Displaying 20 results from an estimated 20000 matches similar to: "Samba 3.3.13 Security Release Available for Download"
2007 Feb 05
2
Samba 3.0.24 Available for Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==============================================================
I can say 'no' in 4 different languages.
-- Jeremy Allison
==============================================================
Release Announcements
=====================
This is the latest stable release of Samba. This
2008 Nov 27
2
[Announce] Samba 3.2.5 Available for Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Release Announcements
=====================
This is a security release in order to address CVE-2008-4314 ("Potential leak of
arbitrary memory contents").
o CVE-2008-4314
Samba 3.0.29 to 3.2.4 can potentially leak
arbitrary memory contents to malicious
clients.
The original security announcement for this and past
2008 Nov 27
2
[Announce] Samba 3.2.5 Available for Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Release Announcements
=====================
This is a security release in order to address CVE-2008-4314 ("Potential leak of
arbitrary memory contents").
o CVE-2008-4314
Samba 3.0.29 to 3.2.4 can potentially leak
arbitrary memory contents to malicious
clients.
The original security announcement for this and past
2007 Feb 05
0
Samba 3.0.24 Available for Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==============================================================
I can say 'no' in 4 different languages.
-- Jeremy Allison
==============================================================
Release Announcements
=====================
This is the latest stable release of Samba. This
2009 Jun 23
1
[Announce] Samba 3.2.13 Security Release Available for Download
Release Announcements
=====================
This is a security release in order to address CVE-2009-1886 and CVE-2009-1888.
o CVE-2009-1886:
In Samba 3.2.0 to 3.2.12 (inclusive), the smbclient commands dealing
with file names treat user input as a format string to asprintf.
With a maliciously crafted file name smbclient can be made
to execute code triggered by the server.
2009 Jun 23
1
[Announce] Samba 3.2.13 Security Release Available for Download
Release Announcements
=====================
This is a security release in order to address CVE-2009-1886 and CVE-2009-1888.
o CVE-2009-1886:
In Samba 3.2.0 to 3.2.12 (inclusive), the smbclient commands dealing
with file names treat user input as a format string to asprintf.
With a maliciously crafted file name smbclient can be made
to execute code triggered by the server.
2009 Jun 23
1
[Announce] Samba 3.3.6 Security Release Available for Download
Release Announcements
=====================
This is a security release in order to address CVE-2009-1888.
o CVE-2009-1888:
In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a
data value can potentially affect access control when "dos filemode"
is set to "yes".
######################################################################
Changes
2009 Jun 23
1
[Announce] Samba 3.3.6 Security Release Available for Download
Release Announcements
=====================
This is a security release in order to address CVE-2009-1888.
o CVE-2009-1888:
In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a
data value can potentially affect access control when "dos filemode"
is set to "yes".
######################################################################
Changes
2009 Jun 23
1
[Announce] Samba 3.0.35 Security Release Available for Download
Release Announcements
=====================
This is a security release in order to address CVE-2009-1888.
o CVE-2009-1888:
In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a
data value can potentially affect access control when "dos filemode"
is set to "yes".
######################################################################
Changes
2009 Jun 23
1
[Announce] Samba 3.0.35 Security Release Available for Download
Release Announcements
=====================
This is a security release in order to address CVE-2009-1888.
o CVE-2009-1888:
In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a
data value can potentially affect access control when "dos filemode"
is set to "yes".
######################################################################
Changes
2008 Nov 27
1
[Announce] Samba 3.0.33 Available for Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Release Announcements
=====================
This is a security release in order to address CVE-2008-4314 ("Potential leak of
arbitrary memory contents").
o CVE-2008-4314
Samba 3.0.29 to 3.2.4 can potentially leak
arbitrary memory contents to malicious
clients.
