[SCM] Samba Website Repository - branch master updated

Lars Müller lmuelle at samba.org
Tue Apr 2 11:21:59 MDT 2013 

The branch, master has been updated
       via  f548787 Link CVE-2013-0454 and add it to the history
      from  1b2389d Add html header and footer

http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit f5487872506be97f3ba7a299fbc5c6a80d3d321d
Author: Lars Müller <lars at samba.org>
Date:   Tue Apr 2 19:21:52 2013 +0200

    Link CVE-2013-0454 and add it to the history

-----------------------------------------------------------------------

Summary of changes:
 generated_news/latest_10_bodies.html    |   23 +++++++++++------------
 generated_news/latest_10_headlines.html |    4 ++--
 generated_news/latest_2_bodies.html     |   22 ++++++++++------------
 history/header_history.html             |    1 +
 history/security.html                   |   12 ++++++++++++
 security/CVE-2013-0454.html             |    8 ++++++--
 6 files changed, 42 insertions(+), 28 deletions(-)


Changeset truncated at 500 lines:

diff --git a/generated_news/latest_10_bodies.html b/generated_news/latest_10_bodies.html
index a7755ea..bf82fcb 100644
--- a/generated_news/latest_10_bodies.html
+++ b/generated_news/latest_10_bodies.html
@@ -1,3 +1,14 @@
+	<h5><a name="CVE-2013-0454">02 April 2013</a></h5>
+	<p class="headline">Samba 3.6.0 - 3.6.5 (inclusive) bug fix Available for Download</p>
+
+<p>This is a <b>bug fix announcement</b> in order to address <a
+href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0454">
+CVE-2013-0454</a> (A writable configured share might get read only</p>
+<p>A <a href=http://ftp.samba.org/pub/samba/patches/security/samba-3.6-CVE-2013-0454.patch">
+patch against Samba 3.6.5</a>.
+The patch file has been signed using GnuPG (ID 6568B7EA).
+
+
 	<h5><a name="4.0.4">19 March 2013</a></h5>
 	<p class="headline">Samba 4.0.4 Available for Download</p>
 
@@ -128,15 +139,3 @@ now</a>. A <a href="http://samba.org/samba/ftp/patches/patch-3.5.19-3.5.20.diffs
 patch against Samba 3.5.19</a> is also available. See
 <a href="http://samba.org/samba/history/samba-3.5.20.html">
 the release notes for more info</a>.</p>
-
-	<h5><a name="4.0.0">11 December 2012</a></h5>
-	<p class="headline">Samba 4.0.0 Available for Download</p>
-	<p>This is the first stable release of the Samba 4.0 series.</p>
-
-<p>The uncompressed tarballs and patch files have been signed
-using GnuPG (ID 6568B7EA).  The source code can be
-<a href="http://samba.org/samba/ftp/stable/samba-4.0.0.tar.gz">downloaded
-now</a>. See <a href="http://samba.org/samba/history/samba-4.0.0.html">
-the release notes for more info</a> and the
-<a href= "https://www.samba.org/samba/news/releases/4.0.0.html">
-press release</a>.</p>
diff --git a/generated_news/latest_10_headlines.html b/generated_news/latest_10_headlines.html
index be4dd41..4416ab1 100644
--- a/generated_news/latest_10_headlines.html
+++ b/generated_news/latest_10_headlines.html
@@ -1,4 +1,6 @@
 <ul>
+	<li> 02 April 2013 <a href="#CVE-2013-0454">Samba 3.6.0 - 3.6.5 (inclusive) bug fix Available for Download</a></li>
+
 	<li> 19 March 2013 <a href="#4.0.4">Samba 4.0.4 Available for Download</a></li>
 
 	<li> 18 March 2013 <a href="#3.6.13">Samba 3.6.13 Available for Download</a></li>
@@ -16,6 +18,4 @@
 	<li> 17 December 2012 <a href="#3.5.20">Samba 3.5.20 Available for Download</a></li>
 
