+ =============================
+ Release Notes for Samba 4.0.4
+ March 19, 2013
+ =============================
+
+
+This is a security release in order to address CVE-2013-1863
+(World-writeable files may be created in additional shares on a
+Samba 4.0 AD DC).
+
+o CVE-2013-1863:
+ Administrators of the Samba 4.0 Active Directory Domain
+ Controller might unexpectedly find files created world-writeable
+ if additional CIFS file shares are created on the AD DC.
+ Samba versions 4.0.0rc6 - 4.0.3 (inclusive) are affected by this
+ defect.
+
+
+Changes since 4.0.3:
+--------------------
+
+o Andrew Bartlett <abartlet@samba.org>
+ * BUG 9709: CVE-2013-1863: Remove forced set of 'create mask' to 0777.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.6 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+Release notes for older releases follow:
+----------------------------------------
+
=============================
Release Notes for Samba 4.0.3
February 05, 2013
== The Samba Team
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+
+----------------------------------------------------------------------
+
=============================
Release Notes for Samba 4.0.2
git.samba.org / samba.git / commitdiff