[Samba] [Announce] Samba 4.1.11 and 4.0.21 Security Releases Available
Sven Schwedas
sven.schwedas at tao.at
Tue Aug 5 06:09:20 MDT 2014
It's in the signature of every mail…
On 2014-08-01 14:51, Mike at M2-Inc wrote:
> Please remove me from this distribution. I am no longer using samba and could not find where to unsubscribe.
>
> Mike
>
>> On Aug 1, 2014, at 7:32 AM, Karolin Seeger <kseeger at samba.org> wrote:
>>
>> Release Announcements
>> ---------------------
>>
>> Samba 4.1.11 and 4.0.21 have been issued as security releases in order
>> to address CVE-2014-3560 (Remote code execution in nmbd).
>>
>> For more details, please see
>> http://www.samba.org/samba/history/security.html
>>
>>
>> o CVE-2014-3560:
>> All current versions of Samba 4.x.x are vulnerable to a remote code
>> execution vulnerability in the nmbd NetBIOS name services daemon.
>>
>> A malicious browser can send packets that may overwrite the heap of
>> the target nmbd NetBIOS name services daemon. It may be possible to
>> use this to generate a remote code execution vulnerability as the
>> superuser (root).
>>
>>
>> Changes:
>> ========
>>
>> o Volker Lendecke <vl at samba.org>
>> * BUG 10735: CVE-2014-3560: Fix unstrcpy macro length.
>>
>>
>> #######################################
>> Reporting bugs & Development Discussion
>> #######################################
>>
>> Please discuss this release on the samba-technical mailing list or by
>> joining the #samba-technical IRC channel on irc.freenode.net.
>>
>> If you do report problems then please try to send high quality
>> feedback. If you don't provide vital information to help us track down
>> the problem then you will probably be ignored. All bug reports should
>> be filed under the Samba correct product in the project's Bugzilla
>> database (https://bugzilla.samba.org/).
>>
>>
>> ======================================================================
>> == Our Code, Our Bugs, Our Responsibility.
>> == The Samba Team
>> ======================================================================
>>
>> ================
>> Download Details
>> ================
>>
>> The uncompressed tarballs and patch files have been signed
>> using GnuPG (ID 6568B7EA). The source code can be downloaded
>> from:
>>
>> http://download.samba.org/samba/ftp/stable/
>>
>> The release notes are available online at:
>>
>> http://www.samba.org/samba/history/samba-4.1.11.html
>> http://www.samba.org/samba/history/samba-4.0.21.html
>>
>> Binary packages will be made available on a volunteer basis from
>>
>> http://download.samba.org/samba/ftp/Binary_Packages/
>>
>> Our Code, Our Bugs, Our Responsibility.
>> (https://bugzilla.samba.org/)
>>
>> --Enjoy
>> The Samba Team
--
Mit freundlichen Grüßen, / Best Regards,
Sven Schwedas
Systemadministrator
TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz
Mail/XMPP: sven.schwedas at tao.at | +43 (0)680 301 7167
http://software.tao.at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 648 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20140805/8f91b904/attachment.pgp>
More information about the samba
mailing list