svn commit: samba-web r363 - in trunk: . news/releases
deryck at samba.org
deryck at samba.org
Thu Sep 30 13:43:34 GMT 2004
Author: deryck
Date: 2004-09-30 13:43:33 +0000 (Thu, 30 Sep 2004)
New Revision: 363
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-web&path=/trunk&rev=363&nolog=1
Log:
Add security announcement to news, and fix html and typos
on the main samba.org page.
--deryck
Added:
trunk/news/releases/security_2.2.12.html
Modified:
trunk/index.html
Changeset:
Modified: trunk/index.html
===================================================================
--- trunk/index.html 2004-09-30 13:08:21 UTC (rev 362)
+++ trunk/index.html 2004-09-30 13:43:33 UTC (rev 363)
@@ -12,15 +12,15 @@
<h4><a>30 September 2004</a></h4>
<p class="headline">Security Notice -- CVE CAN-2004-0815</p>
- <p>A security vulnerability has been located in Samba 2.2.x <= 2.2.11
- and Samba 3.0.x <= 3.0.5. A remote attacker may be able to gain access
- to files which exist outside of the share's defined path. Such files
- must still be readable by the account used for the connection.</p>
+ <p>A security vulnerability has been located in Samba 2.2.x <= 2.2.11
+ and Samba 3.0.x <= 3.0.5. A remote attacker may be able to gain
+ access to files which exist outside of the share's defined path. Such
+ files must still be readable by the account used for the connection.</p>
<p><a href="/samba/ftp/samba-2.2.12.tar.gz">Samba 2.2.12</a> (<a href="/samba/ftp/samba-2.2.12.tar.asc">signature</a>)
has been released to address this issue in the 2.2.x release series. A
<a href="/samba/ftp/patches/security/samba-3.0.5-reduce_name.patch">patch
- for Samba 3.0.5 and earlieri</a> (<a href="/samba/ftp/patches/security/samba-3.0.5-reduce_name.patch.asc">signature</a>)
+ for Samba 3.0.5 and earlier</a> (<a href="/samba/ftp/patches/security/samba-3.0.5-reduce_name.patch.asc">signature</a>)
is available as well.</p>
Added: trunk/news/releases/security_2.2.12.html
===================================================================
--- trunk/news/releases/security_2.2.12.html 2004-09-30 13:08:21 UTC (rev 362)
+++ trunk/news/releases/security_2.2.12.html 2004-09-30 13:43:33 UTC (rev 363)
@@ -0,0 +1,13 @@
+<h3><a name="security_2.2.12">Security Notice -- CVE CAN-2004-0815</a></h3>
+
+ <div class="article">
+ <p>A security vulnerability has been located in Samba 2.2.x <= 2.2.11 and Samba 3.0.x <= 3.0.5. A remote attacker may be able to gain access to files which exist outside of the share's defined path. Such files must still be readable by the account used for the connection.</p>
+
+ <p><a href="/samba/ftp/samba-2.2.12.tar.gz">Samba 2.2.12</a> (<a href="/samba/ftp/samba-2.2.12.tar.asc">signature</a>)
+ has been released to address this issue in the 2.2.x release series. A
+ <a href="/samba/ftp/patches/security/samba-3.0.5-reduce_name.patch">patch
+ for Samba 3.0.5 and earlier</a> (<a href="/samba/ftp/patches/security/samba-3.0.5-reduce_name.patch.asc">signature</a>)
+ is available as well.
+ </div>
+
+
Property changes on: trunk/news/releases/security_2.2.12.html
___________________________________________________________________
Name: svn:executable
+ *
More information about the samba-cvs
mailing list