From 4e25072de62595b491acf3f5003b309f8b22a78b Mon Sep 17 00:00:00 2001
From: Karolin Seeger <kseeger@samba.org>
Date: Wed, 30 Sep 2009 13:55:33 +0200
Subject: WHATSNEW: Update release notes.

Karolin
(cherry picked from commit 802d964da98628b1d243fdd766cf0c86ae287713)
---
 WHATSNEW.txt | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 4fee0cf7273..50acbbc7df2 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,10 +1,11 @@
                    ==============================
                    Release Notes for Samba 3.2.15
-			 September 29, 2009
+			   October 1, 2009
                    ==============================
 
 
-s is a security release in order to address CVE-2009-2813 and CVE-2009-2948.
+This is a security release in order to address CVE-2009-2813, CVE-2009-2948
+and CVE-2009-2906.
 
    o CVE-2009-2813:
      In all versions of Samba later than 3.0.11, connecting to the home
@@ -18,6 +19,10 @@ s is a security release in order to address CVE-2009-2813 and CVE-2009-2948.
      then use the --verbose option to view the first line of that file.
      All known Samba versions are affected.
 
+   o CVE-2009-2906:
+     Specially crafted SMB requests on authenticated SMB connections can
+     send smbd into a 100% CPU loop, causing a DoS on the Samba server.
+
 
 ######################################################################
 Changes
@@ -29,6 +34,7 @@ Changes since 3.2.14
 
 o   Jeremy Allison <jra@samba.org>
     * BUG 6763: Fix for CVE-2009-2813.
+    * BUG 6768: Fix for CVE-2009-2906.
 
 
 o   Jeff Layton <jlayton@redhat.com>
-- 
cgit