May 14, 2007 Alexander Bokovoy 3.0.25-alt1
- New release
- Security fixes for CVE-2007-2444, CVE-2007-2446, and CVE-2007-2447:
+ CVE-2007-2444
Versions: Samba 3.0.23d - 3.0.25pre2
Local SID/Name translation bug can result in user privilege elevation
+ CVE-2007-2446
Versions: Samba 3.0.0 - 3.0.24
Multiple heap overflows allow remote code execution
+ CVE-2007-2447
Versions: Samba 3.0.0 - 3.0.24
Unescaped user input parameters are passed as
arguments to /bin/sh allowing for remote command
execution
- Removed:
+ smbwrapper, as it is not supported anymore
- Fixed:
+ python build w.r.t. -pie