The original security announcement for this and past
2008 Nov 27
1
[Announce] Samba 3.0.33 Available for Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Release Announcements
=====================
This is a security release in order to address CVE-2008-4314 ("Potential leak of
arbitrary memory contents").
o CVE-2008-4314
Samba 3.0.29 to 3.2.4 can potentially leak
arbitrary memory contents to malicious
clients.
The original security announcement for this and past
2009 Jan 05
1
[ANNOUNCE] Samba 3.2.7 Available for Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Release Announcements
=====================
This is a security release in order to address CVE-2009-0022.
o CVE-2009-0022
In Samba 3.2.0 to 3.2.6, in setups with registry shares enabled,
access to the root filesystem ("/") is granted
when connecting to a share called "" (empty string)
using old versions of
2009 Jan 05
1
[ANNOUNCE] Samba 3.2.7 Available for Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Release Announcements
=====================
This is a security release in order to address CVE-2009-0022.
o CVE-2009-0022
In Samba 3.2.0 to 3.2.6, in setups with registry shares enabled,
access to the root filesystem ("/") is granted
when connecting to a share called "" (empty string)
using old versions of
2011 Aug 23
0
WG: [Announce] Samba 3.4.15 Available for Download
Pohle at logistik.tu-berlin.de
make ; make install
Von Samsung Mobile gesendet
-------- Urspr?ngliche Nachricht --------
Betreff: [Announce] Samba 3.4.15 Available for Download
Von: Karolin Seeger <kseeger at samba.org>
An: samba-announce at samba.org,samba at samba.org,samba-technical at samba.org
Cc:
=================================================================
"Some
2010 Sep 14
1
[Announce] Samba 3.5.5, 3.4.9 and 3.3.14 Security Releases Available
Release Announcements
=====================
These are a security releases in order to address CVE-2010-3069.
o CVE-2010-3069:
All current released versions of Samba are vulnerable to
a buffer overrun vulnerability. The sid_parse() function
(and related dom_sid_parse() function in the source4 code)
do not correctly check their input lengths when reading a
binary representation of
2010 Sep 14
1
[Announce] Samba 3.5.5, 3.4.9 and 3.3.14 Security Releases Available
Release Announcements
=====================
These are a security releases in order to address CVE-2010-3069.
o CVE-2010-3069:
All current released versions of Samba are vulnerable to
a buffer overrun vulnerability. The sid_parse() function
(and related dom_sid_parse() function in the source4 code)
do not correctly check their input lengths when reading a
binary representation of
2013 Nov 11
0
[Announce] Samba 4.1.1, 4.0.11 and 3.6.20 Security Releases Available for Download
Release Announcements
---------------------
Samba 4.1.1, 4.0.11 and 3.6.20 have been issued as security releases in order
to address CVE-2013-4475 (ACLs are not checked on opening an alternate data
stream on a file or directory) and CVE-2013-4476 (Private key in key.pem world
readable).
Samba 3.6.20 includes the fix for CVE-2013-4475 only, Samba 4.1.1 and 4.0.11
address both issues.
o
2013 Nov 11
0
[Announce] Samba 4.1.1, 4.0.11 and 3.6.20 Security Releases Available for Download
Release Announcements
---------------------
Samba 4.1.1, 4.0.11 and 3.6.20 have been issued as security releases in order
to address CVE-2013-4475 (ACLs are not checked on opening an alternate data
stream on a file or directory) and CVE-2013-4476 (Private key in key.pem world
readable).
Samba 3.6.20 includes the fix for CVE-2013-4475 only, Samba 4.1.1 and 4.0.11
address both issues.
o
2013 Jan 15
1
Samba 4.0.1 Security Release Available for Download
Release Announcements
---------------------
This is a security release in order to address CVE-2013-0172.
o CVE-2013-0172:
Samba 4.0.0 as an AD DC may provide authenticated users with write access
to LDAP directory objects.
In AD, Access Control Entries can be assigned based on the objectClass
of the object. If a user or a group the user is a member of has any
access based on