history/samba-3.2.7.html

   1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   2     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
   3 <html xmlns="http://www.w3.org/1999/xhtml">
   4
   5 <head>
   6 <title>Samba - Release Notes Archive</title>
   7 </head>
   8
   9 <body>
  10
  11    <H2>Samba 3.2.7 Available for Download</H2>
  12
  13 <p>
  14 <pre>
  15                    ==============================
  16                    Release Notes for Samba 3.2.7
  17                          January, 05 2009
  18                    ==============================
  19
  20
  21 This is a security release in order to address <a
  22 href="/samba/security/">CVE-2009-0022</a>.
  23
  24    o CVE-2009-0022
  25      In Samba 3.2.0 to 3.2.6, in setups with registry shares enabled,
  26      access to the root filesystem ("/") is granted
  27      when connecting to a share called "" (empty string)
  28      using old versions of smbclient (before 3.0.28).
  29
  30 The original security announcement for this and past advisories can
  31 be found http://www.samba.org/samba/security/
  32
  33 ######################################################################
  34 Changes
  35 #######
  36
  37 Changes since 3.2.6
  38 -------------------
  39
  40
  41 o   Michael Adam <obnox@samba.org>
  42     * Fix for CVE-2009-0022.
  43 </pre>
  44 <p>Please refer to the original <a href="/samba/history/samba-3.2.6.html">Samba
  45 3.2.6 Release Notes</a> for more details regarding changes in
  46 previous releases.</p>
  47 </body>
  48 </html>