[Samba] [Announce] Samba 4.6.4, 4.5.10 and 4.4.14 Available for Download

Sonic sonicsmith at gmail.com
Wed May 24 11:28:12 UTC 2017


Patch seems to be missing from v4-6-test.


On Wed, May 24, 2017 at 3:21 AM, Karolin Seeger via samba-technical
<samba-technical at lists.samba.org> wrote:
> Release Announcements
> ---------------------
>
> These are a security releases in order to address the following defect:
>
> o  CVE-2017-7494 (Remote code execution from a writable share)
>
> =======
> Details
> =======
>
> o  CVE-2017-7494:
>    All versions of Samba from 3.5.0 onwards are vulnerable to a remote
>    code execution vulnerability, allowing a malicious client to upload a
>    shared library to a writable share, and then cause the server to load
>    and execute it.
>
>
> Changes:
> --------
>
> o  Volker Lendecke <vl at samba.org>
>    * BUG 12780: CVE-2017-7494: Avoid remote code execution from a writable
>      share.
>
>
> #######################################
> Reporting bugs & Development Discussion
> #######################################
>
> Please discuss this release on the samba-technical mailing list or by
> joining the #samba-technical IRC channel on irc.freenode.net.
>
> If you do report problems then please try to send high quality
> feedback. If you don't provide vital information to help us track down
> the problem then you will probably be ignored.  All bug reports should
> be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
> database (https://bugzilla.samba.org/).
>
>
> ======================================================================
> == Our Code, Our Bugs, Our Responsibility.
> == The Samba Team
> ======================================================================
>
>
>
> ================
> Download Details
> ================
>
> The uncompressed tarballs and patch files have been signed
> using GnuPG (ID 6F33915B6568B7EA).  The source code can be downloaded
> from:
>
>         https://download.samba.org/pub/samba/stable/
>
> The release notes are available online at:
>
>         https://www.samba.org/samba/history/samba-4.6.4.html
>         https://www.samba.org/samba/history/samba-4.5.10.html
>         https://www.samba.org/samba/history/samba-4.4.14.html
>
> Our Code, Our Bugs, Our Responsibility.
> (https://bugzilla.samba.org/)
>
>                         --Enjoy
>                         The Samba Team



More information about the samba mailing list