On Sat, 2003-03-15 at 20:21, Vincent Danen wrote: > On Sat Mar 15, 2003 at 06:58:35PM -0800, Quel Qun wrote: > > > > > Please don't let this go as is, hope is stil time: > > > > > > > > (14th Mar, 2003) Security Release - Samba 2.2.8 > > > > > > > > A flaw has been detected in the Samba main smbd code which could allow > > > > an external attacker to remotely and anonymously gain Super User (root) > > > > privileges on a server running a Samba server. This flaw exists in > > > > previous versions of Samba from 2.0.x to 2.2.7a inclusive. This is a > > > > serious problem and all sites should either upgrade to Samba 2.2.8 > > > > immediately or prohibit access to TCP ports 139 and 445. The Release > > > > Notes are available on-line. > > > > > > > > In addition to addressing this security issue, Samba 2.2.8 includes many > > > > unrelated improvements. These improvements result from our process of > > > > continuous quality assurance and code review, and are part of the Samba > > > > team's committment to excellence. > > > > > > > > > > > > Mircea C. > > > > > > It's already been taken care of. The current one for mandrake 9.1 should have > > > been pached for this already. > > Can't find anything in the changelog, though. > > And you won't. Not until you get the 9.1 ISOs or until it is updated in > cooker. I built packages for this earlier this week and they are in the 9.1 > master ISOs but because it was, at the time, non-public, it did not make it > in cooker. > Makes sense, thanks for answering.
-- _ _ _ _ | |_____| | |_/ | | / / -_) | / / | |_\_\___|_|_\_\_| @ sbcglobal.net
signature.asc
Description: This is a digitally signed message part
