Security fix release: Samba - version 1.9.17p2.This new stable release fixes a very important security hole in all versions of Samba.
The security hole allows a remote user to obtain root access on the Samba server. A program which exploits this bug has been posted to the internet.
The security hole is only known to affect Samba servers running on Intel based hardware, and has only been demonstrated for Intel Linux. It is likley that exploits for other architectures would be very difficult but the possibility cannot be excluded completely.
This patch fixes the security hole for all platforms.
This patch also adds a routine which will log a message when a user attempts to take advantage of the security hole.
A number of other minor bugs have also been fixed in this release.
This new release may be obtained from the following URL: ftp://samba.org/pub/samba/samba-1.9.17p2.tar.gz as a GNU gzip compressed tar file. Thanks to SGI for providing the samba.org Web server hardware. RedHat rpm packaged files will be built by the Samba team, a further announcement will be provided shortly describing their availability. The samba web pages are found at : http://samba.org/ As usual, please report any bugs with this release to samba-bugs@samba.org Regards, The Samba Team.