Samba 4.6.4 (gzipped)
Signature
Patch (gzipped) against Samba 4.6.3
Signature
=============================
Release Notes for Samba 4.6.4
May 24, 2017
=============================
This is a security release in order to address the following defect:
o CVE-2017-7494 (Remote code execution from a writable share)
=======
Details
=======
o CVE-2017-7494:
All versions of Samba from 3.5.0 onwards are vulnerable to a remote
code execution vulnerability, allowing a malicious client to upload a
shared library to a writable share, and then cause the server to load
and execute it.
Changes since 4.6.3:
---------------------
o Volker Lendecke <vl@samba.org>
* BUG 12780: CVE-2017-7494: Avoid remote code execution from a writable
share.