 	<li> 11 December 2012 <a href="#4.0.0">Samba 4.0.0 Available for Download</a></li>
-
-	<li> 10 December 2012 <a href="#3.6.10">Samba 3.6.10 Available for Download</a></li>
 </ul>
diff --git a/generated_news/latest_2_bodies.html b/generated_news/latest_2_bodies.html
index 4cf9b5e..cbc581c 100644
--- a/generated_news/latest_2_bodies.html
+++ b/generated_news/latest_2_bodies.html
@@ -1,3 +1,13 @@
+	<h5><a name="CVE-2013-0454">02 April 2013</a></h5>
+	<p class="headline">Samba 3.6.0 - 3.6.5 (inclusive) bug fix Available for Download</p>
+
+<p>This is a <b>bug fix announcement</b> in order to address <a
+href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0454">
+CVE-2013-0454</a> (A writable configured share might get read only</p>
+<p>A <a href=http://ftp.samba.org/pub/samba/patches/security/samba-3.6-CVE-2013-0454.patch">
+patch against Samba 3.6.5</a>.
+The patch file has been signed using GnuPG (ID 6568B7EA).
+
 	<h5><a name="4.0.4">19 March 2013</a></h5>
 	<p class="headline">Samba 4.0.4 Available for Download</p>
 
@@ -12,15 +22,3 @@ now</a>.  A <a href="http://download.samba.org/samba/ftp/patches/patch-4.0.3-4.0
 patch against Samba 4.0.3</a> is also available. See
 <a href="http://samba.org/samba/history/samba-4.0.4.html">
 the release notes for more info</a>.</p>
-
-	<h5><a name="3.6.13">18 March 2013</a></h5>
-	<p class="headline">Samba 3.6.13 Available for Download</p>
-	<p>This is the latest stable release of the Samba 3.6 series.</p>
-
-<p>The uncompressed tarballs and patch files have been signed
-using GnuPG (ID 6568B7EA).  The source code can be
-<a href="http://samba.org/samba/ftp/stable/samba-3.6.13.tar.gz">downloaded
-now</a>. A <a href="http://samba.org/samba/ftp/patches/patch-3.6.12-3.6.13.diffs.gz">
-patch against Samba 3.6.12</a> is also available.
-See <a href="http://samba.org/samba/history/samba-3.6.13.html">
-the release notes for more info</a>.</p>
diff --git a/history/header_history.html b/history/header_history.html
index f1f8b02..6957046 100755
--- a/history/header_history.html
+++ b/history/header_history.html
@@ -9,6 +9,7 @@
 		<li><a href="/samba/history/">Release Notes</a>
 		<li class="navSub">
 			<ul>
+			<li><a href="/samba/security/CVE-2013-0454.html">CVE-2013-0454</a></li>
 			<li><a href="samba-4.0.4.html">samba-4.0.4</a></li>
 			<li><a href="samba-4.0.3.html">samba-4.0.3</a></li>
 			<li><a href="samba-4.0.2.html">samba-4.0.2</a></li>
diff --git a/history/security.html b/history/security.html
index dbbfe99..e75a263 100755
--- a/history/security.html
+++ b/history/security.html
@@ -22,6 +22,18 @@ link to full release notes for each release.</p>
       </tr>
 
     <tr>
+	<td>02 Apr 2013</td>
+	<td><a href="/samba/ftp/patches/security/samba-3.6-CVE-2013-0454.patch">
+	patch for Samba 3.6.5</a>
+	<td>A writable configured share might get read only</td>
+	<td>3.6.0 - 3.6.5 (inclusive)</td>
+	<td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0454">CVE-2013-0454</a>
+	</td>
+	<td><a href="/samba/security/CVE-2013-0454">Announcement</a>
+	</td>
+    </tr>
+
+    <tr>
 	<td>19 Mar 2013</td>
 	<td><a href="/samba/ftp/patches/security/samba-4.0.3-CVE-2013-1863.patch">
 	patch for Samba 4.0.3</a>
diff --git a/security/CVE-2013-0454.html b/security/CVE-2013-0454.html
index 6198449..d13bdd1 100644
--- a/security/CVE-2013-0454.html
+++ b/security/CVE-2013-0454.html
@@ -37,8 +37,12 @@ is a re-evaluation of an already fixed bug.
 Workaround
 ==========
 
-Update to 3.6.6 or apply
-http://git.samba.org/?p=samba.git;a=commit;h=15a423bf373a8116a0de7a627eaaea3932541e88
+Update to 3.6.6 and higher or apply the following patch
+http://ftp.samba.org/pub/samba/patches/security/samba-3.6-CVE-2013-0454.patch
+
+The file samba-3.6-CVE-2013-0454.patch.asc from the same directory
+allows gpg verification as described in the general download
+description at https://www.samba.org/samba/download/
 
 ==================
 Patch Availability


-- 
Samba Website Repository

More information about the samba-cvs mailing list