[Samba] [Announce] Samba 4.1.11 and 4.0.21 Security Releases Available

Sven Schwedas sven.schwedas at tao.at
Tue Aug 5 06:09:20 MDT 2014 

It's in the signature of every mail…

On 2014-08-01 14:51, Mike at M2-Inc wrote:
> Please remove me from this distribution. I am no longer using samba and could not find where to unsubscribe. 
> 
> Mike
> 
>> On Aug 1, 2014, at 7:32 AM, Karolin Seeger <kseeger at samba.org> wrote:
>>
>> Release Announcements
>> ---------------------
>>
>> Samba 4.1.11 and 4.0.21 have been issued as security releases in order
>> to address CVE-2014-3560 (Remote code execution in nmbd).
>>
>> For more details, please see
>>  http://www.samba.org/samba/history/security.html
>>
>>
>> o  CVE-2014-3560:
>>   All current versions of Samba 4.x.x are vulnerable to a remote code
>>   execution vulnerability in the nmbd NetBIOS name services daemon.
>>
>>   A malicious browser can send packets that may overwrite the heap of
>>   the target nmbd NetBIOS name services daemon. It may be possible to
>>   use this to generate a remote code execution vulnerability as the
>>   superuser (root).
>>
>>
>> Changes:
>> ========
>>
>> o   Volker Lendecke <vl at samba.org>
>>    * BUG 10735: CVE-2014-3560: Fix unstrcpy macro length.
>>
>>
>> #######################################
>> Reporting bugs & Development Discussion
>> #######################################
>>
>> Please discuss this release on the samba-technical mailing list or by
>> joining the #samba-technical IRC channel on irc.freenode.net.
>>
>> If you do report problems then please try to send high quality
>> feedback. If you don't provide vital information to help us track down
>> the problem then you will probably be ignored.  All bug reports should
>> be filed under the Samba correct product in the project's Bugzilla
>> database (https://bugzilla.samba.org/).
>>
>>
>> ======================================================================
>> == Our Code, Our Bugs, Our Responsibility.
>> == The Samba Team
>> ======================================================================
>>
>> ================
>> Download Details
>> ================
>>
>> The uncompressed tarballs and patch files have been signed
>> using GnuPG (ID 6568B7EA).  The source code can be downloaded
>> from:
>>
>>        http://download.samba.org/samba/ftp/stable/
>>
>> The release notes are available online at:
>>
>>    http://www.samba.org/samba/history/samba-4.1.11.html
>>    http://www.samba.org/samba/history/samba-4.0.21.html
>>
>> Binary packages will be made available on a volunteer basis from
>>
>>        http://download.samba.org/samba/ftp/Binary_Packages/
>>
>> Our Code, Our Bugs, Our Responsibility.
>> (https://bugzilla.samba.org/)
>>
>>                        --Enjoy
>>                        The Samba Team

-- 
Mit freundlichen Grüßen, / Best Regards,
Sven Schwedas
Systemadministrator
TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz
Mail/XMPP: sven.schwedas at tao.at | +43 (0)680 301 7167
http://software.tao.at

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 648 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20140805/8f91b904/attachment.pgp>

More information about the samba mailing list