Samba - Release Notes Archive

It may be fetched via ftp from :

ftp://samba.org/pub/samba/samba-1.9.18p7.tar.gz

This release is a security patch fix for a security hole
reported on BugTraq by Drago. No exploit code was 
published with the report, so no immediate 'canned' 
exploit was available to an attacker

The security hole may have allowed authenticated users to
subvert security on the server by overflowing a buffer in
a filename rename operation. 

It is as yet undetermined whether the security hole is 
actually exploitable because of existing buffer overflow
checks in Samba and the limitations on available characters
in filenames on UNIX systems but the Samba Team considered the
threat of a possible security hole enough to warrant a patch
release.

The previous release 1.9.18p6, which was intended to fix the
security hole, has compile problems on several platforms, and
should not be used.

It is recommended that all sites assume that the security hole
is exploitable and upgrade to version 1.9.18p7 of Samba.

An extensive security review has taken place on the code
in this release, and all code that has potential for a
buffer overflow attack has been replaced with bounds checking
equivalent code. As always, extra checking over the code
for potential security problems is very welcome.

Binary packages will be made available for this release,
once feedback has shown this release fixes the exploit.
Offets of binary Samba packages for various systems are 
welcome and should be sent to samba-bugs@samba.org.

Without further ado, here are the release notes.

Regards,

	The Samba Team.

---------------------------------------------------------------------

          WHATS NEW IN 1.9.18p7 - May 12th 1998.
          ======================================

This is the latest stable release of Samba. This is the
version that all production Samba servers should be running
for all current bug-fixes.

This release is a security hole patch fix for a security hole reported
on BugTraq by Drago. The security hole may have allowed authenticated
users to subvert security on the server by overflowing a buffer in a
filename rename operation. It is as yet undetermined whether the
security hole is actually exploitable because of existing buffer
overflow checks in Samba and the limitations on available characters
in filenames but the Samba Team considered the threat of a possible
security hole enough to warrant an immediate patch release.

It is highly recommended that all sites assume that the security hole
is exploitable and upgrade to version 1.9.18p7 of Samba.

The previous release 1.9.18p6, which was intended to fix the
security hole, has compile problems on several platforms, and
should not be used.

If you have problems, or think you have found a bug please email 
a report to :

        samba-bugs@samba.org

As always, all bugs are our responsibility.

Regards,

        The Samba Team.