svn commit: samba-web r404 - in trunk/news/releases: .
deryck at samba.org
deryck at samba.org
Mon Nov 8 21:08:04 GMT 2004
Author: deryck
Date: 2004-11-08 21:08:04 +0000 (Mon, 08 Nov 2004)
New Revision: 404
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba-web&rev=404
Log:
Adding security announcement from this morning to news.samba.org.
--deryck
Added:
trunk/news/releases/security_3.0.8.html
Changeset:
Added: trunk/news/releases/security_3.0.8.html
===================================================================
--- trunk/news/releases/security_3.0.8.html 2004-11-08 21:01:10 UTC (rev 403)
+++ trunk/news/releases/security_3.0.8.html 2004-11-08 21:08:04 UTC (rev 404)
@@ -0,0 +1,19 @@
+ <h3><a name="security_3.0.8">Security Notice -- CVE CAN-2004-0930</a></h3>
+
+ <div class="article">
+ <p>A security vulnerability has been located in Samba 3.0.x <= 3.0.7.
+ A bug in the input validation routines used to match
+ filename strings containing wildcard characters may allow
+ a user to consume more than normal amounts of CPU cycles
+ thus impacting the performance and response of the server.
+ In some circumstances the server can become entirely
+ unresponsive. The
+ <a href="/samba/security/CAN-2004-0930.html">full security announcement</a>
+ is available online.</p>
+
+ <p>A <a href="/samba/ftp/patches/security/samba-3.0.7-CAN-2004-0930.patch">patch for Samba 3.0.7</a>
+ (<a href="/samba/ftp/patches/security/samba-3.0.7-CAN-2004-0930.patch.asc">signature</a>)
+ is available for those not wishing to upgrade to Samba 3.0.8.</p>
+ </div>
+
+
Property changes on: trunk/news/releases/security_3.0.8.html
___________________________________________________________________
Name: svn:executable
+ *
More information about the samba-cvs
mailing list