Samba 4.5.10 (gzipped)
Signature
Patch (gzipped) against Samba 4.5.9
Signature
==============================
Release Notes for Samba 4.5.10
May 24, 2017
==============================
This is a security release in order to address the following defect:
o CVE-2017-7494 (Remote code execution from a writable share)
=======
Details
=======
o CVE-2017-7494:
All versions of Samba from 3.5.0 onwards are vulnerable to a remote
code execution vulnerability, allowing a malicious client to upload a
shared library to a writable share, and then cause the server to load
and execute it.
Changes since 4.5.9:
--------------------
o Volker Lendecke <vl@samba.org>
* BUG 12780: CVE-2017-7494: Avoid remote code execution from a writable
share.