diff options
| author | vorlon <vorlon@alioth.debian.org> | 2008-06-17 19:03:14 +0000 |
|---|---|---|
| committer | vorlon <vorlon@alioth.debian.org> | 2008-06-17 19:03:14 +0000 |
| commit | 1297d18dfa95cb207e623da04b16c87779ed9816 (patch) | |
| tree | 4faa77d989ed0f818c51580b094ff318b330622d /WHATSNEW.txt | |
| parent | 2ac58e850b0da750bee42680e8a84cd44b8992b1 (diff) | |
| download | samba-1297d18dfa95cb207e623da04b16c87779ed9816.tar.gz | |
merge 3.0.30 into the debian branch... three releases late(!)
git-svn-id: svn://svn.debian.org/svn/pkg-samba/trunk/samba@1974 fc4039ab-9d04-0410-8cac-899223bdd6b0
Diffstat (limited to 'WHATSNEW.txt')
| -rw-r--r-- | WHATSNEW.txt | 43 |
1 files changed, 38 insertions, 5 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt index cdb3703933..0af6a15090 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,11 +1,46 @@ =============================== + Release Notes for Samba 3.0.30 + May 28, 2008 + =============================== + +This is a security release in order to address CVE-2008-1105 ("Boundary +failure when parsing SMB responses can result in a buffer overrun"). + + o CVE-2008-1105 + Specifically crafted SMB responses can result in a heap overflow + in the Samba client code. Because the server process, smbd, can + itself act as a client during operations such as printer notification + and domain authentication, this issue affects both Samba client + and server installations. + +The original security announcement for this and past advisories can +be found http://www.samba.org/samba/security/ + + +###################################################################### +Changes +####### + +Changes since 3.0.29 +-------------------- + +o Jeremy Allison <jra@samba.org> + * Fix for CVE-2008-1105. + + +o Karolin Seeger <kseeger@samba.org> + * Remove man pages for ldb tools not included in Samba 3.0. + + +Release notes for older releases follow: + + -------------------------------------------------- + + =============================== Release Notes for Samba 3.0.29 May 20, 2008 =============================== -This is a bug fix release of the Samba 3.0 production series and is the -version that servers should be run for for all current Samba 3.0 bug fixes. - Major bug fixes included in Samba 3.0.29 are: o Problems following domain trusts on a Samba DC. @@ -128,8 +163,6 @@ o Martin Zielinski <mz@seh.de> -Release notes for older releases follow: - -------------------------------------------------- =============================== |