============================= Release Notes for Samba 4.0.4 March 19, 2013 ============================= This is a security release in order to address CVE-2013-1863 (World-writeable files may be created in additional shares on a Samba 4.0 AD DC). o CVE-2013-1863: Administrators of the Samba 4.0 Active Directory Domain Controller might unexpectedly find files created world-writeable if additional CIFS file shares are created on the AD DC. Samba versions 4.0.0rc6 - 4.0.3 (inclusive) are affected by this defect. Changes since 4.0.3: -------------------- o Andrew Bartlett <abartlet@samba.org> * BUG 9709: CVE-2013-1863: Remove forced set of 'create mask' to 0777.