similar to: Samba 3.3.13 Security Release Available for Download

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================== I can say 'no' in 4 different languages. -- Jeremy Allison ============================================================== Release Announcements ===================== This is the latest stable release of Samba. This

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Release Announcements ===================== This is a security release in order to address CVE-2008-4314 ("Potential leak of arbitrary memory contents"). o CVE-2008-4314 Samba 3.0.29 to 3.2.4 can potentially leak arbitrary memory contents to malicious clients. The original security announcement for this and past

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Release Announcements ===================== This is a security release in order to address CVE-2008-4314 ("Potential leak of arbitrary memory contents"). o CVE-2008-4314 Samba 3.0.29 to 3.2.4 can potentially leak arbitrary memory contents to malicious clients. The original security announcement for this and past

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================== I can say 'no' in 4 different languages. -- Jeremy Allison ============================================================== Release Announcements ===================== This is the latest stable release of Samba. This

Release Announcements ===================== This is a security release in order to address CVE-2009-1886 and CVE-2009-1888. o CVE-2009-1886: In Samba 3.2.0 to 3.2.12 (inclusive), the smbclient commands dealing with file names treat user input as a format string to asprintf. With a maliciously crafted file name smbclient can be made to execute code triggered by the server.

Release Announcements ===================== This is a security release in order to address CVE-2009-1886 and CVE-2009-1888. o CVE-2009-1886: In Samba 3.2.0 to 3.2.12 (inclusive), the smbclient commands dealing with file names treat user input as a format string to asprintf. With a maliciously crafted file name smbclient can be made to execute code triggered by the server.

Release Announcements ===================== This is a security release in order to address CVE-2009-1888. o CVE-2009-1888: In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data value can potentially affect access control when "dos filemode" is set to "yes". ###################################################################### Changes

Release Announcements ===================== This is a security release in order to address CVE-2009-1888. o CVE-2009-1888: In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data value can potentially affect access control when "dos filemode" is set to "yes". ###################################################################### Changes

Release Announcements ===================== This is a security release in order to address CVE-2009-1888. o CVE-2009-1888: In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data value can potentially affect access control when "dos filemode" is set to "yes". ###################################################################### Changes

Release Announcements ===================== This is a security release in order to address CVE-2009-1888. o CVE-2009-1888: In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data value can potentially affect access control when "dos filemode" is set to "yes". ###################################################################### Changes

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Release Announcements ===================== This is a security release in order to address CVE-2008-4314 ("Potential leak of arbitrary memory contents"). o CVE-2008-4314 Samba 3.0.29 to 3.2.4 can potentially leak arbitrary memory contents to malicious clients. The original security announcement for this and past

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Release Announcements ===================== This is a security release in order to address CVE-2008-4314 ("Potential leak of arbitrary memory contents"). o CVE-2008-4314 Samba 3.0.29 to 3.2.4 can potentially leak arbitrary memory contents to malicious clients. The original security announcement for this and past

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Release Announcements ===================== This is a security release in order to address CVE-2009-0022. o CVE-2009-0022 In Samba 3.2.0 to 3.2.6, in setups with registry shares enabled, access to the root filesystem ("/") is granted when connecting to a share called "" (empty string) using old versions of

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Release Announcements ===================== This is a security release in order to address CVE-2009-0022. o CVE-2009-0022 In Samba 3.2.0 to 3.2.6, in setups with registry shares enabled, access to the root filesystem ("/") is granted when connecting to a share called "" (empty string) using old versions of

Pohle at logistik.tu-berlin.de make ; make install Von Samsung Mobile gesendet -------- Urspr?ngliche Nachricht -------- Betreff: [Announce] Samba 3.4.15 Available for Download Von: Karolin Seeger <kseeger at samba.org> An: samba-announce at samba.org,samba at samba.org,samba-technical at samba.org Cc: ================================================================= "Some

Release Announcements ===================== These are a security releases in order to address CVE-2010-3069. o CVE-2010-3069: All current released versions of Samba are vulnerable to a buffer overrun vulnerability. The sid_parse() function (and related dom_sid_parse() function in the source4 code) do not correctly check their input lengths when reading a binary representation of

Release Announcements ===================== These are a security releases in order to address CVE-2010-3069. o CVE-2010-3069: All current released versions of Samba are vulnerable to a buffer overrun vulnerability. The sid_parse() function (and related dom_sid_parse() function in the source4 code) do not correctly check their input lengths when reading a binary representation of

Release Announcements --------------------- Samba 4.1.1, 4.0.11 and 3.6.20 have been issued as security releases in order to address CVE-2013-4475 (ACLs are not checked on opening an alternate data stream on a file or directory) and CVE-2013-4476 (Private key in key.pem world readable). Samba 3.6.20 includes the fix for CVE-2013-4475 only, Samba 4.1.1 and 4.0.11 address both issues. o

Release Announcements --------------------- Samba 4.1.1, 4.0.11 and 3.6.20 have been issued as security releases in order to address CVE-2013-4475 (ACLs are not checked on opening an alternate data stream on a file or directory) and CVE-2013-4476 (Private key in key.pem world readable). Samba 3.6.20 includes the fix for CVE-2013-4475 only, Samba 4.1.1 and 4.0.11 address both issues. o

Release Announcements --------------------- This is a security release in order to address CVE-2013-0172. o CVE-2013-0172: Samba 4.0.0 as an AD DC may provide authenticated users with write access to LDAP directory objects. In AD, Access Control Entries can be assigned based on the objectClass of the object. If a user or a group the user is a member of has any access based on