Samba - Release Notes Archive

Samba 3.5.7 Available for Download

                   =============================
                   Release Notes for Samba 3.5.7
			  February 28, 2011
                   =============================


This is a security release in order to address CVE-2011-0719.


o  CVE-2011-0719:
   All current released versions of Samba are vulnerable to
   a denial of service caused by memory corruption. Range
   checks on file descriptors being used in the FD_SET macro
   were not present allowing stack corruption. This can cause
   the Samba code to crash or to loop attempting to select
   on a bad file descriptor set.


Changes since 3.5.6:
--------------------


o   Jeremy Allison <jra@samba.org>
    * BUG 7949: Fix DoS in Winbind and smbd with many file descriptors open.