It may be fetched via ftp from : ftp://samba.org/pub/samba/samba-1.9.18p7.tar.gz This release is a security patch fix for a security hole reported on BugTraq by Drago. No exploit code was published with the report, so no immediate 'canned' exploit was available to an attacker The security hole may have allowed authenticated users to subvert security on the server by overflowing a buffer in a filename rename operation. It is as yet undetermined whether the security hole is actually exploitable because of existing buffer overflow checks in Samba and the limitations on available characters in filenames on UNIX systems but the Samba Team considered the threat of a possible security hole enough to warrant a patch release. The previous release 1.9.18p6, which was intended to fix the security hole, has compile problems on several platforms, and should not be used. It is recommended that all sites assume that the security hole is exploitable and upgrade to version 1.9.18p7 of Samba. An extensive security review has taken place on the code in this release, and all code that has potential for a buffer overflow attack has been replaced with bounds checking equivalent code. As always, extra checking over the code for potential security problems is very welcome. Binary packages will be made available for this release, once feedback has shown this release fixes the exploit. Offets of binary Samba packages for various systems are welcome and should be sent to samba-bugs@samba.org. Without further ado, here are the release notes. Regards, The Samba Team. --------------------------------------------------------------------- WHATS NEW IN 1.9.18p7 - May 12th 1998. ====================================== This is the latest stable release of Samba. This is the version that all production Samba servers should be running for all current bug-fixes. This release is a security hole patch fix for a security hole reported on BugTraq by Drago. The security hole may have allowed authenticated users to subvert security on the server by overflowing a buffer in a filename rename operation. It is as yet undetermined whether the security hole is actually exploitable because of existing buffer overflow checks in Samba and the limitations on available characters in filenames but the Samba Team considered the threat of a possible security hole enough to warrant an immediate patch release. It is highly recommended that all sites assume that the security hole is exploitable and upgrade to version 1.9.18p7 of Samba. The previous release 1.9.18p6, which was intended to fix the security hole, has compile problems on several platforms, and should not be used. If you have problems, or think you have found a bug please email a report to : samba-bugs@samba.org As always, all bugs are our responsibility. Regards, The Samba Team.