On Sat, 2003-03-15 at 18:33, Brook Humphrey wrote: > On Saturday 15 March 2003 05:18 pm, Mircea Ciocan wrote: > > Please don't let this go as is, hope is stil time: > > > > (14th Mar, 2003) Security Release - Samba 2.2.8 > > > > A flaw has been detected in the Samba main smbd code which could allow > > an external attacker to remotely and anonymously gain Super User (root) > > privileges on a server running a Samba server. This flaw exists in > > previous versions of Samba from 2.0.x to 2.2.7a inclusive. This is a > > serious problem and all sites should either upgrade to Samba 2.2.8 > > immediately or prohibit access to TCP ports 139 and 445. The Release > > Notes are available on-line. > > > > In addition to addressing this security issue, Samba 2.2.8 includes many > > unrelated improvements. These improvements result from our process of > > continuous quality assurance and code review, and are part of the Samba > > team's committment to excellence. > > > > > > Mircea C. > > It's already been taken care of. The current one for mandrake 9.1 should have > been pached for this already. Can't find anything in the changelog, though. -- _ _ _ _ | |_____| | |_/ | | / / -_) | / / | |_\_\___|_|_\_\_| @ sbcglobal.net
signature.asc
Description: This is a digitally signed message part
