[Samba] [ANNOUNCE] Samba 3.2.7 Available for Download

Karolin Seeger kseeger at samba.org
Mon Jan 5 09:46:08 GMT 2009 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Release Announcements
=====================


This is a security release in order to address CVE-2009-0022.

   o CVE-2009-0022
     In Samba 3.2.0 to 3.2.6, in setups with registry shares enabled,
     access to the root filesystem ("/") is granted
     when connecting to a share called "" (empty string)
     using old versions of smbclient (before 3.0.28).


The original security announcement for this and past advisories can
be found http://www.samba.org/samba/security/

######################################################################
Changes
#######

Changes since 3.2.6
- -------------------


o   Michael Adam <obnox at samba.org>
    * Fix for CVE-2009-0022.



######################################################################
Reporting bugs & Development Discussion
#######################################

Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical IRC channel on irc.freenode.net.

If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored.  All bug reports should
be filed under the Samba 3.2 product in the project's Bugzilla
database (https://bugzilla.samba.org/).


======================================================================
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
======================================================================


================
Download Details
================

The uncompressed tarballs and patch files have been signed
using GnuPG (ID 6568B7EA).  The source code can be downloaded
from:

        http://download.samba.org/samba/ftp/

The release notes are available online at:

        http://www.samba.org/samba/ftp/history/samba-3.2.7.html

Binary packages will be made available on a volunteer basis from

        http://download.samba.org/samba/ftp/Binary_Packages/

Our Code, Our Bugs, Our Responsibility.
(https://bugzilla.samba.org/)

                        --Enjoy
                        The Samba Team


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4-svn0 (GNU/Linux)

iD8DBQFJXhVRKGi9fisXk1ERAqTvAJ4iQTKVD89WATjuG6go3wXDglTw1ACgiIUe
vJ+ZMc/94JY9cCM1p6RdFGQ=
=/PRE
-----END PGP SIGNATURE-----
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba-technical mailing list