diff options
| author | Karolin Seeger <kseeger@samba.org> | 2010-03-08 20:52:56 +0100 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2010-03-08 20:52:56 +0100 |
| commit | bdad63514f345a10774dade1746072312ed140c1 (patch) | |
| tree | bd56ac6659685b4c8bb4d2c10eb3c405177625c7 | |
| parent | df5a5630a795f57a71d3b9e0f68ba104bc289982 (diff) | |
| download | samba-bdad63514f345a10774dade1746072312ed140c1.tar.gz samba-bdad63514f345a10774dade1746072312ed140c1.tar.xz samba-bdad63514f345a10774dade1746072312ed140c1.zip | |
WHATSNEW: Prepare release notes for Samba 3.4.7.
Karolin
| -rw-r--r-- | WHATSNEW.txt | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 28f1812a8a0..80589c77a75 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,23 +1,28 @@ ============================= Release Notes for Samba 3.4.7 - , 2010 + March 8, 2010 ============================= -This is the latest stable release of Samba 3.4. +This is a security release in order to address CVE-2010-0728. -Major enhancements in Samba 3.4.7 include: - o +o CVE-2010-0728: + In Samba releases 3.5.0, 3.4.6 and 3.3.11, new code + was added to fix a problem with Linux asynchronous IO handling. + This code introduced a bad security flaw on Linux platforms if the + binaries were built on Linux platforms with libcap support. + The flaw caused all smbd processes to inherit CAP_DAC_OVERRIDE + capabilities, allowing all file system access to be allowed + even when permissions should have denied access. -###################################################################### -Changes -####### -Changes since 3.4.6 +Changes since 3.5.0 ------------------- +o Jeremy Allison <jra@samba.org> + * BUG 7222: Fix for CVE-2010-0728. ###################################################################### |