcements ===================== Samba 3.6.4, 3.5.14 and 3.4.16 are security releases in order to address CVE-2012-1182. o CVE-2012-1182: Samba 3.0.x to 3.6.3 are affected by a vulnerability that allows remote code execution as the "root" user. Changes: -------- o Stefan Metzmacher <metze at samba.org> *BUG 8815: PIDL based autogenerated code allows
2012 Apr 10
3
[Announce] Samba 3.6.4, 3.5.14 and 3.4.16 Security Releases Available
Release Announcements ===================== Samba 3.6.4, 3.5.14 and 3.4.16 are security releases in order to address CVE-2012-1182. o CVE-2012-1182: Samba 3.0.x to 3.6.3 are affected by a vulnerability that allows remote code execution as the "root" user. Changes: -------- o Stefan Metzmacher <metze at samba.org> *BUG 8815: PIDL based autogenerated code allows